www.rebelnews.com Open in urlscan Pro
2606:4700:7::a29f:8a2c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Submission: On September 13 via manual (September 13th 2023, 7:08:24 pm UTC) from US — Scanned from DE

Summary HTTP 463 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 25 domains to perform 463 HTTP transactions. The main IP is 2606:4700:7::a29f:8a2c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rebelnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 5th 2022. Valid for: a year.

This is the only time www.rebelnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	2606:4700:7::... 2606:4700:7::a29f:8a2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
14	2606:4700:7::... 2606:4700:7::a29f:802d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:225... 2600:9000:225e:1a00:19:eb8b:91c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	18.165.227.24 18.165.227.24	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
66	99.86.4.99 99.86.4.99	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
18	23.22.52.7 23.22.52.7	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
5 15	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:24d... 2600:9000:24dd:200:5:2cea:4ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3 9	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
10	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400c:c00::5c	15169 (GOOGLE) (GOOGLE)
33	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
8	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
3	54.76.53.164 54.76.53.164	16509 (AMAZON-02) (AMAZON-02)
91	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
10	34.216.188.66 34.216.188.66	16509 (AMAZON-02) (AMAZON-02)
36	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
463	40

22 2606:4700:7::a29f:8a2c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.rebelnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.nationbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:7::a29f:802d (United States)

ASN13335 (CLOUDFLARENET, US)

therebel.nationbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:1a00:19:eb8b:91c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.inplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

rebelnewscss-1756d.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.165.227.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-227-24.lhr61.r.cloudfront.net

d3n8a8pro7vhmx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 99.86.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 23.22.52.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-52-7.compute-1.amazonaws.com

fundist-rebel-news.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:24dd:200:5:2cea:4ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

services.inplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:3b8 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.76.53.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-53-164.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

91 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.216.188.66 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-188-66.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
203	stripe.com js.stripe.com — Cisco Umbrella Rank: 1526 q.stripe.com — Cisco Umbrella Rank: 9326 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 6475 r.stripe.com — Cisco Umbrella Rank: 4988 m.stripe.com — Cisco Umbrella Rank: 1429	3 MB
58	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2787 www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2994 play.google.com — Cisco Umbrella Rank: 40	1 MB
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 152	481 KB
30	nationbuilder.com therebel.nationbuilder.com assets.nationbuilder.com — Cisco Umbrella Rank: 123024	12 MB
29	gstatic.com fonts.gstatic.com www.gstatic.com	690 KB
18	herokuapp.com fundist-rebel-news.herokuapp.com	2 MB
17	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	202 KB
11	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1183 www.googleadservices.com — Cisco Umbrella Rank: 151	607 B
9	cloudflare.com 3 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5544	32 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56 ajax.googleapis.com — Cisco Umbrella Rank: 419	38 KB
8	stripe.network m.stripe.network — Cisco Umbrella Rank: 1625	65 KB
6	rebelnews.com 1 redirects www.rebelnews.com	25 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	284 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 117	216 B
4	inplayer.com assets.inplayer.com — Cisco Umbrella Rank: 484620 services.inplayer.com — Cisco Umbrella Rank: 621662	1 MB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	254 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1154 syndication.twitter.com — Cisco Umbrella Rank: 1386	132 KB
3	cloudfront.net d3n8a8pro7vhmx.cloudfront.net	14 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	91 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5677	562 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44	21 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 364	2 KB
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3751	71 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1118	7 KB
1	kxcdn.com rebelnewscss-1756d.kxcdn.com	143 KB
463	25

	Domain	Requested by
91	r.stripe.com	js.stripe.com
66	js.stripe.com	assets.inplayer.com fundist-rebel-news.herokuapp.com js.stripe.com
36	play.google.com	www.gstatic.com
33	q.stripe.com	www.rebelnews.com
28	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	fundist-rebel-news.herokuapp.com	www.rebelnews.com fundist-rebel-news.herokuapp.com
16	www.gstatic.com	googleads.g.doubleclick.net pay.google.com www.gstatic.com
16	assets.nationbuilder.com	www.rebelnews.com fundist-rebel-news.herokuapp.com
15	googleads.g.doubleclick.net	5 redirects www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net
14	therebel.nationbuilder.com	www.rebelnews.com
13	fonts.gstatic.com	fonts.googleapis.com
13	pagead2.googlesyndication.com	www.rebelnews.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	pay.google.com	js.stripe.com pay.google.com www.rebelnews.com www.gstatic.com
10	m.stripe.com	m.stripe.network
10	www.googleadservices.com	www.rebelnews.com googleads.g.doubleclick.net
9	challenges.cloudflare.com	3 redirects fundist-rebel-news.herokuapp.com challenges.cloudflare.com
8	m.stripe.network	js.stripe.com m.stripe.network
8	www.google.com	1 redirects www.rebelnews.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	fonts.googleapis.com	www.rebelnews.com fundist-rebel-news.herokuapp.com googleads.g.doubleclick.net
6	www.rebelnews.com	1 redirects www.rebelnews.com static.cloudflareinsights.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	www.facebook.com	connect.facebook.net www.rebelnews.com
3	merchant-ui-api.stripe.com	js.stripe.com
3	www.googletagmanager.com	www.rebelnews.com www.googletagmanager.com www.google-analytics.com
3	d3n8a8pro7vhmx.cloudfront.net	www.rebelnews.com rebelnewscss-1756d.kxcdn.com
3	connect.facebook.net	www.rebelnews.com connect.facebook.net
2	www.google.de	www.rebelnews.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	services.inplayer.com	assets.inplayer.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	platform.twitter.com	www.rebelnews.com platform.twitter.com
2	assets.inplayer.com	www.rebelnews.com assets.inplayer.com
2	cdn.jsdelivr.net	www.rebelnews.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	syndication.twitter.com	platform.twitter.com
1	netdna.bootstrapcdn.com	rebelnewscss-1756d.kxcdn.com
1	static.cloudflareinsights.com	www.rebelnews.com
1	ajax.googleapis.com	www.rebelnews.com
1	rebelnewscss-1756d.kxcdn.com	www.rebelnews.com
463	40

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
rumble.com
odysee.com
rebelne.ws
www.nytimes.com
nationbuilder.com
www.linkedin.com
www.reddit.com

Subject Issuer	Validity	Valid
www.rebelnews.com Cloudflare Inc ECC CA-3	`2022-12-05` - `2023-12-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
nationbuilder.com Cloudflare Inc ECC CA-3	`2022-11-21` - `2023-11-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
inplayer.com Amazon RSA 2048 M02	`2023-04-25` - `2024-05-23`	a year	crt.sh
*.kxcdn.com Thawte TLS RSA CA G1	`2023-06-23` - `2024-07-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-23` - `2023-09-21`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-07-31` - `2023-11-30`	4 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.herokuapp.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-08-01` - `2023-11-02`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-31` - `2023-10-26`	3 months	crt.sh

This page contains 48 frames:

Primary Page: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Frame ID: 25464F501D7DA936C767863BADB3CCE4
Requests: 77 HTTP requests in this frame

Frame: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Frame ID: 1142B8B2F8BF6D8CC5021424E15F5962
Requests: 11 HTTP requests in this frame

Frame: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Frame ID: 0518CF674536C1E7032B270E13B987C6
Requests: 11 HTTP requests in this frame

Frame: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Frame ID: 7B17B56BA2257501B0C0EFFFFFA7450F
Requests: 17 HTTP requests in this frame

Frame: https://www.rebelnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js
Frame ID: 1AE23CEEF29681A315EE7E658928953D
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.rebelnews.com
Frame ID: 09C88A2C3C1F77DB6E15B740F0662D29
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230912/r20190131/zrt_lookup.html
Frame ID: A6473248789DDF3FAE71B16AF3B3DAD4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&adk=1812271804&adf=3025194257&lmt=1694624899&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099057&bpp=6&bdt=1286&idt=419&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6700700931286&frm=20&pv=2&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=447
Frame ID: 17ADB8092848A7F958F978A7B8542E55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=4094357509&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099063&bpp=2&bdt=1292&idt=446&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bS2w8iukHd&p=https%3A//www.rebelnews.com&dtd=502
Frame ID: B6089F4DC2095864105DE39A9AFB2E9D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099065&bpp=1&bdt=1293&idt=517&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oP5PSe0o74&p=https%3A//www.rebelnews.com&dtd=520
Frame ID: 066F02F84DE034485C8E9A72AE718640
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099066&bpp=1&bdt=1295&idt=522&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=F0JeRbpBuO&p=https%3A//www.rebelnews.com&dtd=526
Frame ID: F826BEC5367B0358D59D40062B2404FA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1694624899&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099067&bpp=1&bdt=1295&idt=534&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=6OPreACOrb&p=https%3A//www.rebelnews.com&dtd=537
Frame ID: C7D88ED3348A274E8F64554A4D29E706
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099068&bpp=1&bdt=1297&idt=542&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=pm9QD4DMia&p=https%3A//www.rebelnews.com&dtd=544
Frame ID: 3E3BE0B3392E231822A943311AB7DA0D
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 2268D61C65562D13A0C38616E3BB1DE7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5B67E13DD2791692E29E002D5F115B14
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 8B5C9CACA1784D32A28B6AA5299D1CC1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 26F37AEE5BD23E010E3236E6A49F39DB
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html
Frame ID: B5444B591877811ACED302E6484D3024
Requests: 35 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html
Frame ID: 2A8F38962410F7D232EF80F8B3632801
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html
Frame ID: 50711C0859A644A75DC0B3833C65A227
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: A55E2092340CAA65115ACBAE62AB7B4C
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html
Frame ID: 38C1EECF1A09778E9018E52C180548A3
Requests: 35 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html
Frame ID: 2D06671B47544C5C3DDBBCB1EDD92632
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html
Frame ID: 02A503E9D1DCBF4D90A5C2C6C20F8911
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: F6431D7FC2A13CE49571E21EA8EBD7A6
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html
Frame ID: 241EDE7FCF91A434435A5A40B72B4273
Requests: 39 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html
Frame ID: 52C46DA445637AE2680D488869693308
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html
Frame ID: 23C6EE28D21C04ABF4D2BD404FC079E7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: FD6A0754AAB0F7906F95FF35F5DF3F32
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/11nrn/0x4AAAAAAAFOVi49vcUYvHAT/auto/normal
Frame ID: FBB76F8D3DA16D2E55A5E92DCF40F85D
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yofx9/0x4AAAAAAAFOVi49vcUYvHAT/auto/normal
Frame ID: 804F371009C8F8B94138AFEF228567F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 5447AE9BE8C4D0CA08AEFA395A7EA186
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/7puij/0x4AAAAAAAFOVi49vcUYvHAT/auto/normal
Frame ID: 0CB7C78B48E8C35698D0A630733187FA
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 226DC23C6A67D3324399E588835D961B
Requests: 6 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 1492EA658FE48D26C27B3E0DAB76979E
Requests: 6 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: BE42ED5C25AF05CA8B1BE23BB5045A4E
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 04F4794188C1C097992AA0C821CA31EC
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: E61CA59D0782C25AF176FA0E85D08E1B
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: B7EEBB7F7281F1B3D981AD65B828BF55
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: D5BA58087440894DD594AF28043DC119
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 4F5616E72FEA10B3D963211EE413877B
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v17.0/plugins/comments.php?app_id=126739610711965&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2cfa6e69069478%26domain%3Dwww.rebelnews.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rebelnews.com%252Ff2902870e386ac%26relation%3Dparent.parent&container_width=766&height=100&href=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&locale=en_US&sdk=joey&version=v17.0&width=
Frame ID: 7F3F4EF7A1B507C9B7A86681ACA264F2
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A0335989C71737D7A56D3A3481575CC4
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
Frame ID: FCDEBCE609EB91064C281546244ABDD8
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
Frame ID: 7FF468D5C7A344C246D7721C5B55A975
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
Frame ID: 7AC3361C3BFFF5474FEED3C9B8B39CA7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 57C86DAC7C54A2B850BCD7B70A163344
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C8D2198AE8DCF02E10669170D48FE230
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Joe Biden ‘stunned’ and ‘plunged into sadness’ over potential indictment of Hunter - Rebel News

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

463
Requests

98 %
HTTPS

74 %
IPv6

25
Domains

40
Subdomains

40
IPs

5
Countries

22093 kB
Transfer

44449 kB
Size

19
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/811793512220923

Search URL Search Domain Scan URL

URL: https://twitter.com/RebelNewsOnline

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/RebelMediaTV?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.instagram.com/news.rebel/

Search URL Search Domain Scan URL

URL: https://rumble.com/c/RebelNews

Search URL Search Domain Scan URL

URL: https://odysee.com/@RebelNews:9

Search URL Search Domain Scan URL

URL: https://rebelne.ws/3EAZIJI

Search URL Search Domain Scan URL

URL: http://rebelne.ws/crypto
Title: Crypto

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/09/10/us/politics/joe-biden-hunter-relationship.html
Title: reported

Search URL Search Domain Scan URL

URL: https://nationbuilder.com/
Title: NationBuilder

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&text=Joe%20Biden%20%E2%80%98stunned%E2%80%99%20and%20%E2%80%98plunged%20into%20sadness%E2%80%99%20over%20potential%20indictment%20of%20Hunter&via=RebelNewsOnline

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&title=Joe%20Biden%20%E2%80%98stunned%E2%80%99%20and%20%E2%80%98plunged%20into%20sadness%E2%80%99%20over%20potential%20indictment%20of%20Hunter%20-%20Rebel%20News&summary=Documents%20made%20public%20last%20week%20indicate%20that%20David%20Weiss%20has%20plans%20to%20bring%20forward%20an%20indictment%20against%20Hunter%20Biden%20by%20the%20end%20of%20this%20month.

Search URL Search Domain Scan URL

URL: http://www.reddit.com/submit?url=https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&title=Joe%20Biden%20%E2%80%98stunned%E2%80%99%20and%20%E2%80%98plunged%20into%20sadness%E2%80%99%20over%20potential%20indictment%20of%20Hunter%20-%20Rebel%20News

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://www.rebelnews.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.rebelnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js

Request Chain 74

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=onloadTurnstileCallback HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/0cecfec7/api.js?render=explicit&onload=onloadTurnstileCallback

Request Chain 78

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=onloadTurnstileCallback HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/0cecfec7/api.js?render=explicit&onload=onloadTurnstileCallback

Request Chain 114

https://googleads.g.doubleclick.net/pagead/adview?ai=CQm1yowgCZbPbKY676gTh1InwAbSMp79x78SHi-8Ov-EeEAEgrLidJGCV-vCBjAegAfD27pEDyAEJqQL1xAR7TQOyPqgDAcgDywSqBM4CT9A3i6r6EB4UnfCpPm8IZTA1Id6CA8NZOXdOZmky3W5P5UHEdzUaktMXBYLFkEgtCjYr4LJlG3KU6awr-aBaetQA7n6uvcn_zpUElmdnwFversGiOkE61brDmfAEdZFFPamWZ40SgAQyoI4cAK88hlsPEFzZDBMmRwtUl5OTb9s9iilAHa0gq-nN4NCSR-CpGfw3-luZaJU8sEQoZ_BGx5Ljf4bDur94pq6XewCllLMSARIolbP2STT4KFzpOY1qyDXW3OQoJp6okzuZCk9Uwqonvrr-tSsWpSTYjIrA3OAjvUrw1iDpXh6fecYrXw9-SpUt_Ysn2eFcNqohAyWJyUvUCFc7vlJf4KAwbxR1yWgyfe87NnsiyUddrTsqq6R7kCUIWeh7hYaW56WS1957XcdJ9PpYorCZE0vIOwG_ZsxjmLmCOfLVwSc45jpTh8AE3OzYu4sDiAXj6q2KKJIFBAgEGAGSBQQIBRgEoAYugAf4iJFuqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ090K0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJOmh0dHBzOi8vd3d3LmFmaWxpby5kZS9sL3BhdGllbnRlbnZlcmZ1ZWd1bmctZXJzdGVsbGVuLTIwMjOACgHICwHYEwyIFBTQFQGAFwGyFxwKGggAEhRwdWItMjk3MTkxODc5MTA5NzEyNBgA&sigh=hqTmnzPD0jY&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWNTRldtu0rgfj4bd5sXyStdYJnKVVb7oEwCwehht2RYhPJWkbGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214112337710376102449%22,%22debug_reporting%22:true,%22destination%22:%22https://afilio.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22842775408%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222798418265039503825%22}&andc=true

Request Chain 117

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=onloadTurnstileCallback HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/0cecfec7/api.js?render=explicit&onload=onloadTurnstileCallback

Request Chain 157

https://googleads.g.doubleclick.net/pagead/adview?ai=CyB7UowgCZb6aJ-Sa78EP7MYG_66T8HHOr5DuqA-_4R4QASCsuJ0kYJX68IGMB6AB9-um7QPIAQmpAvXEBHtNA7I-qAMByAPLBKoE0QJP0Nzh6rU2WjdBnT4TAHZ6648sx0hDOzIqpHDBT0-cciZY4TW8nRxbhNCCJGd6uxxRXTvtxabi3DpnAwYCUJ-9SmqPKNgvuC-R90lCgHa0zkuSL1eLMMUyWh7UQ7WykLKK9qjUHEyfB_FaMTwwBECYsZVW1QwA8Cjp0QbO3rVQrSK7-uqRtpJln0lHGmwovE1YNXEyDEEjwcT4wGEogEztgWIM8OZZmfz8hNkigbpJLB6RsE9Ap9yAPdMdWyFZiIYf73SNKkbr23TmcF1PecXBb_AT9Txan8eKKFLG23olEE244HpzxO2BvqHg_YyJdaVUAVGaOsPsJsxeEFxdtz3ucrgR7jtvaV0Yq2hTnHyPVCY5g5XVlngSZYPKOM_xNviOAdKWqDDnH7FBJqrQ2ttybP0Q22ne_NNhcIx_rqxx6jpUbjIj_n78vgp6QJScoTBXwAT1tqXClwKIBfi2j9MHkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_GT2RKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCHmyHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgk1aHR0cHM6Ly93d3cua3JvZnRtYW4uY29tL2RlLWRlL2thdGVnb3JpZS9sYWdlcmhhbGxlbi-ACgHICwHYEw2IFAXQFQGYFgGAFwGyFxwKGggAEhRwdWItMjk3MTkxODc5MTA5NzEyNBgA&sigh=h8elzNgnMrw&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWu0aDLFN-sHQ0z0VLJlnMO3dxfbxOSRDv7pifEXp0_JA-pVCnGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225117928578898382557%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221034532343%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226814509647235021601%22}&andc=true

Request Chain 166

https://googleads.g.doubleclick.net/pagead/adview?ai=CJoVaowgCZfbGJ9fU6gSS7JLYDeOV2Ppy0_rnzI4Sv-EeEAEgrLidJGCV-vCBjAegAYeDv_cDyAECqAMByAPJBKoE0gJP0FzHQpbM5w1FJxBMZ1Pqf4yii2iZfr0ux-hp2vDlgcxG3BIamY4TSXblYLaLFCuz3HvZjBxzCNI6VIPJ-BRC8_o9wEbQ-ndMtMJH2ETRfB638Zz6gnFoezLEOlwxn28_lk62VI_y4oISHN0JyNUYz7kDSrkJrBGBuQLOZKoTaox_SplpwJPIIK1v4BKeeBKAolJXF5CVs8ytDUGX_NqXEi3RqDBX0Y3_XyEMv3Tswk2h1cPi4Pfl1z3fMNk5IK6BKQLLrc0NbPsn4jp_QKmvEtUhbgjYR8dBU_SEmak_Yj6MD0-nwmvQWxWTgJlBww6Ljwv9-jYc1u_Lab1j_FXKLFhqBI9umIP1ebJom8hs7l4h5k5b0UKp6PnbqTclT0RETQS-aLk7X43aqBhOV0PHwfbhGOJgj-mOS_kFQEBE_zEhCMjIl7VGJWrqSXNOiGmdC8AE-tfct70EiAWcv4rkS5IFBAgEGAGSBQQIBRgEoAYCgAfx6fWGAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPPfH9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCS9odHRwczovL3d3dy5saWdodGludGhlYm94LmNvbS9lL2ZjLzBfMF9TTDI5MDk3M4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yOTcxOTE4NzkxMDk3MTI0GAA&sigh=bYHyywW8viQ&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWj5XJl2DN-GfViySvvqTrkTbEAchMV_QhGY6yg2FeDC_G6Ik1GAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225783048551875282058%22,%22debug_reporting%22:true,%22destination%22:%22https://lightinthebox.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221055900039%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221019669362578833745%22}&andc=true

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 171

https://googleads.g.doubleclick.net/pagead/adview?ai=C6Y27owgCZcacJ4zV6wSs5qHwBqqj9vVy34WDt8ARp9y_4_YYEAEgrLidJGCV-vCBjAegAaO22e8DyAEJqQL1xAR7TQOyPqgDAcgDywSqBNQCT9CYxn9tKak9r_io0PmfQuGwUPCQ4GqXh1tb3ewAX5MS5xya7V0F_aZqmFvJU365N1Qb3mz2wLMB1oClb81RfvTrC6LKzuv0UsJ5KYvzJ7gfKB0Xm1ekBYjhGv4bQmQ5HP5mbiX6wOzYk_e9PYC3Ke_zyD4bV0vS5EnzqMnjv4-AF4e0gLx1nAYR9xSbwqYEEYSx0khjyekPmRp6TU5SqpErvTBZxFUjE_aHEi-wsjxJ97j2zFZlZQ-x2PA-8LC7f1uS84So_C3bSGV8TuANXqCqL8AUnAakIwRMNvQV1uCOfiyTg03WMy8iW2oG9c0drRFcqHy2uzE52GJtsxmIX_EyyDkkUwkVzqRIyZx0lV2SBxEUejtICwHhESpODC-MDeMU4CvCfu_8oV4ZVOEP_gCGykmeU_L8nw3Zr2RtVcKdOOFi3fTAx9jhZP3MNiOz5X3MC8AEktXOk8oCiAWyyOqsIJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfFyaYQqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3a0V0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJVWh0dHBzOi8vbGludXgta3Vycy5jb20vbGludXgtZmFrdGVuLz9jb2RlPVNFTV9DV19MSUtVX3NkR0FXX01GTV9saW51eC1rdXJzLWNvbS1mYWt0ZW6ACgHICwHYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMjk3MTkxODc5MTA5NzEyNBgA&sigh=Jxkg2KzqKjQ&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWGVrFirAGpnBnN36OevIu7LuQ1BjuM7TWXKtHzzFoDdgmbta8GAE&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210983615046792238526%22,%22debug_reporting%22:true,%22destination%22:%22https://linux-kurs.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221039555363%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218362036204042431505%22}&andc=true

Request Chain 306

https://googleads.g.doubleclick.net/pagead/adview?ai=C_hOsowgCZeOEJfGt78EPjrmfyAKZ3-zZb6Do5o6lDN3rxdOiGxABIKy4nSRglfrwgYwHoAGumIqiAsgBCakC9cQEe00Dsj6oAwHIA8sEqgTcAk_Qt3Fz09v4xP4gZz7SafoNadZDT1Nd126seBza523A-gkIYbIdXABEtavhxBrK3y-ff8pu5G7NzQyHa8DKz-Kdrnj_LcazawkjVUAI0IK37h0KCc-Ng2Hs--pa-BAV9T3VX2dZVtFfIj2edMP0_k4g0f7jj-W0O6TeXRojimkBVSvQLf5qwvoX0DIq5n_J8sp9AMUvDPCMu8ChBnUJZeWfUGmvZSEO6qRpLGlX6-rYuWCSJaDxBCj4Loq_62rR-ef644xjPCF-hYdVOJjjZwBmuJQXGOobZzlU-pQK4rCW3qn6qv3WXpzaK29x1uCjeZJ2cGVGQpwt2_SAN8eLO1xJsAz_MBO_6OA66rDMzm_JoDHxwpWi-bd3gTKCrtItgcm3r9RdsPJpjQ9SvHP2H5hRDsN3wJDXXTYev5kRksyYQt-U4zVwx2npBLcHo1K7p74EC4-cwxZyZQu7ysAEnoHE6_8CiAWtver5J5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe65_XdAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMfyNNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCSBodHRwczovL3hjcmFmdC5uZXQvcmVnaXN0cmF0aW9uL4AKAcgLAdgTDIgUA9AVAYAXAbIXHAoaCAASFHB1Yi0yOTcxOTE4NzkxMDk3MTI0GAA&sigh=kKLX7LHdXac&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJW3GbRg_c8uvMeD712qxZacn0kdqNQ-Rixb9YmEUrj6oZRZ1c8GAE&template_id=5000&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225403331783892836069%22,%22debug_reporting%22:true,%22destination%22:%22https://xcraft.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22608341038%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216028466125912001457%22}&andc=true

463 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter Show response
www.rebelnews.com/ 103 KB
20 KB 614ms
514ms Document
text/html 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69719c91d75ed1b6aba9e5b88795ccc5566af13128555810c5376841d2c76fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-request-method: GET, POST, PUT, DELETE
age: 16
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8062ad8fe89f1d8c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 19:08:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
server: cloudflare
x-content-digest: 7779490ab4f8fac690f7f5ef57f89dfa27633ed3
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-middleware-start: t=1694632097607649
x-nb-cached-page: yes
x-rack-cache: fresh
x-request-id: eae6851b-9c9a-4a40-9256-bee9de3c0a49
x-runtime: 0.181435

GET
H2 200 css
fonts.googleapis.com/ 6 KB
969 B 82ms
32ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a2a885ced31775688b02c8e38311884e2894c8d4b65aa5d23d7c7b879a371b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Sep 2023 19:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 18:57:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Sep 2023 19:08:17 GMT

GET
H2 200 remodal.css
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ 2 KB
998 B 97ms
38ms Stylesheet
text/css 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/remodal.css

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b986cc934432b19f05b4a2f0d0f5fbeb96cf698b545465df15cf53c35ecd196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037879
x-middleware-start: t=1693594218313780
alt-svc: h3=":443"; ma=86400
x-request-id: 2ccdeb8f-dc69-41b3-86b9-d2f0b108d7ee
x-runtime: 0.041967
x-content-digest: 7aa55d8a847522fdac2d63c5649f7b6c15d6a22d
server: cloudflare
etag: W/"6b986cc934432b19f05b4a2f0d0f5fbe"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 8062ad938e7830e7-FRA
x-rack-cache: fresh
expires: Fri, 13 Sep 2024 00:57:29 GMT

GET
H2 200 remodal-default-theme.css
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ 5 KB
2 KB 95ms
36ms Stylesheet
text/css 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/remodal-default-theme.css

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

370c49c5ba241c54b36196c644394dd9f91554a875ab4dbfae6549ca7088dee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037879
x-middleware-start: t=1693594218406617
alt-svc: h3=":443"; ma=86400
x-request-id: bbd01277-3a01-428e-bd1a-26018c1ccc43
x-runtime: 0.038533
x-content-digest: e3c0078d4e589886ee89b263c992c37d98b2ee57
server: cloudflare
etag: W/"370c49c5ba241c54b36196c644394dd9"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 8062ad938e7a30e7-FRA
x-rack-cache: fresh
expires: Fri, 13 Sep 2024 00:57:29 GMT

GET
H2 200 selectric.css
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ 4 KB
1 KB 95ms
37ms Stylesheet
text/css 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/selectric.css

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad2b369a9fad37f4d0c2bd23746d9c4b8be3cbba24baf781f25a853246875fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037879
x-middleware-start: t=1693594218318818
alt-svc: h3=":443"; ma=86400
x-request-id: 9b75f967-0aa6-4ebc-a30f-bb5dd71c0ae8
x-runtime: 0.036450
x-content-digest: d64eae4547775fd767b48ff4ce53fb4cb0c64e81
server: cloudflare
etag: W/"ad2b369a9fad37f4d0c2bd23746d9c4b"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 8062ad938e7d30e7-FRA
x-rack-cache: fresh
expires: Fri, 13 Sep 2024 00:57:29 GMT

GET
H2 200 magnific-popup.css
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ 7 KB
2 KB 97ms
39ms Stylesheet
text/css 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/magnific-popup.css

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a44e537eb0dfe0dfdb3a7ab134b25790c6f99e33436bf603e879598ec164a9fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037879
x-middleware-start: t=1693594218311464
alt-svc: h3=":443"; ma=86400
x-request-id: 5ebc16c4-c21c-418c-84f6-bceba0f28ba4
x-runtime: 0.032253
x-content-digest: 4bc5c190369aa8724e02171cfac745b15a95b952
server: cloudflare
etag: W/"a44e537eb0dfe0dfdb3a7ab134b25790"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 8062ad938e7f30e7-FRA
x-rack-cache: fresh
expires: Fri, 13 Sep 2024 00:57:29 GMT

GET
H2 200 slick.css
cdn.jsdelivr.net/jquery.slick/1.6.0/ 2 KB
1 KB 86ms
28ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick.css

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17577278
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230083-FRA, cache-yyz4570-YYZ
server: cloudflare
etag: W/"6c1-bp0TNCoRqM/Z5C7iQ+rq4BzaTiU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTqYC31hbNtF%2BJ6Tp99mei004IJvgIxXt8wVuAiEHauCH28qp5GyV2k8eDGI3YCXfM5VC%2BLzd5urEoNg8JWQhlXSY2tVf2VOLVxsP3BbJqHmMwQ%2BP1bMZz1nVbHIW90qDK742I1SsdhOxbfmACs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8062ad938d2a18da-FRA

GET
H2 200 slick-theme.css
cdn.jsdelivr.net/jquery.slick/1.6.0/ 3 KB
1 KB 90ms
33ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick-theme.css

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17577275
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230115-FRA, cache-jnb7022-JNB
server: cloudflare
etag: W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kT2CtJmFJR%2F%2F3BC12oTW%2BiVjSAGo07TvGnBysqI%2FtTIrPm%2Bi6t2BcWaJIMAWQUJTVHVLKp%2F3%2FcJMu3A%2BJ6X%2FN1XjSpx8jL6EGcn5iU3h2HgSQFFUFcwpP7Ajyt1hLBgrUXcLs4TQoyQJezDps4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8062ad938d2d18da-FRA

GET
H2 200 cookies.min.js Show response
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ 2 KB
1 KB 102ms
45ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/cookies.min.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f8a32eb3c1d6bfd89189d8b25f75c3365e45760f8d10de20f16f26e9da727db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037879
x-middleware-start: t=1693594218312062
alt-svc: h3=":443"; ma=86400
x-request-id: 297bf49b-958b-4941-9ecc-36d12954d11a
x-runtime: 0.064338
x-content-digest: 7ce0f0ac3ceb70d0e2e8d8377144e7463ccbb0a7
server: cloudflare
etag: W/"9f8a32eb3c1d6bfd89189d8b25f75c33"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8062ad938e8230e7-FRA
x-rack-cache: fresh
expires: Fri, 13 Sep 2024 00:57:29 GMT

GET
H2 200 paywall.min.js Show response
assets.inplayer.com/paywall/v3/ 6 MB
1 MB 116ms
23ms Script
text/javascript 2600:9000:225e:1a00:19:eb8b:91c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.inplayer.com/paywall/v3/paywall.min.js
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1a00:19:eb8b:91c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad6e29b6b24bfac850f56d8c808d77f8e6477da0dd0993b87d0faf5acd894d11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: ly1lnY91d7TgQCJs7xqaaobEUHLA0q_k
content-encoding: br
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
date: Wed, 13 Sep 2023 19:06:39 GMT
last-modified: Mon, 24 Jul 2023 09:32:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 101
x-amz-server-side-encryption: AES256
etag: W/"3f6076e64e4e3a00ec3792e6f344595b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: ryx6qHpEEfutyucsHH0aFtNDs7P3zSgdrQv5Mx3yJOeDKM_dccp-cA==

GET
H2 200 theme.css
rebelnewscss-1756d.kxcdn.com/ 1009 KB
143 KB 89ms
19ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://rebelnewscss-1756d.kxcdn.com/theme.css
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 265763bfcb13cf0fd010fc6eb315c6992f4f3e817642c2aa906e0cb940bee7ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:17 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 22:51:22 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"60109cea-fc583"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: *
expires: Wed, 20 Sep 2023 19:08:17 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/dark-hive/ 30 KB
30 KB 82ms
21ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/dark-hive/jquery-ui.css

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b891794d1d6d5c58c744ec2bb2ca47684d75ca6ec8c63b7b34be1886f7e19906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:08:29 GMT
x-content-type-options: nosniff
age: 89988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30588
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 18:08:29 GMT

GET
H2 200 main-c2d17f5c65a7fbd197b7a65357ac82be1a4ff51b2932b32fd233152158bca307.js Show response
assets.nationbuilder.com/assets/liquid/ 812 KB
224 KB 136ms
61ms Script
application/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid/main-c2d17f5c65a7fbd197b7a65357ac82be1a4ff51b2932b32fd233152158bca307.js
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2d17f5c65a7fbd197b7a65357ac82be1a4ff51b2932b32fd233152158bca307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:17 GMT
x-amz-version-id: null
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 92695
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 20 Apr 2023 16:49:06 GMT
server: cloudflare
etag: W/"33ac058d504357859fb32d50b5b1d386"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 8062ad939f3d35e6-FRA
x-amz-cf-id: rdNgRKgVY1ElyMeG2YmTHJrOh2r64_418z_AQPFLeIeGgzTkxzBezA==
expires: Wed, 20 Sep 2023 19:08:17 GMT

GET
H2 200 iframeresizer.min.js Show response
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ 14 KB
6 KB 104ms
47ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/iframeresizer.min.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a01583bb1046d42e54d2ddf18e6659d54025b7db0a792464dba2a2572e23c696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037879
x-middleware-start: t=1693594218309163
alt-svc: h3=":443"; ma=86400
x-request-id: 495d8cd3-7109-42db-b936-b13b0dd5c22a
x-runtime: 0.042264
x-content-digest: 0ed978b46b2f78990bfda4241d2853e30ae87ed3
server: cloudflare
etag: W/"a01583bb1046d42e54d2ddf18e6659d5"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8062ad938e8330e7-FRA
x-rack-cache: fresh
expires: Fri, 13 Sep 2024 00:57:29 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 184ms
112ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

239b0eb40cc57c91fa7aa9c58d9bea7cb2cbd89301e55ae13517a01f0aed73cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51095
x-xss-protection: 0
server: cafe
etag: 4593552830037880503
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:08:18 GMT

GET
H2 200 jquery.ui.effect.min.js Show response
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ 13 KB
6 KB 98ms
41ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/jquery.ui.effect.min.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f3ca08629dbf4b97858143154de2a7b48c4c671d6849b56aa592033a2546cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037879
x-middleware-start: t=1693594218431533
alt-svc: h3=":443"; ma=86400
x-request-id: 70224ea4-dc70-47ac-8b0c-e027aed76f6f
x-runtime: 0.044356
x-content-digest: 1b3c129be8aafb7c1d1cc795870d3e25365fc2a9
server: cloudflare
etag: W/"5f3ca08629dbf4b97858143154de2a7b"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8062ad938e8430e7-FRA
x-rack-cache: fresh
expires: Fri, 13 Sep 2024 00:57:29 GMT

GET
H2 200 jquery.ui.effect-slide.min.js Show response
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ 774 B
860 B 97ms
40ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/jquery.ui.effect-slide.min.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c56ffc47b4761b0396058aa73916486a33095af06bba5e72072ae332483dc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037879
x-middleware-start: t=1693594218290831
alt-svc: h3=":443"; ma=86400
x-request-id: ac94bcb6-6610-4f0d-b316-23ad8724cb73
x-runtime: 0.063551
x-content-digest: 2d0b4629f786724cb9ceba70e34ff5775fa16084
server: cloudflare
etag: W/"1c56ffc47b4761b0396058aa73916486"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8062ad938e8730e7-FRA
x-rack-cache: fresh
expires: Fri, 13 Sep 2024 00:57:29 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 68ms
20ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

10075944b043fdd4fa326cdb35579b3ec40ca6d1895474ec94ccd3fe7d447706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rebelnews.com/
Origin: https://www.rebelnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 19:08:18 GMT
content-md5: kWgOtXzLNrUPOf4WmUpOdw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: mj2lcrRMb54GK7sAFMiHa7DReRn6dJPIqK4TQ6BAu5F1+55HjCbwwXh1Srt4NJE7O0+UUOjRk4QLnjCc/yzPXg==
x-fb-content-md5: 2fa963f8a92e840742fd1b399b702aa7
cross-origin-opener-policy: same-origin-allow-popups
etag: "a1582d4b81a8bb791b004e371a26fb02"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:10:36 GMT

GET
H2 200 Rumble_logo_white.png
d3n8a8pro7vhmx.cloudfront.net/themes/5fd9329f4764e88b10364fad/attachments/original/1619012729/ 6 KB
7 KB 112ms
31ms Image
image/png 18.165.227.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3n8a8pro7vhmx.cloudfront.net/themes/5fd9329f4764e88b10364fad/attachments/original/1619012729/Rumble_logo_white.png?1619012729
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.227.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-227-24.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1bcd36950e0cd2e7c1d94806420176e3a46a5e59685b23bb5f52e0bf1bd0c62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 13 Sep 2023 11:29:57 GMT
via: 1.1 0dc8ff8f199caf5b90a11000cd7d71ac.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 13:45:30 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P5
age: 27502
x-amz-server-side-encryption: AES256
etag: "c157b6fc2a3e3b143ee2c281d3cf219b"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 6447
x-amz-cf-id: XQjfUVwTEZM522q1coXs6YFdJ2FVpmAQUxLwWsz3uUXgZAczKg2sJA==

GET
H2 200 odysee_png.png
d3n8a8pro7vhmx.cloudfront.net/themes/60bbc8a0c2948067eccb8a0a/attachments/original/1623433300/ 5 KB
6 KB 113ms
33ms Image
image/png 18.165.227.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3n8a8pro7vhmx.cloudfront.net/themes/60bbc8a0c2948067eccb8a0a/attachments/original/1623433300/odysee_png.png?1623433300
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.227.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-227-24.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cad8491124a34a04a98cc1ccabdd735e6e8cf35c753b73afc1765ce4723fdd49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 13 Sep 2023 06:50:16 GMT
via: 1.1 0dc8ff8f199caf5b90a11000cd7d71ac.cloudfront.net (CloudFront)
last-modified: Fri, 11 Jun 2021 17:41:41 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P5
age: 44390
x-amz-server-side-encryption: AES256
etag: "179026c0233283178b3af5f8bef375f1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 5279
x-amz-cf-id: SiQpa0Nobjbw6ndzli_RYCUFYO0xwb_vvatJTcKjFsqg98FPX-AqIw==

GET
H3 200 _rn-logo-2.png
assets.nationbuilder.com/therebel/sites/1092/meta_images/original/ 27 KB
27 KB 67ms
62ms Image
image/png 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/therebel/sites/1092/meta_images/original/_rn-logo-2.png?1582397021
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcfee70144904fd3988afe1169ffc8d774b0a6366d7cd9dc214dbee02d8a41cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
x-amz-version-id: null
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 27160
last-modified: Sat, 22 Feb 2020 18:43:43 GMT
server: cloudflare
etag: "a3200783169a9b88d8affd6fe1e8bf40"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8062ad991ab79052-FRA
x-amz-cf-id: dm5vdbyVKk3pzvRBUKeO0voQCBvJhgsjhMoSkln6fegmU3Yr8fRgBA==
expires: Wed, 13 Sep 2023 23:08:18 GMT

GET
H3 200 sponsorheadershapiro.jpg
assets.nationbuilder.com/therebel/pages/53797/attachments/original/1694536810/ 106 KB
106 KB 43ms
38ms Image
image/jpeg 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/therebel/pages/53797/attachments/original/1694536810/sponsorheadershapiro.jpg?1694536810
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59d97a5a18933e0b52529a581d9a51bfe2d79210789158412e0937a6dd32f410

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: HIT
age: 1325
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 108224
cf-bgj: h2pri
last-modified: Tue, 12 Sep 2023 16:40:11 GMT
server: cloudflare
etag: "e33788f4b0f1093cd3554e4812121dd6"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8062ad991ab89052-FRA
x-amz-cf-id: 5EtAxNctbFI-s9FQWIHV-Z4q_IO843YTYqWR2Hh7xefgH2LMhwY7Qw==
expires: Wed, 13 Sep 2023 23:08:18 GMT

GET
H3 200 Ben-Shapiro-LIVE-animated-sm.gif
assets.nationbuilder.com/therebel/pages/59815/attachments/original/1694492506/ 5 MB
5 MB 68ms
63ms Image
image/gif 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/therebel/pages/59815/attachments/original/1694492506/Ben-Shapiro-LIVE-animated-sm.gif?1694492506
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e98f0f82e4621f52910bef54affe938caca322728484563378131c51317ef768

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
x-amz-version-id: null
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 3920
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4990830
last-modified: Tue, 12 Sep 2023 04:21:47 GMT
server: cloudflare
etag: "c88f0bea6cf38db05cf14b15da81a60a"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8062ad991ab99052-FRA
x-amz-cf-id: 2-M6-qksv9C3azjoevc_K9n6ofGe6q1PAAeAajm7R4PYkGc3m4edqw==
expires: Wed, 13 Sep 2023 23:08:18 GMT

GET
H3 200 joebiden1.png
assets.nationbuilder.com/therebel/pages/70906/features/original/ 671 KB
671 KB 298ms
293ms Image
image/png 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/therebel/pages/70906/features/original/joebiden1.png?1694550945
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1749f8329dc8a38cb50470193ed3826aa7ed79f4f470665327cc1aaa2aa6e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
x-amz-version-id: zOom2HInL07o0.Uuqprj_ZZeL5zpeKGP
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 4303
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 686885
last-modified: Tue, 12 Sep 2023 20:35:49 GMT
server: cloudflare
etag: "d9e7e374ed8749641fb09f35488e6b3c"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8062ad991aba9052-FRA
x-amz-cf-id: _xLYaho2gOCjBW10kKp9JGrZUd4YxhPmVBfD04H0gvtq5iK2E1-PCw==
expires: Wed, 13 Sep 2023 23:08:18 GMT

GET
H2 200 email-decode.min.js Show response
www.rebelnews.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
829 B 23ms
23ms Script
application/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rebelnews.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Sep 2023 13:04:22 GMT
server: cloudflare
etag: W/"64ff1056-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8062ad945feb1d8c-FRA
expires: Fri, 15 Sep 2023 19:08:17 GMT

GET
H3 200 Alex_Written_Panama_Deportation_Sept_2023.jpg
assets.nationbuilder.com/therebel/pages/70933/features/original/ 951 KB
952 KB 328ms
322ms Image
image/jpeg 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/therebel/pages/70933/features/original/Alex_Written_Panama_Deportation_Sept_2023.jpg?1694628930
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa354db55bf821c4a43ea906bb27cae810f4afc7305f441696f4ed5bb5d9543b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-version-id: mdbZJ.gYbGvi.ePXiLoxqQpOGfeuqm.t
cf-cache-status: HIT
age: 934
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 974264
cf-bgj: h2pri
last-modified: Wed, 13 Sep 2023 18:15:32 GMT
server: cloudflare
etag: "f60dea657ff6f4eae3383baf13790f9b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8062ad991abc9052-FRA
x-amz-cf-id: PWb_9Q-48jilUqedHsqNXMxEjU0Ps82uYga1yyMMV0PHH5mnoLDTfQ==
expires: Wed, 13 Sep 2023 23:08:18 GMT

GET
H3 200 desantis.png
assets.nationbuilder.com/therebel/pages/70932/features/original/ 1 MB
1 MB 387ms
382ms Image
image/png 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/therebel/pages/70932/features/original/desantis.png?1694627655
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35789758de8ebe00db488858c0d5809e93589408ff5fc0e022218091501ea89e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
x-amz-version-id: a8tk8pbamx4lkIu5ZPGbI_obybCVBQzj
via: 1.1 5dc1bff22b40f5004224ef547b1a9a7c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: MXP63-P1
age: 1336
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 1456202
last-modified: Wed, 13 Sep 2023 17:54:19 GMT
server: cloudflare
etag: "958037d0df0c5999e354e9e37766f6f0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8062ad991abf9052-FRA
x-amz-cf-id: TKSOatxgK5qpYCeocRBBAgdd1aLffhN_O26ngKORFM6eYCtFHNtPaQ==
expires: Wed, 13 Sep 2023 23:08:18 GMT

GET
H3 200 Sheila_elections_commissioner_Sep_13.jpg
assets.nationbuilder.com/therebel/pages/70928/features/original/ 1 MB
1 MB 459ms
454ms Image
image/jpeg 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/therebel/pages/70928/features/original/Sheila_elections_commissioner_Sep_13.jpg?1694626494
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 213c5d1b47e20c95495b7fd80a1a9b41af4b3aaa9605f202654bd2b8a6cfb67c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
via: 1.1 d32587599a4a4956aa151bdd0a7e225e.cloudfront.net (CloudFront)
x-amz-version-id: 6ybw8yvlmMV6bjvWpCbSlAkx1jwX8syc
cf-cache-status: HIT
age: 2131
x-amz-cf-pop: MXP63-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 1299174
cf-bgj: h2pri
last-modified: Wed, 13 Sep 2023 17:34:57 GMT
server: cloudflare
etag: "54c40b44b23cb7d3228e0fe2d6e77373"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8062ad991ac29052-FRA
x-amz-cf-id: L9coz1hoOsg2IQwgz4YIBvSaxg1rqzR6P22u8TQMAuj4eJ7eubSL2w==
expires: Wed, 13 Sep 2023 23:08:18 GMT

GET
H3 200 yesno_th.jpg
assets.nationbuilder.com/therebel/pages/70918/features/original/ 242 KB
242 KB 518ms
512ms Image
image/jpeg 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/therebel/pages/70918/features/original/yesno_th.jpg?1694575729
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9358b278c65de2c0707bdbf242d64b1212939659115f6af44fe904b4b4a9f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-amz-version-id: NirFT0bO4Ne.xmQmCvuWuWvBl60id8ei
cf-cache-status: HIT
age: 4303
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 247640
cf-bgj: h2pri
last-modified: Wed, 13 Sep 2023 03:28:51 GMT
server: cloudflare
etag: "b1548c835f282e12fabb74cd9405e8a5"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8062ad991ac69052-FRA
x-amz-cf-id: st6RnXlrhw-srvVdoGmgW0gnqSX-rM_jeI6Fpc-4wKSp6wHOX2fSSA==
expires: Wed, 13 Sep 2023 23:08:18 GMT

GET
H3 200 ruin_th.jpg
assets.nationbuilder.com/therebel/pages/70916/features/original/ 416 KB
417 KB 536ms
531ms Image
image/jpeg 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/therebel/pages/70916/features/original/ruin_th.jpg?1694571646
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb4b47e0cd0628758cd5b9577ea07b7e48348de2273af7b2137fa8f52d8d5ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
x-amz-version-id: F4kWBum3ptE9tjwYqM5WjICofH8sojih
cf-cache-status: HIT
age: 1325
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 426428
cf-bgj: h2pri
last-modified: Wed, 13 Sep 2023 02:20:48 GMT
server: cloudflare
etag: "dc59d02f9158a470827b6859214e195b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8062ad991ac89052-FRA
x-amz-cf-id: U5BGBL-5sRoYfZXiL05hiV5vGEqjW1lFMYGNXLmTpznfxQhzXVQg1A==
expires: Wed, 13 Sep 2023 23:08:18 GMT

GET
H3 200 inher_th.jpg
assets.nationbuilder.com/therebel/pages/70915/features/original/ 447 KB
448 KB 554ms
549ms Image
image/jpeg 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/therebel/pages/70915/features/original/inher_th.jpg?1694563030
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde4a072c30878ceaed8fa4cf1cba223d692dc727eef3c5d4e2bdd683530a057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-version-id: yTUNbGeUCfA_lQ9O_Nh1axH2Fbhd73sG
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 457932
cf-bgj: h2pri
last-modified: Tue, 12 Sep 2023 23:57:13 GMT
server: cloudflare
etag: "2649ad14be2698fee54b934b077697ed"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8062ad991ac99052-FRA
x-amz-cf-id: emLDgssuA4X9-Alpi1Wrcd7dNA0jVtdEguh5riGJeFXj7BGBpPN9Ig==
expires: Wed, 13 Sep 2023 23:08:18 GMT

GET
H2 200 liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js Show response
assets.nationbuilder.com/assets/ 174 KB
53 KB 47ms
44ms Script
application/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
x-amz-version-id: null
via: 1.1 1d0c8380d9f12c4c559633dbe9e5eeca.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: JFK50-P8
age: 588774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 27 Apr 2023 20:20:44 GMT
server: cloudflare
etag: W/"c5d34981e474397332adfa4081ceecaa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 8062ad94a8fe35e6-FRA
x-amz-cf-id: 8LNrUbP3YXqFqzpX9EsBriXH5g0GgY0FzQbxqpyHxd4CnIxKg_JTgw==
expires: Wed, 20 Sep 2023 19:08:18 GMT

GET
H3 200 tinymce-1044caa1178bd6d7aa1cd3d7da31070cd443b4c3e78d6055867520c0e56114b5.js Show response
assets.nationbuilder.com/assets/ 872 KB
193 KB 47ms
46ms Script
application/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/tinymce-1044caa1178bd6d7aa1cd3d7da31070cd443b4c3e78d6055867520c0e56114b5.js
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1044caa1178bd6d7aa1cd3d7da31070cd443b4c3e78d6055867520c0e56114b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
x-amz-version-id: null
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 149784
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 May 2023 22:20:11 GMT
server: cloudflare
etag: W/"2d5aa065a9ce8f660bbcfa0f1277eb33"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 8062ad94fdcf9052-FRA
x-amz-cf-id: as7o_lSlwjBXUDWUE3VP3yrtepBrYkvhkmYcjI3U3NHutxeWb7GzCg==
expires: Wed, 20 Sep 2023 19:08:18 GMT

GET
H2 200 bootstrap.js Show response
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ 65 KB
14 KB 43ms
42ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/bootstrap.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc4a90e5c0f890d1f8668b26236db8f1d35448714f9812270008613d7b0ad0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037880
x-middleware-start: t=1693594218606315
alt-svc: h3=":443"; ma=86400
x-request-id: b99395a1-b633-448a-ba0d-4ea54bbecda6
x-runtime: 0.046053
x-content-digest: 56444859edd76300f8d6e734de0ba8af21539070
server: cloudflare
etag: W/"bc4a90e5c0f890d1f8668b26236db8f1"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8062ad9518df30e7-FRA
x-rack-cache: fresh
expires: Fri, 13 Sep 2024 00:57:30 GMT

GET
H3 200 _nm-scripts.js Show response
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ 94 KB
26 KB 68ms
66ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/_nm-scripts.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a7dff9464425212bb2e58ba741cb4ed312280a7202aeae38d3469e2f917cb57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037879
x-middleware-start: t=1693594219181303
alt-svc: h3=":443"; ma=86400
x-request-id: fd329402-9c4d-40da-a4f7-93167b6594fb
x-runtime: 0.045375
x-content-digest: c84982e3ddac199d2e5038f99b340bc48689dcbf
server: cloudflare
etag: W/"0a7dff9464425212bb2e58ba741cb4ed"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8062ad990fab91e4-FRA
x-rack-cache: fresh
expires: Fri, 13 Sep 2024 00:57:30 GMT

GET
H3 200 remodal.min.js Show response
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ 8 KB
3 KB 83ms
77ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/remodal.min.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21ea2a0ec1a9c48686c58d481b308e247fa9f747d2208099ce598ef823e555c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037880
x-middleware-start: t=1693594218286967
alt-svc: h3=":443"; ma=86400
x-request-id: d5b6bf68-a8cf-46c3-898d-e3fbc62fd981
x-runtime: 0.039060
x-content-digest: 84ce6b3f9b2de38a68253c6b8fdee77273b00962
server: cloudflare
etag: W/"c21ea2a0ec1a9c48686c58d481b308e2"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8062ad991fbd91e4-FRA
x-rack-cache: fresh
expires: Fri, 13 Sep 2024 00:57:30 GMT

GET
H3 200 jquery.magnific-popup.min.js Show response
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ 20 KB
8 KB 49ms
42ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/jquery.magnific-popup.min.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

666ea8fccc6357315c19049cba0ee7b821e5898d5b0d7d2273c03196e664cef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037880
x-middleware-start: t=1693594218307557
alt-svc: h3=":443"; ma=86400
x-request-id: 99e090d9-1bac-4483-87ac-86fedeb49648
x-runtime: 0.039052
x-content-digest: 9e524854b53bfc43171ec8283ba0dd2b300893af
server: cloudflare
etag: W/"666ea8fccc6357315c19049cba0ee7b8"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8062ad991fc191e4-FRA
x-rack-cache: fresh
expires: Fri, 13 Sep 2024 00:57:30 GMT

GET
H3 200 clipboard.min.js Show response
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ 10 KB
4 KB 48ms
41ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/clipboard.min.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037880
x-middleware-start: t=1693594218289188
alt-svc: h3=":443"; ma=86400
x-request-id: 84e6a17a-c843-462d-a05a-235992c8022b
x-runtime: 0.040823
x-content-digest: 6371ec0a8e242395c7d4d008d2b98e472c9dcc52
server: cloudflare
etag: W/"8a7739925f4c03586479852df840b706"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8062ad991fc291e4-FRA
x-rack-cache: fresh
expires: Fri, 13 Sep 2024 00:57:30 GMT

GET
H3 200 ad-blocker.js Show response
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ 114 B
489 B 43ms
37ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/ad-blocker.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0738f6af798c2dd78ada1779be0b1f57cd151ef746e38c2849cebd53b839dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037880
x-middleware-start: t=1693594218308237
alt-svc: h3=":443"; ma=86400
x-request-id: 5263bc06-2d44-4b52-9025-da51d0776a36
x-runtime: 0.043171
x-content-digest: cc840394955b5906a9218b004e9cc6f1555246af
server: cloudflare
etag: W/"b0738f6af798c2dd78ada1779be0b1f5"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8062ad991fc391e4-FRA
x-rack-cache: fresh
expires: Fri, 13 Sep 2024 00:57:30 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 120ms
69ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://www.rebelnews.com/
Origin: https://www.rebelnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8062ad996b29924a-FRA

GET
H2 200 v3 Show response
js.stripe.com/ 527 KB
131 KB 150ms
50ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: assets.inplayer.com
URL: https://assets.inplayer.com/paywall/v3/paywall.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

814c8c3e6d3002492af4072c7de4181dced967721f00e892dea2ec25f05210fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 19:07:45 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 34
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:55:16 GMT
server: Cloudfront
etag: W/"c30165def9d5def123c9c65e0e021ac6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: Y_0L30Wcul3KQXMoqQjoRUsYt-C_0IbhsqJI49Hc9F_SJfNaCQim6w==

GET
H2 200 en.json Show response
assets.inplayer.com/i18n/latest/ 24 KB
8 KB 72ms
34ms Fetch
application/json 2600:9000:225e:1a00:19:eb8b:91c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.inplayer.com/i18n/latest/en.json
Requested by: Host: assets.inplayer.com
URL: https://assets.inplayer.com/paywall/v3/paywall.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1a00:19:eb8b:91c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b50ca410d6ac5611af69438f071ab9b9e3881d0d5d134fb6dec83a0bf06d57ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: qLt_OEbetj7a_ahfTRljleyZgZwvZKBA
content-encoding: br
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
date: Wed, 13 Sep 2023 19:08:18 GMT
x-amz-cf-pop: FRA60-P4
age: 31
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 27 Oct 2022 15:14:24 GMT
server: AmazonS3
etag: W/"e2459705d43cce140802e28b1fbea46c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: Rpqe98pGfV1mDx9pxoGZv4EdnWEwAWi3hXNfLZL2fBEBikcYXtADTA==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 95ms
22ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 19:08:18 GMT
Content-Encoding: gzip
Age: 1114
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/67F3)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
70 KB 85ms
36ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSB758F

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36a2d7525af83799c39ae368dbf945430ac61594ca5fa8f0d6fe758f673e1bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71296
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Sep 2023 19:08:18 GMT

GET
H/1.1 200 / Show response
fundist-rebel-news.herokuapp.com/form/ Frame 1142 30 KB
30 KB 531ms
135ms Document
text/html 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: f8417abe7993d52fce44df7ffdbe1d8d341edb316e80afabb8295aad05e62422

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Length: 30865
Content-Type: text/html; charset=utf-8
Date: Wed, 13 Sep 2023 19:08:19 GMT
Server: hypercorn-h11
Via: 1.1 vegur

GET
H2 200 cd-arrow.svg
d3n8a8pro7vhmx.cloudfront.net/themes/5dfbe26ec29480731ae5e3d9/attachments/original/1484575955/ 1 KB
1 KB 98ms
33ms Image
image/svg+xml 18.165.227.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3n8a8pro7vhmx.cloudfront.net/themes/5dfbe26ec29480731ae5e3d9/attachments/original/1484575955/cd-arrow.svg?1484575955
Requested by: Host: rebelnewscss-1756d.kxcdn.com
URL: https://rebelnewscss-1756d.kxcdn.com/theme.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.227.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-227-24.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53ba6e49ea8e838495e817f4a8f410a426f8083bfe560ea623823985b1a005cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rebelnewscss-1756d.kxcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 13 Sep 2023 07:48:24 GMT
via: 1.1 0dc8ff8f199caf5b90a11000cd7d71ac.cloudfront.net (CloudFront)
last-modified: Thu, 19 Dec 2019 20:53:00 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P5
age: 40795
x-amz-server-side-encryption: AES256
etag: "e4f3e937b8ec432626789fbea7a06a6f"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1037
x-amz-cf-id: qdqFcLKsW0wNOWEJW6MZh16xLWkIU9IFyda23ex0f6Ze_U7GHnK1dw==

GET
H2 200 fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 70 KB
71 KB 96ms
37ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: rebelnewscss-1756d.kxcdn.com
URL: https://rebelnewscss-1756d.kxcdn.com/theme.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rebelnewscss-1756d.kxcdn.com/
Origin: https://www.rebelnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1076
age: 4231300
cdn-cachedat: 01/05/2023 09:37:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 71896
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7d3bee9a73c4993068d62fbd709fb01a
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8062ad998cde9070-FRA
cdn-requestpullsuccess: True

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 74ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rebelnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 06:10:46 GMT
x-content-type-options: nosniff
age: 392252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 06:10:46 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 133ms
79ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rebelnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 07:45:31 GMT
x-content-type-options: nosniff
age: 127367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 07:45:31 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 103ms
49ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rebelnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 21:18:33 GMT
x-content-type-options: nosniff
age: 337785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 21:18:33 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 93ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rebelnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 21:23:50 GMT
x-content-type-options: nosniff
age: 337468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 21:23:50 GMT

GET
H/1.1 200 / Show response
fundist-rebel-news.herokuapp.com/form/ Frame 0518 30 KB
30 KB 526ms
133ms Document
text/html 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: f8417abe7993d52fce44df7ffdbe1d8d341edb316e80afabb8295aad05e62422

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Length: 30865
Content-Type: text/html; charset=utf-8
Date: Wed, 13 Sep 2023 19:08:19 GMT
Server: hypercorn-h11
Via: 1.1 vegur

GET
H/1.1 200 / Show response
fundist-rebel-news.herokuapp.com/form/ Frame 7B17 30 KB
30 KB 1806ms
1200ms Document
text/html 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: f8417abe7993d52fce44df7ffdbe1d8d341edb316e80afabb8295aad05e62422

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Length: 30865
Content-Type: text/html; charset=utf-8
Date: Wed, 13 Sep 2023 19:08:19 GMT
Server: hypercorn-h11
Via: 1.1 vegur

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 72ms
26ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

10075944b043fdd4fa326cdb35579b3ec40ca6d1895474ec94ccd3fe7d447706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 19:08:18 GMT
content-md5: kWgOtXzLNrUPOf4WmUpOdw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: mj2lcrRMb54GK7sAFMiHa7DReRn6dJPIqK4TQ6BAu5F1+55HjCbwwXh1Srt4NJE7O0+UUOjRk4QLnjCc/yzPXg==
x-fb-content-md5: 2fa963f8a92e840742fd1b399b702aa7
cross-origin-opener-policy: same-origin-allow-popups
etag: "a1582d4b81a8bb791b004e371a26fb02"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:10:36 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=9f034e0cbd781a74084ee3f669f1cdf0

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8852b76884a908641b32805f679f9b4864f20dd071233fab986135c9920b3ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rebelnews.com/
Origin: https://www.rebelnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 19:08:18 GMT
content-md5: mqRUqcHpLl6293uDZMwdgw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87487
x-fb-debug: FEtanR8YUW4gw3aXbIJpOdLcVlBSG0Gy4amPIEGcxlrBXgbx80JRr18pOpxdX36Omhex/Y4zvXhk5zMvrrO7mw==
x-fb-content-md5: 75b8fcac66d427a97250ed78ca4ec202
cross-origin-opener-policy: same-origin-allow-popups
etag: "378f1c7e4cd4bd71c967e7ca2e2571f6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 12 Sep 2024 17:45:12 GMT

GET
H3

200

main.js Show response
www.rebelnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/ Frame 1AE2
Redirect Chain

https://www.rebelnews.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.rebelnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js

7 KB
3 KB

39ms
30ms

Script
application/javascript

2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rebelnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31a6743349e3b26b252b8c979921f57e9f302e1649c4d7d528d0eb8d215b24e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8062ad9af8130408-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 13 Sep 2023 19:08:18 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js
cache-control: max-age=300, public
cf-ray: 8062ad9a7f390408-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 09C8 320 KB
104 KB 24ms
23ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.rebelnews.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2384036
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 13 Sep 2023 19:08:18 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/675D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 142ms
21ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSB758F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 17:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5038
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 13 Sep 2023 19:44:21 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/942226283/ 3 KB
2 KB 139ms
79ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942226283/?random=1694632098961&cv=11&fst=1694632098961&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&hn=www.googleadservices.com&frm=0&tiba=Joe%20Biden%20%E2%80%98stunned%E2%80%99%20and%20%E2%80%98plunged%20into%20sadness%E2%80%99%20over%20potential%20indictment%20of%20Hunter%20-%20Rebel%20News&auid=889717644.1694632099&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSB758F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dd83c7ab77c8d07b1269011bada1bf2d875a52c4a18ed2059f7dbe00d431574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 19:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1410
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 42ms
40ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZHKF44EVZV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSB758F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

355d5a686095662b4e9b009023065b8c40f094a7dbec780c211acc9eeb709bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93133
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:18 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 379 KB
129 KB 311ms
309ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2971918791097124&plah=www.rebelnews.com&bust=31077719

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

764109e2840b895aa4d85330c0042453f040d1a8385a2c35b996e76341c8346c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131798
x-xss-protection: 0
server: cafe
etag: 3056952212460345622
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:08:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230912/r20190131/ Frame A647 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230912/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 21:08:56 GMT
etag: 8554266389219770021
expires: Tue, 26 Sep 2023 21:08:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 default Show response
services.inplayer.com/branding/paywall/650d87b1-cd03-491a-af27-d4a109b83a46/ 908 B
1 KB 302ms
165ms XHR
application/json 2600:9000:24dd:200:5:2cea:4ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services.inplayer.com/branding/paywall/650d87b1-cd03-491a-af27-d4a109b83a46/default

Requested by

Host: assets.inplayer.com
URL: https://assets.inplayer.com/paywall/v3/paywall.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24dd:200:5:2cea:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront / InPlayer/2.0 (+https://services.inplayer.com)

Resource Hash

0366197940c089239ccf24a538c6570ecb13718d1b2b30aa21edd6b609ad1a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept: application/json
Referer: https://www.rebelnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-inplayer-token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImp0aSI6IiJ9.eyJhdWQiOiIiLCJqdGkiOiIiLCJpYXQiOjAsIm5iZiI6MCwiZXhwIjowLCJzdWIiOiIiLCJzY29wZXMiOltdLCJtaWQiOjAsImFpZCI6MCwibXVpIjoiIiwiY3R4IjpbXSwidGlkIjowLCJ0dXVpZCI6IiIsIm9pZCI6MH0.rntcaTcrPAGjv-8U_DfWehT_ZWwy1D5S5d6S-iPFZ2o
date: Wed, 13 Sep 2023 19:08:19 GMT
content-encoding: gzip
via: 1.1 ec9f64b06809ecdf555b4a62b8b208ca.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-cf-pop: MAD53-P1
x-powered-by: InPlayer/2.0 (+https://services.inplayer.com)
x-cache: Miss from cloudfront
content-length: 450
x-request-id: 2be5b2059c88056b306155119141d3e4
last-modified: Sat, 22 Feb 2020 18:32:00 GMT
server: CloudFront
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-InPlayer-Token
cache-control: public, max-age=300
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, Content-Type, Accept
x-amz-cf-id: C-rdpO7oAwO6_7tWNY-nY4oXEZN4_y1SgS9dxsEVOmrNUJF4yKX5zA==

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 163ms
119ms Fetch
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=126739610711965&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=9f034e0cbd781a74084ee3f669f1cdf0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Wed, 13 Sep 2023 19:08:19 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
x-fb-debug: 4v2V2YO2u7yru4ehjkEw+O98DYLd2FQquqSEE2J3OrU2KAG+1Gr0YLv0TKzzkfRwrfluh+jp0YYVw0nF/ajdGA==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rebelnews.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 63ms
19ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1223412911196741&ev=fb_page_view&dl=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&rl=&if=false&ts=1694632099137&sw=1600&sh=1200&at=

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 13 Sep 2023 19:08:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 63ms
19ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=126739610711965&ev=fb_page_view&dl=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&rl=&if=false&ts=1694632099138&sw=1600&sh=1200&at=

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 13 Sep 2023 19:08:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 09C8 869 B
658 B 202ms
125ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=16a01270d3d37719e285a104119d403f24c2fa9f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.rebelnews.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 13 Sep 2023 19:08:18 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 13 Sep 2023 19:08:19 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 9e6334110d24fce3
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: b1ef152ad6f4ae6d1318e32a6a39223303f6a4907fa5115fbfc3cff348e23530
content-length: 337

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 78ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZHKF44EVZV&gtm=45je39b0&_p=493702055&_gaz=1&cid=186837678.1694632099&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694632099&sct=1&seg=0&dl=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&dt=Joe%20Biden%20%E2%80%98stunned%E2%80%99%20and%20%E2%80%98plunged%20into%20sadness%E2%80%99%20over%20potential%20indictment%20of%20Hunter%20-%20Rebel%20News&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHKF44EVZV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 19:08:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rebelnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 80ms
26ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZHKF44EVZV&cid=186837678.1694632099&gtm=45je39b0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHKF44EVZV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 19:08:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rebelnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 106ms
58ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZHKF44EVZV&cid=186837678.1694632099&gtm=45je39b0&aip=1&z=302984968

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 19:08:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 8062ad8fe89f1d8c Show response
www.rebelnews.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 1AE2 0
274 B 50ms
49ms XHR
text/plain 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rebelnews.com/cdn-cgi/challenge-platform/h/g/jsd/r/8062ad8fe89f1d8c
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 13 Sep 2023 19:08:19 GMT
content-encoding: br
server: cloudflare
cf-ray: 8062ad9d1b930408-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 /
www.google.com/pagead/1p-user-list/942226283/ 42 B
455 B 86ms
35ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/942226283/?random=1694632098961&cv=11&fst=1694631600000&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&frm=0&tiba=Joe%20Biden%20%E2%80%98stunned%E2%80%99%20and%20%E2%80%98plunged%20into%20sadness%E2%80%99%20over%20potential%20indictment%20of%20Hunter%20-%20Rebel%20News&fmt=3&is_vtc=1&random=952738492&rmt_tld=0&ipr=y

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 19:08:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/942226283/ 42 B
154 B 32ms
32ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/942226283/?random=1694632098961&cv=11&fst=1694631600000&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&frm=0&tiba=Joe%20Biden%20%E2%80%98stunned%E2%80%99%20and%20%E2%80%98plunged%20into%20sadness%E2%80%99%20over%20potential%20indictment%20of%20Hunter%20-%20Rebel%20News&fmt=3&is_vtc=1&random=952738492&rmt_tld=1&ipr=y

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 19:08:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 1142 5 KB
622 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Requested by

Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Sep 2023 19:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 18:47:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Sep 2023 19:08:19 GMT

GET
H/1.1 200 fundist.min.css
fundist-rebel-news.herokuapp.com/static/dist/ Frame 1142 385 KB
385 KB 297ms
264ms Stylesheet
text/css 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.css?ver=28
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: 1816fd7a1782e9aa79243318eb8a02554df96f69a3ef42845f342e9155044570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 19:08:19 GMT
Via: 1.1 vegur
Last-Modified: Tue, 22 Aug 2023 18:42:34 GMT
Server: hypercorn-h11
Etag: "1692729754.0-393732-935202633"
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 393732
Expires: Thu, 14 Sep 2023 07:08:19 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/0cecfec7/ Frame 1142
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=onloadTurnstileCallback
https://challenges.cloudflare.com/turnstile/v0/g/0cecfec7/api.js?render=explicit&onload=onloadTurnstileCallback

30 KB
10 KB

65ms
64ms

Script
application/javascript

2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/0cecfec7/api.js?render=explicit&onload=onloadTurnstileCallback
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: H2
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 997e1bdccc2046e6ab9fc361a9340cfdaa49bd28d9b6157b9020dffe8512453e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:19 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8062ad9e6e9139c7-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 13 Sep 2023 19:08:19 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/g/0cecfec7/api.js?render=explicit&onload=onloadTurnstileCallback
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8062ad9dbd8a39c7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 usa_donation_fundist.jpg
assets.nationbuilder.com/therebel/pages/59760/attachments/original/1655241693/ Frame 1142 513 KB
513 KB 61ms
61ms Image
image/jpeg 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/therebel/pages/59760/attachments/original/1655241693/usa_donation_fundist.jpg?1655241693
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac39a2835304dd00b420774ba94d34b480c0c58f3e8963a945127d71bb88aa53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:19 GMT
via: 1.1 6c3e48e00c5cc82a938a68d74aa420d8.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: REVALIDATED
x-amz-cf-pop: MXP64-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 525158
cf-bgj: h2pri
last-modified: Tue, 14 Jun 2022 21:21:34 GMT
server: cloudflare
etag: "4be2cfd15e55a4169628a263807f3bfa"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8062ad9d5fd99052-FRA
x-amz-cf-id: tCjgXjSipyZJAubzjeNcJU_9owzioVACyAyiYDY7DDoeJ-A_YXlL1w==
expires: Wed, 13 Sep 2023 23:08:19 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 0518 5 KB
599 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Sep 2023 19:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 19:02:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Sep 2023 19:08:19 GMT

GET
H/1.1 200 fundist.min.css
fundist-rebel-news.herokuapp.com/static/dist/ Frame 0518 385 KB
385 KB 358ms
125ms Stylesheet
text/css 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.css?ver=28
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: 1816fd7a1782e9aa79243318eb8a02554df96f69a3ef42845f342e9155044570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 19:08:19 GMT
Via: 1.1 vegur
Last-Modified: Tue, 22 Aug 2023 18:42:34 GMT
Server: hypercorn-h11
Etag: "1692729754.0-393732-935202633"
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 393732
Expires: Thu, 14 Sep 2023 07:08:19 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/0cecfec7/ Frame 0518
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=onloadTurnstileCallback
https://challenges.cloudflare.com/turnstile/v0/g/0cecfec7/api.js?render=explicit&onload=onloadTurnstileCallback

30 KB
11 KB

50ms
49ms

Script
application/javascript

2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/0cecfec7/api.js?render=explicit&onload=onloadTurnstileCallback
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: H2
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 997e1bdccc2046e6ab9fc361a9340cfdaa49bd28d9b6157b9020dffe8512453e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:19 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8062ad9e6e9439c7-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 13 Sep 2023 19:08:19 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/g/0cecfec7/api.js?render=explicit&onload=onloadTurnstileCallback
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8062ad9dbd8f39c7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 usa_donation_fundist.jpg
assets.nationbuilder.com/therebel/pages/59760/attachments/original/1655241693/ Frame 0518 513 KB
513 KB 59ms
59ms Image
image/jpeg 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/therebel/pages/59760/attachments/original/1655241693/usa_donation_fundist.jpg?1655241693
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac39a2835304dd00b420774ba94d34b480c0c58f3e8963a945127d71bb88aa53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:19 GMT
via: 1.1 6c3e48e00c5cc82a938a68d74aa420d8.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: REVALIDATED
x-amz-cf-pop: MXP64-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 525158
cf-bgj: h2pri
last-modified: Tue, 14 Jun 2022 21:21:34 GMT
server: cloudflare
etag: "4be2cfd15e55a4169628a263807f3bfa"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8062ad9d5fda9052-FRA
x-amz-cf-id: tCjgXjSipyZJAubzjeNcJU_9owzioVACyAyiYDY7DDoeJ-A_YXlL1w==
expires: Wed, 13 Sep 2023 23:08:19 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
224 B 27ms
26ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=493702055&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&ul=en-us&de=UTF-8&dt=Joe%20Biden%20%E2%80%98stunned%E2%80%99%20and%20%E2%80%98plunged%20into%20sadness%E2%80%99%20over%20potential%20indictment%20of%20Hunter%20-%20Rebel%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=467608401&gjid=2108152855&cid=186837678.1694632099&tid=UA-151986661-1&_gid=1737008732.1694632099&_r=1&_slc=1&gtm=45He39b0n81NSB758F&z=114526278

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

4dfda583d0aad93d493f4eb9f7623c2746149a36ef4f92e8eeca47dd54cd1030

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rebelnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 19:08:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rebelnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 iframeResizer.contentWindow.min.js Show response
fundist-rebel-news.herokuapp.com/static/dist/ Frame 1142 13 KB
14 KB 356ms
136ms Script
application/javascript 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/static/dist/iframeResizer.contentWindow.min.js
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: adb0b68a61c32480585085ef7fe5e2618fb67179a24a572d947808fabadecd0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 19:08:19 GMT
Via: 1.1 vegur
Last-Modified: Mon, 02 Aug 2021 13:43:38 GMT
Server: hypercorn-h11
Etag: "1627911818.0-13615-2828801753"
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13615
Expires: Thu, 14 Sep 2023 07:08:19 GMT

GET
H/1.1 200 bootstrap.min.js Show response
fundist-rebel-news.herokuapp.com/static/dist/ Frame 1142 59 KB
59 KB 731ms
129ms Script
application/javascript 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/static/dist/bootstrap.min.js
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: 5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 19:08:20 GMT
Via: 1.1 vegur
Last-Modified: Tue, 22 Jun 2021 18:29:16 GMT
Server: hypercorn-h11
Etag: "1624386556.0-60089-1222578110"
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60089
Expires: Thu, 14 Sep 2023 07:08:20 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 1142 527 KB
131 KB 26ms
25ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

814c8c3e6d3002492af4072c7de4181dced967721f00e892dea2ec25f05210fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 19:07:27 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 52
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:58:33 GMT
server: Cloudfront
etag: W/"c30165def9d5def123c9c65e0e021ac6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 6Q_ve-zLL0i8zGfV_NrHvZngUqN2_wHjj1Az5L8Qq9f92QOAVHXT_A==

GET
H/1.1 200 fundist.min.js Show response
fundist-rebel-news.herokuapp.com/static/dist/ Frame 1142 73 KB
74 KB 747ms
132ms Script
application/javascript 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.js?ver=28
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: ddb28fa080da256666c27e044e667722ca48af8a9f37512b3b57d7aa64ad4ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 19:08:20 GMT
Via: 1.1 vegur
Last-Modified: Mon, 10 Jul 2023 23:14:35 GMT
Server: hypercorn-h11
Etag: "1689030875.0-75139-679677661"
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75139
Expires: Thu, 14 Sep 2023 07:08:20 GMT

GET
H/1.1 200 iframeResizer.contentWindow.min.js Show response
fundist-rebel-news.herokuapp.com/static/dist/ Frame 0518 13 KB
14 KB 595ms
128ms Script
application/javascript 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/static/dist/iframeResizer.contentWindow.min.js
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: adb0b68a61c32480585085ef7fe5e2618fb67179a24a572d947808fabadecd0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 19:08:19 GMT
Via: 1.1 vegur
Last-Modified: Mon, 02 Aug 2021 13:43:38 GMT
Server: hypercorn-h11
Etag: "1627911818.0-13615-2828801753"
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13615
Expires: Thu, 14 Sep 2023 07:08:19 GMT

GET
H/1.1 200 bootstrap.min.js Show response
fundist-rebel-news.herokuapp.com/static/dist/ Frame 0518 59 KB
59 KB 918ms
308ms Script
application/javascript 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/static/dist/bootstrap.min.js
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: 5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 19:08:20 GMT
Via: 1.1 vegur
Last-Modified: Tue, 22 Jun 2021 18:29:16 GMT
Server: hypercorn-h11
Etag: "1624386556.0-60089-1222578110"
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60089
Expires: Thu, 14 Sep 2023 07:08:20 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 0518 527 KB
131 KB 69ms
67ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

814c8c3e6d3002492af4072c7de4181dced967721f00e892dea2ec25f05210fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 19:07:24 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 55
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:58:33 GMT
server: Cloudfront
etag: W/"c30165def9d5def123c9c65e0e021ac6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: O8YsE4JplNR84OKmsxDuold3X62Wrn9Tb5FbDzme3vSiUo218x_iHg==

GET
H/1.1 200 fundist.min.js Show response
fundist-rebel-news.herokuapp.com/static/dist/ Frame 0518 73 KB
74 KB 977ms
130ms Script
application/javascript 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.js?ver=28
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: ddb28fa080da256666c27e044e667722ca48af8a9f37512b3b57d7aa64ad4ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 19:08:20 GMT
Via: 1.1 vegur
Last-Modified: Mon, 10 Jul 2023 23:14:35 GMT
Server: hypercorn-h11
Etag: "1689030875.0-75139-679677661"
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75139
Expires: Thu, 14 Sep 2023 07:08:20 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 35ms
35ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-151986661-1&cid=186837678.1694632099&jid=467608401&gjid=2108152855&_gid=1737008732.1694632099&_u=YADAAEAAAAAAACAAI~&z=1052441777

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rebelnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 13 Sep 2023 19:08:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rebelnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
93 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZHKF44EVZV&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

264c3d9e416626007e6fcc318786ac052c53164a206a97fa07c611660dbb185d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94973
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:19 GMT

GET
H2 200 88959 Show response
services.inplayer.com/items/650d87b1-cd03-491a-af27-d4a109b83a46/ 1 KB
1 KB 157ms
156ms XHR
application/json 2600:9000:24dd:200:5:2cea:4ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services.inplayer.com/items/650d87b1-cd03-491a-af27-d4a109b83a46/88959

Requested by

Host: assets.inplayer.com
URL: https://assets.inplayer.com/paywall/v3/paywall.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24dd:200:5:2cea:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront / InPlayer/2.0 (+https://services.inplayer.com)

Resource Hash

d0a280e23c0dbdd7ae4b610f0a74fb0a7259d58ddadccc2ddef2e590f1325d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept: application/json
Referer: https://www.rebelnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-inplayer-token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImp0aSI6IiJ9.eyJhdWQiOiIiLCJqdGkiOiIiLCJpYXQiOjAsIm5iZiI6MCwiZXhwIjowLCJzdWIiOiIiLCJzY29wZXMiOltdLCJtaWQiOjAsImFpZCI6MCwibXVpIjoiIiwiY3R4IjpbXSwidGlkIjowLCJ0dXVpZCI6IiIsIm9pZCI6MH0.rntcaTcrPAGjv-8U_DfWehT_ZWwy1D5S5d6S-iPFZ2o
date: Wed, 13 Sep 2023 19:08:19 GMT
content-encoding: gzip
via: 1.1 ec9f64b06809ecdf555b4a62b8b208ca.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-cf-pop: MAD53-P1
x-powered-by: InPlayer/2.0 (+https://services.inplayer.com)
x-cache: Miss from cloudfront
content-length: 494
x-request-id: 8c7f53b94c4e5f2dc4feb7781ccf88c6
last-modified: Sun, 27 Jun 2021 21:49:34 GMT
server: CloudFront
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-InPlayer-Token
cache-control: public, max-age=300
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, Content-Type, Accept
x-amz-cf-id: HnwYND-NHUkBy8YV7xQ0_Y4gHmRPpDlJ-G-StQlbV8_r_0kTYCD60Q==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
607 B 138ms
32ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.rebelnews.com&callback=_gfp_s_&client=ca-pub-2971918791097124

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2971918791097124&plah=www.rebelnews.com&bust=31077719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c9f970621a0ac4681641c66f56c5fb1cebc2ff2f9961594c7879f5d54557f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 17AD 0
306 B 138ms
117ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&adk=1812271804&adf=3025194257&lmt=1694624899&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099057&bpp=6&bdt=1286&idt=419&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6700700931286&frm=20&pv=2&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=447

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 19:08:19 GMT
expires: Wed, 13 Sep 2023 19:08:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 128ms
128ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=remodal-wrapper%20remodal-is-opened&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 19:08:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 122ms
121ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=remodal-wrapper%20remodal-is-opened&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 19:08:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B608 116 KB
38 KB 2299ms
2299ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=4094357509&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099063&bpp=2&bdt=1292&idt=446&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bS2w8iukHd&p=https%3A//www.rebelnews.com&dtd=502

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ee1abb09a0a4db5624bd18254d92379361e4d9c20f0335c3dbe3728ecdcd658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38802
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 19:08:21 GMT
expires: Wed, 13 Sep 2023 19:08:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 066F 120 KB
40 KB 1199ms
1199ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099065&bpp=1&bdt=1293&idt=517&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oP5PSe0o74&p=https%3A//www.rebelnews.com&dtd=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa27ce9979168a3dcd6dc4279b6158a7eb1b78c137e4b160717ae07d811141d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40718
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 19:08:20 GMT
expires: Wed, 13 Sep 2023 19:08:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F826 121 KB
39 KB 1064ms
1063ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099066&bpp=1&bdt=1295&idt=522&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=F0JeRbpBuO&p=https%3A//www.rebelnews.com&dtd=526

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44d76b0d88eb01366af4b97d398ec6288599908596d9e0542b3adc6385ea4f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40150
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 19:08:20 GMT
expires: Wed, 13 Sep 2023 19:08:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C7D8 120 KB
39 KB 1194ms
1191ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1694624899&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099067&bpp=1&bdt=1295&idt=534&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=6OPreACOrb&p=https%3A//www.rebelnews.com&dtd=537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ff05841ffd7a1874183454050ef84f2362aab9233d4d0c8f30af30bf835a4d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39547
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 19:08:20 GMT
expires: Wed, 13 Sep 2023 19:08:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3E3B 120 KB
39 KB 744ms
744ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099068&bpp=1&bdt=1297&idt=542&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=pm9QD4DMia&p=https%3A//www.rebelnews.com&dtd=544

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dbdaac66a11adf187c138f98bd930dc1bc6cb951214d2903edf9602dc3ba8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40184
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 19:08:20 GMT
expires: Wed, 13 Sep 2023 19:08:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 3E3B 14 KB
1 KB 28ms
28ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099068&bpp=1&bdt=1297&idt=542&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=pm9QD4DMia&p=https%3A//www.rebelnews.com&dtd=544

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Sep 2023 19:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 18:58:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Sep 2023 19:08:20 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 3E3B 2 KB
973 B 100ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:46:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame 3E3B 23 KB
9 KB 98ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:20:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 3E3B 3 KB
1 KB 106ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:20:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 3E3B 20 KB
8 KB 94ms
17ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:46:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3E3B 0
0 28ms
27ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKDFruTupD4ntCOAwmCtTYV3P2qZUMd_JPHuymWfUbgUY2XfPz6956Y-1g9LY7PNb3T2QM8FW_LezT-1W8nLokGzhqSQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099068&bpp=1&bdt=1297&idt=542&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=pm9QD4DMia&p=https%3A//www.rebelnews.com&dtd=544
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E3B 181 KB
57 KB 112ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:08:20 GMT

GET
H2 200 1c0c92110fea9bdf1302b7cf16d857ac.js Show response
www.gstatic.com/mysidia/ Frame 3E3B 36 KB
15 KB 74ms
23ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 09:36:10 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4017954768197706983/ Frame 3E3B 15 KB
15 KB 106ms
33ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4017954768197706983/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa94da4ebb7486eca07cced021b0b2512678a1e07c54edab548f8f1c4021181e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:57:48 GMT
x-content-type-options: nosniff
age: 47432
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 23:45:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Sep 2024 05:57:48 GMT

GET
DATA 200
OK truncated
/ Frame 3E3B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3E3B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3E3B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea0a576035aacc2ac4cbc449e78babe48275635c2c2a55b42dc549c050c3c0b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 3E3B 33 KB
33 KB 21ms
19ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 50032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 05:14:28 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3E3B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CQm1yowgCZbPbKY676gTh1InwAbSMp79x78SHi-8Ov-EeEAEgrLidJGCV-vCBjAegAfD27pEDyAEJqQL1xAR7TQOyPqgDAcgDywSqBM4CT9A3i6r6EB4UnfCpPm8IZTA1Id6CA8NZOXdOZmk...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214112337710376102449%22,%22debug_reporting%22:true,%22destination%22:%22https://afilio.de%22,%22event_report_window%22:%22...

0
0

113ms
59ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214112337710376102449%22,%22debug_reporting%22:true,%22destination%22:%22https://afilio.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22842775408%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222798418265039503825%22}&andc=true

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:20 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14112337710376102449","debug_reporting":true,"destination":"https://afilio.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["842775408"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"2798418265039503825"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Sep 2023 19:08:20 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Sep 2023 19:08:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14112337710376102449","debug_reporting":true,"destination":"https://afilio.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["842775408"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"2798418265039503825"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 7B17 5 KB
526 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Sep 2023 19:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 18:26:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Sep 2023 19:08:20 GMT

GET
H/1.1 200 fundist.min.css
fundist-rebel-news.herokuapp.com/static/dist/ Frame 7B17 385 KB
385 KB 129ms
129ms Stylesheet
text/css 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.css?ver=28
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: 1816fd7a1782e9aa79243318eb8a02554df96f69a3ef42845f342e9155044570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 19:08:20 GMT
Via: 1.1 vegur
Last-Modified: Tue, 22 Aug 2023 18:42:34 GMT
Server: hypercorn-h11
Etag: "1692729754.0-393732-935202633"
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 393732
Expires: Thu, 14 Sep 2023 07:08:20 GMT

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/0cecfec7/ Frame 7B17
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=onloadTurnstileCallback
https://challenges.cloudflare.com/turnstile/v0/g/0cecfec7/api.js?render=explicit&onload=onloadTurnstileCallback

30 KB
11 KB

57ms
57ms

Script
application/javascript

2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/0cecfec7/api.js?render=explicit&onload=onloadTurnstileCallback
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: H3
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 997e1bdccc2046e6ab9fc361a9340cfdaa49bd28d9b6157b9020dffe8512453e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:20 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8062ada58bc51c1e-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 13 Sep 2023 19:08:20 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/g/0cecfec7/api.js?render=explicit&onload=onloadTurnstileCallback
cache-control: max-age=300, public
cf-ray: 8062ada4fb121c1e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 usa_donation_fundist.jpg
assets.nationbuilder.com/therebel/pages/59760/attachments/original/1655241693/ Frame 7B17 513 KB
513 KB 33ms
32ms Image
image/jpeg 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/therebel/pages/59760/attachments/original/1655241693/usa_donation_fundist.jpg?1655241693
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac39a2835304dd00b420774ba94d34b480c0c58f3e8963a945127d71bb88aa53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:20 GMT
via: 1.1 6c3e48e00c5cc82a938a68d74aa420d8.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: HIT
age: 1
x-amz-cf-pop: MXP64-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 525158
cf-bgj: h2pri
last-modified: Tue, 14 Jun 2022 21:21:34 GMT
server: cloudflare
etag: "4be2cfd15e55a4169628a263807f3bfa"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8062ada4fa1e9052-FRA
x-amz-cf-id: tCjgXjSipyZJAubzjeNcJU_9owzioVACyAyiYDY7DDoeJ-A_YXlL1w==
expires: Wed, 13 Sep 2023 23:08:20 GMT

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2268 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:46:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 06:46:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F826 15 KB
1 KB 28ms
28ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099066&bpp=1&bdt=1295&idt=522&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=F0JeRbpBuO&p=https%3A//www.rebelnews.com&dtd=526

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Sep 2023 19:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 18:59:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Sep 2023 19:08:20 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame F826 23 KB
9 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099066&bpp=1&bdt=1295&idt=522&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=F0JeRbpBuO&p=https%3A//www.rebelnews.com&dtd=526

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:20:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame F826 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099066&bpp=1&bdt=1295&idt=522&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=F0JeRbpBuO&p=https%3A//www.rebelnews.com&dtd=526

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:20:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame F826 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099066&bpp=1&bdt=1295&idt=522&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=F0JeRbpBuO&p=https%3A//www.rebelnews.com&dtd=526

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:46:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F826 0
0 30ms
29ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRq0IpwIlEeVmcT3uVjE2yRTnT0vFG-P9nD7n6Yjof-Kul2F151dlRw0PhywRI_DYilhjCTBlwCnnZU3q7-tgGRAgijWg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099066&bpp=1&bdt=1295&idt=522&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=F0JeRbpBuO&p=https%3A//www.rebelnews.com&dtd=526
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F826 181 KB
57 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099066&bpp=1&bdt=1295&idt=522&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=F0JeRbpBuO&p=https%3A//www.rebelnews.com&dtd=526

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:08:20 GMT

GET
H2 200 1c0c92110fea9bdf1302b7cf16d857ac.js Show response
www.gstatic.com/mysidia/ Frame F826 36 KB
15 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099066&bpp=1&bdt=1295&idt=522&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=F0JeRbpBuO&p=https%3A//www.rebelnews.com&dtd=526

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 09:36:10 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 116ms
57ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 iframeResizer.contentWindow.min.js Show response
fundist-rebel-news.herokuapp.com/static/dist/ Frame 7B17 13 KB
14 KB 133ms
132ms Script
application/javascript 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/static/dist/iframeResizer.contentWindow.min.js
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: adb0b68a61c32480585085ef7fe5e2618fb67179a24a572d947808fabadecd0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 19:08:20 GMT
Via: 1.1 vegur
Last-Modified: Mon, 02 Aug 2021 13:43:38 GMT
Server: hypercorn-h11
Etag: "1627911818.0-13615-2828801753"
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13615
Expires: Thu, 14 Sep 2023 07:08:20 GMT

GET
H/1.1 200 bootstrap.min.js Show response
fundist-rebel-news.herokuapp.com/static/dist/ Frame 7B17 59 KB
59 KB 134ms
134ms Script
application/javascript 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/static/dist/bootstrap.min.js
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: 5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 19:08:20 GMT
Via: 1.1 vegur
Last-Modified: Tue, 22 Jun 2021 18:29:16 GMT
Server: hypercorn-h11
Etag: "1624386556.0-60089-1222578110"
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60089
Expires: Thu, 14 Sep 2023 07:08:20 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 7B17 527 KB
131 KB 24ms
24ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

814c8c3e6d3002492af4072c7de4181dced967721f00e892dea2ec25f05210fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 19:07:24 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 56
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:58:33 GMT
server: Cloudfront
etag: W/"c30165def9d5def123c9c65e0e021ac6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: WdowDaayGhcisBIvgZKamrqxYPkPmE5za_tl8N0vlwqCicJ6a2h2fw==

GET
H/1.1 200 fundist.min.js Show response
fundist-rebel-news.herokuapp.com/static/dist/ Frame 7B17 73 KB
74 KB 129ms
129ms Script
application/javascript 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.js?ver=28
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash: ddb28fa080da256666c27e044e667722ca48af8a9f37512b3b57d7aa64ad4ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 19:08:20 GMT
Via: 1.1 vegur
Last-Modified: Mon, 10 Jul 2023 23:14:35 GMT
Server: hypercorn-h11
Etag: "1689030875.0-75139-679677661"
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75139
Expires: Thu, 14 Sep 2023 07:08:20 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6738700283246888354/ Frame F826 12 KB
12 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6738700283246888354/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099066&bpp=1&bdt=1295&idt=522&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=F0JeRbpBuO&p=https%3A//www.rebelnews.com&dtd=526

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9357ce5562b97ec4994bb02f50161cf71189358bf77f8a2667bd7e12cb953f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 04:48:46 GMT
x-content-type-options: nosniff
age: 310774
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12205
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 10:12:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 09 Sep 2024 04:48:46 GMT

GET
DATA 200
OK truncated
/ Frame F826 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F826 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F826 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98e80999c79fa2a235d33c805d09527810cf18bc38d2c5495ff25cc42ed7ddc1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F826 33 KB
33 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 50032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 05:14:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 066F 14 KB
1 KB 33ms
31ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099065&bpp=1&bdt=1293&idt=517&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oP5PSe0o74&p=https%3A//www.rebelnews.com&dtd=520

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Sep 2023 19:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 18:53:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Sep 2023 19:08:20 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 066F 2 KB
892 B 21ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099065&bpp=1&bdt=1293&idt=517&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oP5PSe0o74&p=https%3A//www.rebelnews.com&dtd=520

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:46:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame 066F 23 KB
9 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099065&bpp=1&bdt=1293&idt=517&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oP5PSe0o74&p=https%3A//www.rebelnews.com&dtd=520

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:20:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 066F 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099065&bpp=1&bdt=1293&idt=517&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oP5PSe0o74&p=https%3A//www.rebelnews.com&dtd=520

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:20:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 066F 20 KB
8 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099065&bpp=1&bdt=1293&idt=517&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oP5PSe0o74&p=https%3A//www.rebelnews.com&dtd=520

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:46:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 066F 0
0 28ms
28ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0J5_TwcXex_ioSoNZlILj9fOyac6eAy06PkSK82IIUBaa50bCeCruELqbzn1DyX1GHbKTm5ZTlTcmNEwjkw47tOfEuw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099065&bpp=1&bdt=1293&idt=517&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oP5PSe0o74&p=https%3A//www.rebelnews.com&dtd=520
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H3 200 7301615039163025390
tpc.googlesyndication.com/simgad/ Frame C7D8 33 KB
33 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7301615039163025390?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmJgAKpYbDVfiqT7kv5txsvzCWOoQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1694624899&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099067&bpp=1&bdt=1295&idt=534&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=6OPreACOrb&p=https%3A//www.rebelnews.com&dtd=537

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c63fbe27b5ec54fcceac224a62ccfe9eedcedfe2047880b0683df29451fb27c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 07:01:45 GMT
x-content-type-options: nosniff
age: 216395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34265
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 03:09:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 07:01:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame C7D8 23 KB
9 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:20:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame C7D8 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:20:17 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame C7D8 67 B
91 B 21ms
20ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 04:28:00 GMT
x-content-type-options: nosniff
server: cafe
age: 52820
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Thu, 14 Sep 2023 04:28:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame C7D8 20 KB
8 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:46:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C7D8 0
0 31ms
30ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6UOjdhdgSYxJJHacJ3_0GtFYN5rqBuJoQiikyaw9vyslkWRoFPvFMnETmTayRdC-NO5AbD1pUUh43D6xdCHSMsW5vLQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1694624899&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099067&bpp=1&bdt=1295&idt=534&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=6OPreACOrb&p=https%3A//www.rebelnews.com&dtd=537
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 066F 181 KB
57 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099065&bpp=1&bdt=1293&idt=517&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oP5PSe0o74&p=https%3A//www.rebelnews.com&dtd=520

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:08:20 GMT

GET
H3 200 1c0c92110fea9bdf1302b7cf16d857ac.js Show response
www.gstatic.com/mysidia/ Frame 066F 36 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099065&bpp=1&bdt=1293&idt=517&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oP5PSe0o74&p=https%3A//www.rebelnews.com&dtd=520

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 09:36:10 GMT

GET
H3 200 9473540036054519083
tpc.googlesyndication.com/simgad/ Frame 066F 11 KB
11 KB 18ms
18ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9473540036054519083?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099065&bpp=1&bdt=1293&idt=517&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oP5PSe0o74&p=https%3A//www.rebelnews.com&dtd=520

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b83557d147c1394b0fc00568863c4873ba6a1b742ff1a9c286ed5264c8f445d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:05:20 GMT
x-content-type-options: nosniff
age: 133380
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11287
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:54:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 06:05:20 GMT

GET
DATA 200
OK truncated
/ Frame 066F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 066F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5B67 143 B
166 B 21ms
20ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1694624899&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099067&bpp=1&bdt=1295&idt=534&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=6OPreACOrb&p=https%3A//www.rebelnews.com&dtd=537
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2677
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 18:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C7D8 181 KB
57 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:08:20 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame C7D8 35 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e216ef6426028ff54f8706b86c8ea7243a5cdbecbbbcf72ecac62b5a8541c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:59:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14480
x-xss-protection: 0
server: cafe
etag: 10657407632856047895
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:59:15 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F826
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CyB7UowgCZb6aJ-Sa78EP7MYG_66T8HHOr5DuqA-_4R4QASCsuJ0kYJX68IGMB6AB9-um7QPIAQmpAvXEBHtNA7I-qAMByAPLBKoE0QJP0Nzh6rU2WjdBnT4TAHZ6648sx0hDOzIqpHDBT0-...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225117928578898382557%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%...

0
0

55ms
55ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225117928578898382557%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221034532343%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226814509647235021601%22}&andc=true

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:21 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5117928578898382557","debug_reporting":true,"destination":"https://kroftman.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1034532343"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"6814509647235021601"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Sep 2023 19:08:21 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Sep 2023 19:08:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5117928578898382557","debug_reporting":true,"destination":"https://kroftman.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1034532343"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"6814509647235021601"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B5C 37 KB
14 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099066&bpp=1&bdt=1295&idt=522&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=F0JeRbpBuO&p=https%3A//www.rebelnews.com&dtd=526

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:46:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 06:46:56 GMT

GET
DATA 200
OK truncated
/ Frame 7B17 183 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 829ad3ed0c2f892e7df84989078dd4246fc0a5f1a179439e6314462465dbb2f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 7B17 23 KB
23 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fundist-rebel-news.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 21:18:33 GMT
x-content-type-options: nosniff
age: 337787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 21:18:33 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 7B17 23 KB
23 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fundist-rebel-news.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 21:23:50 GMT
x-content-type-options: nosniff
age: 337470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 21:23:50 GMT

GET
H3 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ Frame 7B17 17 KB
17 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fundist-rebel-news.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 11:55:56 GMT
x-content-type-options: nosniff
age: 198744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17728
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Sep 2024 11:55:56 GMT

GET
H3 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ Frame 7B17 24 KB
24 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fundist-rebel-news.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 06:10:46 GMT
x-content-type-options: nosniff
age: 392254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 06:10:46 GMT

GET
DATA 200
OK truncated
/ Frame C7D8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77442162b7dce49e21676143e5e1b4a4794864bd72e1f855f6f89a88d45cab1e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 54ms
54ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C7D8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CJoVaowgCZfbGJ9fU6gSS7JLYDeOV2Ppy0_rnzI4Sv-EeEAEgrLidJGCV-vCBjAegAYeDv_cDyAECqAMByAPJBKoE0gJP0FzHQpbM5w1FJxBMZ1Pqf4yii2iZfr0ux-hp2vDlgcxG3BIamY4...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225783048551875282058%22,%22debug_reporting%22:true,%22destination%22:%22https://lightinthebox.com%22,%22event_report_window...

0
0

55ms
54ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225783048551875282058%22,%22debug_reporting%22:true,%22destination%22:%22https://lightinthebox.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221055900039%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221019669362578833745%22}&andc=true

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:21 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5783048551875282058","debug_reporting":true,"destination":"https://lightinthebox.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1055900039"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"1019669362578833745"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Sep 2023 19:08:21 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Sep 2023 19:08:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5783048551875282058","debug_reporting":true,"destination":"https://lightinthebox.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1055900039"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"1019669362578833745"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5B67
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
31ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 19:08:21 GMT
expires: Wed, 13 Sep 2023 19:08:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 19:08:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 066F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b4c2027350f4bfdf91c56ebb416268a1cb6718ed93a812ab251fa0a48da3519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 066F 33 KB
33 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 50033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 05:14:28 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 54ms
54ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 066F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C6Y27owgCZcacJ4zV6wSs5qHwBqqj9vVy34WDt8ARp9y_4_YYEAEgrLidJGCV-vCBjAegAaO22e8DyAEJqQL1xAR7TQOyPqgDAcgDywSqBNQCT9CYxn9tKak9r_io0PmfQuGwUPCQ4GqXh1t...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210983615046792238526%22,%22debug_reporting%22:true,%22destination%22:%22https://linux-kurs.com%22,%22event_report_window%2...

0
0

60ms
57ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210983615046792238526%22,%22debug_reporting%22:true,%22destination%22:%22https://linux-kurs.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221039555363%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218362036204042431505%22}&andc=true

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:21 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10983615046792238526","debug_reporting":true,"destination":"https://linux-kurs.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1039555363"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"18362036204042431505"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Sep 2023 19:08:21 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Sep 2023 19:08:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10983615046792238526","debug_reporting":true,"destination":"https://linux-kurs.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1039555363"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"18362036204042431505"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 26F3 200 B
1 KB 23ms
22ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3078
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 18:17:04 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: JjQ11awA_8IbFFFTPrTHKBCpLZRUFrRJ4iMOj-BD73k1PZlvqhvNmg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-a840d6ed6a42a463d5fe20cf5b84b456.html Show response
js.stripe.com/v3/ Frame B544 325 B
1 KB 23ms
22ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

292c319677393083ce52ea6ba29cd67b1a0a1d5190e5c66732d1aafb1170ed13

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 19:08:18 GMT
etag: "a840d6ed6a42a463d5fe20cf5b84b456"
last-modified: Wed, 13 Sep 2023 17:20:31 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: P427Qh6YIdFVVyFSYetoqechx8neQPeUIp9WPUyUtuvE8mIlufEJIg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html Show response
js.stripe.com/v3/ Frame 2A8F 408 B
1 KB 23ms
23ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e2fbe009be97318df7b58b55e699513f43d710a5b66ecf198790958d2acc217f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1737
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 18:39:25 GMT
etag: "daa60d820f9755abad5df38ef435a357"
last-modified: Wed, 13 Sep 2023 17:20:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: ia2SIZqW6CntQ7wbs1r1Rwp-qsxdZlqL4Dsf8vQQvighuthO9CIPzw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html Show response
js.stripe.com/v3/ Frame 5071 344 B
1 KB 23ms
22ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8a4ec54225700a8d0a673739815da8a4d609d9ff38bd6d238ce735e37f7cdf56

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 48
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 19:07:34 GMT
etag: "db8668f46aff18d279e05375412bce52"
last-modified: Wed, 13 Sep 2023 17:20:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: Ot75tZzw7XzdJacOgAKS1uk2yLmlioTnhhq6JfpMXJYncVgjE4x3-Q==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame A55E 200 B
1 KB 23ms
22ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3078
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 18:17:04 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: cuAvjeRnsQ7dJCC3elAds3cIMLq95BsBZ7c466LHvjGEB6uw82h8LA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-a840d6ed6a42a463d5fe20cf5b84b456.html Show response
js.stripe.com/v3/ Frame 38C1 325 B
1 KB 22ms
22ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

292c319677393083ce52ea6ba29cd67b1a0a1d5190e5c66732d1aafb1170ed13

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 19:08:18 GMT
etag: "a840d6ed6a42a463d5fe20cf5b84b456"
last-modified: Wed, 13 Sep 2023 17:20:31 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: L-6YVqvmZQbqN8OSbGnHUPOM4APomEeyV19wdD17Xf5iiMLxw8ivUQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html Show response
js.stripe.com/v3/ Frame 2D06 408 B
1 KB 23ms
23ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e2fbe009be97318df7b58b55e699513f43d710a5b66ecf198790958d2acc217f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1737
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 18:39:54 GMT
etag: "daa60d820f9755abad5df38ef435a357"
last-modified: Wed, 13 Sep 2023 17:20:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: MJ2EnOUqSp5d1kA10UVRaGzJY9Fol6vYiAWxuWNEskUo-JKmSXFuxg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html Show response
js.stripe.com/v3/ Frame 02A5 344 B
1 KB 23ms
23ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8a4ec54225700a8d0a673739815da8a4d609d9ff38bd6d238ce735e37f7cdf56

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 48
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 19:07:34 GMT
etag: "db8668f46aff18d279e05375412bce52"
last-modified: Wed, 13 Sep 2023 17:20:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: d-EvRuiVvFfBUEJEeOnI7uEgdKsnGiRKzdv8XEUmWZ4BDf46JNGlgQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame F643 200 B
1 KB 22ms
22ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3078
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 18:17:04 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: iptFyRvDAJO5lAq37sXW5HaFKdQH0WsJg9Z7ff2plY2h5VmZ6sMbgg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-a840d6ed6a42a463d5fe20cf5b84b456.html Show response
js.stripe.com/v3/ Frame 241E 325 B
1 KB 22ms
22ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

292c319677393083ce52ea6ba29cd67b1a0a1d5190e5c66732d1aafb1170ed13

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 19:08:18 GMT
etag: "a840d6ed6a42a463d5fe20cf5b84b456"
last-modified: Wed, 13 Sep 2023 17:20:31 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: q3-b-ECuHoTx5GbhnqJDqmdEl7iv1V-yRzcBufQbb-sCIeRbn39ayQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html Show response
js.stripe.com/v3/ Frame 52C4 408 B
1 KB 24ms
23ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e2fbe009be97318df7b58b55e699513f43d710a5b66ecf198790958d2acc217f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1737
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 18:39:54 GMT
etag: "daa60d820f9755abad5df38ef435a357"
last-modified: Wed, 13 Sep 2023 17:20:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: 5q5_mzmgbDIO52MoVsaLamEM2EyCZ6DVo31L21kxlC6yAg8JG4zRfg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html Show response
js.stripe.com/v3/ Frame 23C6 344 B
1 KB 23ms
23ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8a4ec54225700a8d0a673739815da8a4d609d9ff38bd6d238ce735e37f7cdf56

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 48
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 19:07:34 GMT
etag: "db8668f46aff18d279e05375412bce52"
last-modified: Wed, 13 Sep 2023 17:20:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: XvlgMB-Vp1lUpF0nq2SXZGjs9v3gBzN59x_LnDMLuz55I6ok7baY3w==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame FD6A 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099065&bpp=1&bdt=1293&idt=517&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oP5PSe0o74&p=https%3A//www.rebelnews.com&dtd=520

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:46:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 06:46:56 GMT

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/11nrn/0x4AAAAAAAFOVi49vcUYvHAT/auto/ Frame FBB7 0
0 33ms
33ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/11nrn/0x4AAAAAAAFOVi49vcUYvHAT/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=onloadTurnstileCallback

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8062ada8c8201c1e-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 19:08:21 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yofx9/0x4AAAAAAAFOVi49vcUYvHAT/auto/ Frame 804F 0
0 33ms
33ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yofx9/0x4AAAAAAAFOVi49vcUYvHAT/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=onloadTurnstileCallback

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8062ada8d8251c1e-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 19:08:21 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 26F3 631 B
1 KB 23ms
22ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 13 Sep 2023 18:17:08 GMT
x-content-type-options: nosniff
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3074
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: mD9qpPKxcaI9F-GTBB4AO1YxrEUSX5zb_QewrCVn_wEwYsWHZf0YCg==

GET
H2 200 shared-1ef4dde40625a09cfb9d086e7dccd1d2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B544 459 KB
102 KB 33ms
32ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a21699ef714fd9fb7c1c7b29f547e7a7413a429af3187198ca2de6782b137758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:10 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2772
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:46 GMT
server: Cloudfront
etag: W/"8733b02350539f09a646bdb645a3e5ca"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: uoIoFg05AasK78TkdDmldafNRwdqGFg7SgeHtBoEc4kwmg3ybn-P9Q==

GET
H2 200 controller-8125ec898574f6a2dc2386c6cefba305.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B544 574 KB
139 KB 24ms
23ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-8125ec898574f6a2dc2386c6cefba305.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

91f5dd2e3010c02d53b39b7976bd035a582f929c5563a356a76fd84b4b11dc31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:12 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2772
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:43 GMT
server: Cloudfront
etag: W/"71778dcf5c119cffa712a7478f086a1d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: nNB5gYsmGZogWVEbdidCcLtizAH5xuto8m1RW18rpwgWjSPF8fUIeg==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 2A8F 116 KB
36 KB 138ms
78ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8a803ffb4fef3ac3d5bcc99239abb1d3e1f4e2858f54c2fe135c88648f45656

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U2eda6hu8F11oh8Jyh0ZHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:21 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-U2eda6hu8F11oh8Jyh0ZHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 13 Sep 2023 19:08:21 GMT

GET
H2 200 shared-1ef4dde40625a09cfb9d086e7dccd1d2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2A8F 459 KB
102 KB 37ms
36ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a21699ef714fd9fb7c1c7b29f547e7a7413a429af3187198ca2de6782b137758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:10 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2772
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:46 GMT
server: Cloudfront
etag: W/"8733b02350539f09a646bdb645a3e5ca"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _MXfBOTtlRy2sWwqcfYIji8dsi-pI0Z6n7L0YhteVPK9nXvdg5gkGw==

GET
H2 200 payment-request-inner-google-pay-4f871562b4d2ccb311e2ee4d4d6affb0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2A8F 10 KB
4 KB 23ms
23ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-4f871562b4d2ccb311e2ee4d4d6affb0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2c70a1da21b844cbb8306fd4e93182db6e1520fc0bab6b89a981a90e212e9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:45:25 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1379
x-cache: Hit from cloudfront
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Cloudfront
etag: W/"bed6d7db284fb4a6227e4659d1bb24bd"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wsWmTSeFpAGRgzdF8Ba7Wm7fU8_g80-2WQymkcc_1xTsoVWSnUbQEQ==

GET
H2 200 shared-1ef4dde40625a09cfb9d086e7dccd1d2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5071 459 KB
102 KB 42ms
41ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a21699ef714fd9fb7c1c7b29f547e7a7413a429af3187198ca2de6782b137758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:10 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2772
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:46 GMT
server: Cloudfront
etag: W/"8733b02350539f09a646bdb645a3e5ca"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: VCLkcZZEXbE7wdSDQCDPe13gR-CDkcW31PRwlIXIEfXBZ4nJd4Z6EA==

GET
H2 200 payment-request-inner-browser-4b8cbad749c96a39e80bff411aa5f7cc.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5071 12 KB
5 KB 48ms
47ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-4b8cbad749c96a39e80bff411aa5f7cc.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0fddf6dbf00e6b6647c54dda1e6a1e8abc9030f73b91dc3b15b5bbf07d11253e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:39:57 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1750
x-cache: Hit from cloudfront
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Cloudfront
etag: W/"84bfe1ae8a77a9feb8da7b6bbc0381b8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: TIoIojYoqruISFDS1M8O-S1_A5jxc56P629qUhnVrTkp6pdo0fu5yA==

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5447 37 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:46:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 06:46:56 GMT

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/7puij/0x4AAAAAAAFOVi49vcUYvHAT/auto/ Frame 0CB7 0
0 41ms
41ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/7puij/0x4AAAAAAAFOVi49vcUYvHAT/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=onloadTurnstileCallback

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8062ada8e8351c1e-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 19:08:21 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A55E 631 B
1 KB 46ms
46ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 13 Sep 2023 18:17:08 GMT
x-content-type-options: nosniff
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3074
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: -Lyfih9ijcI9uRy-cKRmQ854WBiRFokX18-AnTT5O4GKmENHOkfMmA==

GET
H2 200 shared-1ef4dde40625a09cfb9d086e7dccd1d2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 38C1 459 KB
102 KB 45ms
45ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a21699ef714fd9fb7c1c7b29f547e7a7413a429af3187198ca2de6782b137758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:10 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2772
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:46 GMT
server: Cloudfront
etag: W/"8733b02350539f09a646bdb645a3e5ca"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: UjF1V2f3URmoxEZXVsiSRM8qvL83UhoJPMV4A1KCTFYBaCgWDCzmqA==

GET
H2 200 controller-8125ec898574f6a2dc2386c6cefba305.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 38C1 574 KB
139 KB 51ms
50ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-8125ec898574f6a2dc2386c6cefba305.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

91f5dd2e3010c02d53b39b7976bd035a582f929c5563a356a76fd84b4b11dc31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:12 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2772
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:43 GMT
server: Cloudfront
etag: W/"71778dcf5c119cffa712a7478f086a1d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wJSbnBhtHgABxjYzvpX6Pv3_I1Eo5Nig72znBk9bMJZ8SYq7YPdwTQ==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 2D06 117 KB
35 KB 165ms
112ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e51b39b935c7d0ffb35a8c983c49209aab324ffe297a272bb1c7ddeb7541ea9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-LYuiBnjTknUYIS08ecz0ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:21 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-LYuiBnjTknUYIS08ecz0ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 13 Sep 2023 19:08:21 GMT

GET
H2 200 shared-1ef4dde40625a09cfb9d086e7dccd1d2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2D06 459 KB
102 KB 55ms
53ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a21699ef714fd9fb7c1c7b29f547e7a7413a429af3187198ca2de6782b137758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:10 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2772
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:46 GMT
server: Cloudfront
etag: W/"8733b02350539f09a646bdb645a3e5ca"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: QnTCHTzJV6_M04jott1OBPQoQSbhFtGVOCA6ysoMiREZ5T_85EgUiQ==

GET
H2 200 payment-request-inner-google-pay-4f871562b4d2ccb311e2ee4d4d6affb0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2D06 10 KB
4 KB 32ms
31ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-4f871562b4d2ccb311e2ee4d4d6affb0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2c70a1da21b844cbb8306fd4e93182db6e1520fc0bab6b89a981a90e212e9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:45:45 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1379
x-cache: Hit from cloudfront
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Cloudfront
etag: W/"bed6d7db284fb4a6227e4659d1bb24bd"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 2gtq5Kc1oqTJwwHwIlkcObzUWhNNYCPoM3QRhArn25BETgUg4WBlXw==

GET
H2 200 shared-1ef4dde40625a09cfb9d086e7dccd1d2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 02A5 459 KB
102 KB 58ms
56ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a21699ef714fd9fb7c1c7b29f547e7a7413a429af3187198ca2de6782b137758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:10 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2772
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:46 GMT
server: Cloudfront
etag: W/"8733b02350539f09a646bdb645a3e5ca"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: u__S8VCNaGdCu8dQlGXXzT6iOpKOjEuSTobSSbuVUGwngbzo6iMogw==

GET
H2 200 payment-request-inner-browser-4b8cbad749c96a39e80bff411aa5f7cc.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 02A5 12 KB
5 KB 61ms
59ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-4b8cbad749c96a39e80bff411aa5f7cc.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0fddf6dbf00e6b6647c54dda1e6a1e8abc9030f73b91dc3b15b5bbf07d11253e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:39:57 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1750
x-cache: Hit from cloudfront
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Cloudfront
etag: W/"84bfe1ae8a77a9feb8da7b6bbc0381b8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 0McQ4MdYZJRQHxbshqkcaN4l4ztAStmMchYDUxCA6Vwb7byySkOf6Q==

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 55ms
55ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F643 631 B
1 KB 62ms
62ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 13 Sep 2023 18:17:08 GMT
x-content-type-options: nosniff
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3074
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: eSplh7i41kZeSxy13qByAB3_3y0-au3Tt-47JxfbWlp3iVO7u3vDuQ==

GET
H2 200 shared-1ef4dde40625a09cfb9d086e7dccd1d2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 241E 459 KB
102 KB 56ms
55ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a21699ef714fd9fb7c1c7b29f547e7a7413a429af3187198ca2de6782b137758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:10 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2772
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:46 GMT
server: Cloudfront
etag: W/"8733b02350539f09a646bdb645a3e5ca"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: NjIWaYYFZN1ADgkYIiRlW0T5ofUqpp9RPXWOmoas0LyjpPNV5JmNCw==

GET
H2 200 controller-8125ec898574f6a2dc2386c6cefba305.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 241E 574 KB
139 KB 61ms
60ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-8125ec898574f6a2dc2386c6cefba305.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

91f5dd2e3010c02d53b39b7976bd035a582f929c5563a356a76fd84b4b11dc31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:12 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2772
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:43 GMT
server: Cloudfront
etag: W/"71778dcf5c119cffa712a7478f086a1d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: RGmiGcEx0uZ1yx4FS8zCfsSlAM0bUJNbTvzAkDIaPAXo1dHeOAPRMw==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 52C4 116 KB
35 KB 170ms
130ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8a803ffb4fef3ac3d5bcc99239abb1d3e1f4e2858f54c2fe135c88648f45656

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-s2IrXoxVEYALSacj9GbFPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:21 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-s2IrXoxVEYALSacj9GbFPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 13 Sep 2023 19:08:21 GMT

GET
H2 200 shared-1ef4dde40625a09cfb9d086e7dccd1d2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 52C4 459 KB
102 KB 60ms
59ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a21699ef714fd9fb7c1c7b29f547e7a7413a429af3187198ca2de6782b137758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:10 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2772
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:46 GMT
server: Cloudfront
etag: W/"8733b02350539f09a646bdb645a3e5ca"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: V1ReBjJrEvWoqw9368AFUfrhgpzWMks2cnoDooGrieNl-6tMleefdg==

GET
H2 200 payment-request-inner-google-pay-4f871562b4d2ccb311e2ee4d4d6affb0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 52C4 10 KB
4 KB 31ms
31ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-4f871562b4d2ccb311e2ee4d4d6affb0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2c70a1da21b844cbb8306fd4e93182db6e1520fc0bab6b89a981a90e212e9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-daa60d820f9755abad5df38ef435a357.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:45:45 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1379
x-cache: Hit from cloudfront
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Cloudfront
etag: W/"bed6d7db284fb4a6227e4659d1bb24bd"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 9ZMjk54Rnfq2ou6ZoASdaol1IpKyXlAh35ClQp1HrpimHy5FI2Xjtw==

GET
H2 200 shared-1ef4dde40625a09cfb9d086e7dccd1d2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 23C6 459 KB
102 KB 59ms
59ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a21699ef714fd9fb7c1c7b29f547e7a7413a429af3187198ca2de6782b137758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:10 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2772
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:46 GMT
server: Cloudfront
etag: W/"8733b02350539f09a646bdb645a3e5ca"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Tx2W-YCo35kWm7kcr6rgZ38lpEGbItjGpGmMWWzY_d82k8FMv2rV1g==

GET
H2 200 payment-request-inner-browser-4b8cbad749c96a39e80bff411aa5f7cc.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 23C6 12 KB
5 KB 63ms
63ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-4b8cbad749c96a39e80bff411aa5f7cc.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0fddf6dbf00e6b6647c54dda1e6a1e8abc9030f73b91dc3b15b5bbf07d11253e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-db8668f46aff18d279e05375412bce52.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:39:57 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1750
x-cache: Hit from cloudfront
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Cloudfront
etag: W/"84bfe1ae8a77a9feb8da7b6bbc0381b8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: CfoLuT1x0g_FHGu3J00imLT9kXbBq1_7PEZEUvaqdnwTL5XUjfzd8w==

POST
H2 200 csp-report
q.stripe.com/ Frame 26F3 0
715 B 878ms
411ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102100977
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102100730
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 26F3 0
714 B 882ms
415ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102101245
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102100755
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 226D 930 B
1 KB 102ms
27ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 103
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 19:08:21 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 124
x-content-type-options: nosniff
x-request-id: 9c31b357-0859-42a0-a26a-11dd41e84579
x-served-by: cache-fra-eddf8230127-FRA
x-timer: S1694632101.419373,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame A55E 0
714 B 851ms
456ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102104247
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103404
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A55E 0
714 B 824ms
429ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102103098
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102102379
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 1492 930 B
636 B 34ms
27ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 103
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 19:08:21 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 123
x-content-type-options: nosniff
x-request-id: cf5a94e9-88dd-40f6-9148-2f09e7dc99ab
x-served-by: cache-fra-eddf8230127-FRA
x-timer: S1694632101.418941,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame B544 0
715 B 861ms
484ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102104397
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103084
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame B544 474 B
865 B 72ms
23ms Fetch
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 561374db39fcfebff3cc5d2c12318ac73f83935d2a72e68107dcfd9a98e58c11

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 19:07:27 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Wed, 13 Sep 2023 17:58:34 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 57
etag: "1aa9c9b58a1d583e92dedb69537e195d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: 4mc4hTOOdw7kHu_5T3ljA0AkyqDa0Z-qE5qynP4-RqX8OLLf0VnoMQ==

POST
H2 200 csp-report
q.stripe.com/ Frame 5071 0
714 B 788ms
443ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102104023
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103160
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 5071 0
714 B 800ms
455ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102103625
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103054
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 38C1 0
715 B 764ms
428ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102103584
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103323
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F643 0
715 B 806ms
470ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102103674
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103041
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F643 0
715 B 820ms
485ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102107771
x-envoy-upstream-service-time: 14
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 5
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103236
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame BE42 930 B
636 B 25ms
25ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 103
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 19:08:21 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 125
x-content-type-options: nosniff
x-request-id: a0cd7741-6b7d-43e4-a71c-ba5b1dd4563b
x-served-by: cache-fra-eddf8230127-FRA
x-timer: S1694632101.469762,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame 02A5 0
714 B 802ms
469ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102104134
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103057
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 02A5 0
715 B 752ms
419ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102103483
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103105
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 38C1 474 B
864 B 42ms
24ms Fetch
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 561374db39fcfebff3cc5d2c12318ac73f83935d2a72e68107dcfd9a98e58c11

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 19:07:27 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Wed, 13 Sep 2023 17:58:34 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 57
etag: "1aa9c9b58a1d583e92dedb69537e195d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: 0e2ZSRIDYdiJ8ORo6KsuR-QoRZIdGem1vp1GlQ_vuYxkLTzUVh72yg==

POST
H2 200 csp-report
q.stripe.com/ Frame 241E 0
715 B 773ms
456ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102103789
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103121
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 23C6 0
717 B 813ms
498ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102106337
x-envoy-upstream-service-time: 23
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 12
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103301
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 23C6 0
716 B 785ms
470ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102103994
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103385
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 241E 474 B
864 B 29ms
24ms Fetch
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 561374db39fcfebff3cc5d2c12318ac73f83935d2a72e68107dcfd9a98e58c11

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-a840d6ed6a42a463d5fe20cf5b84b456.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 19:07:27 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Wed, 13 Sep 2023 17:58:34 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 57
etag: "1aa9c9b58a1d583e92dedb69537e195d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: pJtc4PmhPqbsSDeV7vHyBDQpC0uMAexp3wxM-PrccHkIw5Kwv0aI7A==

POST
H2 200 csp-report
q.stripe.com/ Frame 2A8F 0
715 B 587ms
441ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102103669
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103182
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2A8F 0
716 B 631ms
485ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102106591
x-envoy-upstream-service-time: 23
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 11
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103405
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 226D 0
489 B 623ms
484ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102106231
x-envoy-upstream-service-time: 16
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 9
x-stripe-client-envoy-start-time-us: 1694632102101505
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 226D 87 KB
15 KB 20ms
20ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 13 Sep 2023 19:08:21 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 44
x-cache: HIT
content-length: 15509
x-request-id: 75fd584b-e890-4bc0-b8fd-0b43b12bd918
x-served-by: cache-fra-eddf8230127-FRA
server: Fastly
x-timer: S1694632102.665387,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 62

POST
H2 200 csp-report
q.stripe.com/ Frame 1492 0
489 B 605ms
470ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102103644
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1694632102102321
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 1492 87 KB
15 KB 23ms
23ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 13 Sep 2023 19:08:21 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 44
x-cache: HIT
content-length: 15509
x-request-id: 56e47dd9-a57d-430a-b1e1-dc07a7f70d20
x-served-by: cache-fra-eddf8230127-FRA
server: Fastly
x-timer: S1694632102.668452,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 63

POST
H2 200 csp-report
q.stripe.com/ Frame 2D06 0
715 B 567ms
442ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102103693
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103200
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2D06 0
715 B 553ms
428ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102103776
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102103158
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame B544 2 KB
2 KB 383ms
245ms Fetch
application/json 54.76.53.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.76.53.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-53-164.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8ac053e0ccc40ad525c810d904c0a17e79d71d60e69458580026fa7adcdada1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 1706
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
expires: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 38C1 2 KB
2 KB 377ms
243ms Fetch
application/json 54.76.53.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.76.53.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-53-164.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

19253c279e8c78023dcec68aec9ff458c9555fff66593a342d58a797749ed73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 1706
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 52C4 0
714 B 532ms
419ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102101833
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102101555
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 52C4 0
716 B 611ms
498ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102106097
x-envoy-upstream-service-time: 25
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 12
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102101556
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 241E 2 KB
2 KB 374ms
246ms Fetch
application/json 54.76.53.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.76.53.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-53-164.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b8117c5a6621d13fc50a7a3a528aa4ea0ebcf94c619fa0591cc146e600ab0fa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 1706
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame BE42 0
488 B 549ms
442ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102103049
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1694632102102598
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame BE42 87 KB
15 KB 20ms
19ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 13 Sep 2023 19:08:21 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 44
x-cache: HIT
content-length: 15509
x-request-id: 64ce0872-69b0-489d-b839-0980c4d04239
x-served-by: cache-fra-eddf8230127-FRA
server: Fastly
x-timer: S1694632102.695780,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 64

POST
H/1.1 201 /
fundist-rebel-news.herokuapp.com/log/ Frame 1142 0
0 126ms
126ms Fetch
text/html 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/log/
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.js?ver=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 13 Sep 2023 19:08:21 GMT
Cache-Control: no-cache, no-store
Via: 1.1 vegur
Server: hypercorn-h11
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8

POST
H/1.1 201 /
fundist-rebel-news.herokuapp.com/log/ Frame 0518 0
0 127ms
127ms Fetch
text/html 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/log/
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.js?ver=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 13 Sep 2023 19:08:21 GMT
Cache-Control: no-cache, no-store
Via: 1.1 vegur
Server: hypercorn-h11
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8

POST
H/1.1 201 /
fundist-rebel-news.herokuapp.com/log/ Frame 7B17 0
0 132ms
132ms Fetch
text/html 23.22.52.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fundist-rebel-news.herokuapp.com/log/
Requested by: Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.js?ver=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.52.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-52-7.compute-1.amazonaws.com
Software: hypercorn-h11 /
Resource Hash

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=usa_donation_fundist&title=Donate+to+Rebel+News+USA&subtitle=Unlike+almost+all+of+our+mainstream+media+competitors%2C+Rebel+News+doesn%E2%80%99t+receive+any+government+funding.+We+rely+on+our+generous+audience+to+help+keep+us+reporting.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F59760%2Fattachments%2Foriginal%2F1655241693%2Fusa_donation_fundist.jpg%3F1655241693&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&currency=usd&country_code=us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 13 Sep 2023 19:08:21 GMT
Cache-Control: no-cache, no-store
Via: 1.1 vegur
Server: hypercorn-h11
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 04F4 18 KB
8 KB 92ms
91ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cee552dbd0aeb03b2390ceb280beeae96087773d98ed412aafe5af20032307bf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-exxM_F_SJilGg4V-XLGBUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-exxM_F_SJilGg4V-XLGBUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 13 Sep 2023 19:08:21 GMT
expires: Wed, 13 Sep 2023 19:08:21 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame E61C 18 KB
8 KB 86ms
86ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea7d0a4836a8cbdcd622bfe154b241f7d9804ed9eb75f311def058e3bbed4379

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TiaHR8lPoYEJX5AwnUutlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-TiaHR8lPoYEJX5AwnUutlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 13 Sep 2023 19:08:21 GMT
expires: Wed, 13 Sep 2023 19:08:21 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame B7EE 18 KB
8 KB 89ms
88ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc6188d577695e0ea6e5fb16080529d197903ffb763a5241a594d6288bf21e1c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ElTeRxQ6fGnb0xm267yM4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ElTeRxQ6fGnb0xm267yM4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 13 Sep 2023 19:08:21 GMT
expires: Wed, 13 Sep 2023 19:08:21 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
274 B 818ms
393ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102437872
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102437567
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 821ms
396ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102438119
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102437624
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 822ms
397ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102438299
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102437728
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 818ms
394ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102438340
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102437885
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 822ms
398ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102439578
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102439280
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 825ms
401ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102439716
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102439357
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 831ms
408ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102440249
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102439738
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
272 B 844ms
420ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102441018
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102440079
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 844ms
421ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102440994
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102440518
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 856ms
433ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102441604
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102440915
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 855ms
433ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102440551
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102440344
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 1014ms
592ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102632429
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102631937
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 840ms
419ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102440384
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102439996
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 822ms
401ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102440592
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102439935
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 827ms
406ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102440443
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102440034
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 1008ms
587ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102632299
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102631813
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
272 B 1009ms
588ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102632019
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102631747
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
272 B 1010ms
590ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102632118
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102631884
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 842ms
422ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102441056
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102440562
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 853ms
433ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102441395
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 8
x-stripe-client-envoy-start-time-us: 1694632102440639
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 828ms
409ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102440970
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102440642
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
272 B 827ms
408ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102441061
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102440840
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 1043ms
624ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102634500
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1694632102633981
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
272 B 827ms
408ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102440883
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102440311
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
272 B 825ms
407ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102440467
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102440201
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 839ms
422ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102440941
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102440367
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 839ms
421ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102441364
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102440807
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 837ms
420ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102441044
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102440807
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
272 B 824ms
407ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102441052
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102440677
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 817ms
400ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102440759
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102440376
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 226D 156 B
668 B 648ms
212ms XHR
application/json 34.216.188.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.188.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-188-66.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

219a98e8f0c7033c774b0236266fd305af7f72a0883e8108cdc6f7fed8964630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102330703
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 6
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1694632102329980
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 953ms
599ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102634515
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102634305
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 954ms
601ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102636029
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102635625
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 953ms
600ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102635077
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102634509
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame BE42 156 B
667 B 677ms
257ms XHR
application/json 34.216.188.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.188.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-188-66.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9be76a19dd21ed33d99e0397b48005db5a098de811f7fbf394eae0816310a1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102379999
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1694632102379764
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 1492 156 B
668 B 819ms
405ms XHR
application/json 34.216.188.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.188.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-188-66.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

355d62802c72b7a13be4ba0281a5d9781760fb3bf550df3142f240b221a41218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102527527
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1694632102526659
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame 04F4 156 KB
55 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriywJHnpiha5vKWyjEbVCSMEFESYg/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81af49b01a69139978210134c8b311c60ebe055d5ec844f9b10b6beb0cc33ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56135
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 04:26:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:31:59 GMT

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame E61C 156 KB
55 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81af49b01a69139978210134c8b311c60ebe055d5ec844f9b10b6beb0cc33ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56135
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 04:26:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:31:59 GMT

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame B7EE 156 KB
55 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81af49b01a69139978210134c8b311c60ebe055d5ec844f9b10b6beb0cc33ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56135
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 04:26:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:31:59 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 04F4 2 KB
2 KB 129ms
128ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:21 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame E61C 2 KB
2 KB 127ms
126ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:21 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame B7EE 2 KB
2 KB 128ms
127ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:21 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 css
fonts.googleapis.com/ Frame B608 14 KB
1 KB 32ms
31ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=4094357509&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099063&bpp=2&bdt=1292&idt=446&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bS2w8iukHd&p=https%3A//www.rebelnews.com&dtd=502

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Sep 2023 19:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 18:56:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Sep 2023 19:08:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame B608 2 KB
892 B 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=4094357509&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099063&bpp=2&bdt=1292&idt=446&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bS2w8iukHd&p=https%3A//www.rebelnews.com&dtd=502

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:46:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame B608 23 KB
9 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=4094357509&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099063&bpp=2&bdt=1292&idt=446&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bS2w8iukHd&p=https%3A//www.rebelnews.com&dtd=502

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:20:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame B608 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=4094357509&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099063&bpp=2&bdt=1292&idt=446&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bS2w8iukHd&p=https%3A//www.rebelnews.com&dtd=502

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:20:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame B608 20 KB
8 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=4094357509&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099063&bpp=2&bdt=1292&idt=446&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bS2w8iukHd&p=https%3A//www.rebelnews.com&dtd=502

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:46:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B608 0
0 28ms
27ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0BOx4JnU359p6nXCjwqKdi_IpQHYlhuYR2Rmo6TDGQtkBvirmnAQrq9WY-cDEGbWnz2MTk4ywBvR0yusHpQVo3bEMpw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=4094357509&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099063&bpp=2&bdt=1292&idt=446&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bS2w8iukHd&p=https%3A//www.rebelnews.com&dtd=502
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B608 181 KB
57 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=4094357509&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099063&bpp=2&bdt=1292&idt=446&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bS2w8iukHd&p=https%3A//www.rebelnews.com&dtd=502

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:08:21 GMT

GET
H3 200 1c0c92110fea9bdf1302b7cf16d857ac.js Show response
www.gstatic.com/mysidia/ Frame B608 36 KB
15 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=4094357509&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099063&bpp=2&bdt=1292&idt=446&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bS2w8iukHd&p=https%3A//www.rebelnews.com&dtd=502

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 09:36:10 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B608
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C_hOsowgCZeOEJfGt78EPjrmfyAKZ3-zZb6Do5o6lDN3rxdOiGxABIKy4nSRglfrwgYwHoAGumIqiAsgBCakC9cQEe00Dsj6oAwHIA8sEqgTcAk_Qt3Fz09v4xP4gZz7SafoNadZDT1Nd126...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225403331783892836069%22,%22debug_reporting%22:true,%22destination%22:%22https://xcraft.net%22,%22event_report_window%22:%22...

0
0

55ms
54ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225403331783892836069%22,%22debug_reporting%22:true,%22destination%22:%22https://xcraft.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22608341038%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216028466125912001457%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=4094357509&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099063&bpp=2&bdt=1292&idt=446&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bS2w8iukHd&p=https%3A//www.rebelnews.com&dtd=502

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5403331783892836069","debug_reporting":true,"destination":"https://xcraft.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["608341038"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"16028466125912001457"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Sep 2023 19:08:22 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Sep 2023 19:08:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5403331783892836069","debug_reporting":true,"destination":"https://xcraft.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["608341038"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"16028466125912001457"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16231425839607322927/ Frame B608 14 KB
14 KB 19ms
18ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16231425839607322927/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=4094357509&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099063&bpp=2&bdt=1292&idt=446&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bS2w8iukHd&p=https%3A//www.rebelnews.com&dtd=502

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0b9fd745eb7fba2fcef71f960ddd5d85c666b2c78b9f14a83c6dba0d70e4de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 10:12:40 GMT
x-content-type-options: nosniff
age: 291341
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14214
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 02:42:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 09 Sep 2024 10:12:40 GMT

GET
DATA 200
OK truncated
/ Frame B608 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B608 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C... Frame 04F4 72 KB
26 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C5PJVYFVg.L.B1.O/am=AMAY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgAtL1NVjpjVZnrRiePAQ0xBqgnVQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriywJHnpiha5vKWyjEbVCSMEFESYg/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05a0f2e2de4b70350884a18c1e41993dd4aa2e0e863eb957504a0fe208eedc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26883
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 01:30:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:31:59 GMT

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C... Frame E61C 72 KB
26 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05a0f2e2de4b70350884a18c1e41993dd4aa2e0e863eb957504a0fe208eedc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26883
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 01:30:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:31:59 GMT

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C... Frame B7EE 72 KB
26 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05a0f2e2de4b70350884a18c1e41993dd4aa2e0e863eb957504a0fe208eedc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26883
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 01:30:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:31:59 GMT

GET
DATA 200
OK truncated
/ Frame B608 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af113010d3cb5d5d56f44c72caf7cc1d62596909485b69171c01c9ddb2774e5b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 04F4 1 MB
367 KB 104ms
103ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ab6b2156d6519ee95394a33c81006f3f9eee6cba8f736ae4a49300ddaf7969f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZQAxHoFe5D2RnitBmSeriA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZQAxHoFe5D2RnitBmSeriA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 13 Sep 2023 19:08:22 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 54ms
53ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame E61C 1 MB
367 KB 113ms
112ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7229a4577045e6fb4fb04b260316147d695f4648b7b9eafc56996d7de7f3fe04

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-C3tr20dKEraM21D6BCWMmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-C3tr20dKEraM21D6BCWMmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 13 Sep 2023 19:08:22 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C... Frame 04F4 9 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C5PJVYFVg.L.B1.O/am=AMAY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgAtL1NVjpjVZnrRiePAQ0xBqgnVQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0919948a689e08cb05c08dfa9fb3d0d88ef0b28b364134231d7dc14f747f50b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3927
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 01:30:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:31:59 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C... Frame 04F4 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C5PJVYFVg.L.B1.O/am=AMAY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgAtL1NVjpjVZnrRiePAQ0xBqgnVQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d35ba76c48e46467c560e775b9c1fc0341936db69fbcba554f7f5143b0e188d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13836
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 01:30:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:31:59 GMT

POST
H3 200 log Show response
play.google.com/ Frame 04F4 131 B
155 B 128ms
84ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 110ms
51ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 04F4 131 B
155 B 141ms
112ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 125ms
68ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 04F4 131 B
155 B 87ms
83ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 145ms
90ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 04F4 131 B
155 B 107ms
105ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 146ms
91ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 540ms
407ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102439900
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102439672
access-control-allow-credentials: true
content-length: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B608 33 KB
33 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 50034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 05:14:28 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame B7EE 1 MB
367 KB 97ms
97ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b0acb48f399c880b5f581a9137825c84e2f8c7fc570ba807b51b2be80f8ac31

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GNc5BZvjRM8PuDnVIT_C3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-GNc5BZvjRM8PuDnVIT_C3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 13 Sep 2023 19:08:22 GMT

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame D5BA 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=4094357509&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1694624899&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694632099063&bpp=2&bdt=1292&idt=446&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6700700931286&frm=20&pv=1&ga_vid=186837678.1694632099&ga_sid=1694632100&ga_hid=493702055&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C31077719%2C20222282&oid=2&pvsid=1753369821826639&tmod=1505546846&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bS2w8iukHd&p=https%3A//www.rebelnews.com&dtd=502

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:46:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 06:46:56 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C... Frame E61C 9 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C5PJVYFVg.L.B1.O/am=AMAY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgAtL1NVjpjVZnrRiePAQ0xBqgnVQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0919948a689e08cb05c08dfa9fb3d0d88ef0b28b364134231d7dc14f747f50b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3927
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 01:30:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:31:59 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C... Frame E61C 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C5PJVYFVg.L.B1.O/am=AMAY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgAtL1NVjpjVZnrRiePAQ0xBqgnVQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d35ba76c48e46467c560e775b9c1fc0341936db69fbcba554f7f5143b0e188d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13836
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 01:30:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:31:59 GMT

POST
H3 200 log Show response
play.google.com/ Frame E61C 131 B
155 B 109ms
107ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 113ms
92ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame E61C 131 B
155 B 85ms
83ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 112ms
92ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame E61C 131 B
155 B 109ms
106ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 109ms
90ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame E61C 131 B
155 B 126ms
123ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 109ms
90ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 517ms
420ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102440199
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102439535
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 4F56 200 B
1 KB 23ms
23ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3079
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 18:17:04 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: DzX6N6psp21lkiNbn-VGpR04TD8NWn08PUqa2C7nkfUQ5C8evTHSPQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 comments.php
www.facebook.com/v17.0/plugins/ Frame 7F3F 0
0 120ms
119ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v17.0/plugins/comments.php?app_id=126739610711965&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2cfa6e69069478%26domain%3Dwww.rebelnews.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rebelnews.com%252Ff2902870e386ac%26relation%3Dparent.parent&container_width=766&height=100&href=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&locale=en_US&sdk=joey&version=v17.0&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=9f034e0cbd781a74084ee3f669f1cdf0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: jwZQayu9dG39X5wcbMoFGZ1gNiyDsx5L8eSyaA3+0XNG3aAe6P/9xirvhp+Mi9+Iib4w9bI8fFLYZ6lK3hHrTg==
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 118ms
75ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230912&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

159aba6e28b599f90c5b291afa9e0da6a6e87c86349631c5f39306861d0494e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11653
x-xss-protection: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C... Frame B7EE 9 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C5PJVYFVg.L.B1.O/am=AMAY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgAtL1NVjpjVZnrRiePAQ0xBqgnVQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0919948a689e08cb05c08dfa9fb3d0d88ef0b28b364134231d7dc14f747f50b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3927
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 01:30:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:31:59 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C... Frame B7EE 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.thnqN6q25Vw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C5PJVYFVg.L.B1.O/am=AMAY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgAtL1NVjpjVZnrRiePAQ0xBqgnVQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d35ba76c48e46467c560e775b9c1fc0341936db69fbcba554f7f5143b0e188d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13836
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 01:30:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:31:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 80ms
80ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame B7EE 131 B
155 B 112ms
109ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

POST
H3 200 log Show response
play.google.com/ Frame B7EE 131 B
155 B 108ms
105ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 79ms
79ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame B7EE 131 B
155 B 121ms
121ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

POST
H3 200 log Show response
play.google.com/ Frame B7EE 131 B
155 B 101ms
101ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 88ms
87ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 656ms
592ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102632169
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102631665
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 87ms
87ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 204 rum Show response
www.rebelnews.com/cdn-cgi/ 0
143 B 27ms
20ms XHR
text/plain 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rebelnews.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
content-type: application/json

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.rebelnews.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8062adae182b0408-FRA

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4F56 631 B
1 KB 24ms
22ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 13 Sep 2023 18:17:08 GMT
x-content-type-options: nosniff
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3075
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: lM9oTrmNX7TaPLWSIKoygAhY2ulOIIgdgvACp-HcZlt9bH7iUnQ_7Q==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZHKF44EVZV&gtm=45je39b0&_p=493702055&cid=186837678.1694632099&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1694632099&sct=1&seg=0&dl=https%3A%2F%2Fwww.rebelnews.com%2Fjoe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter&dt=Joe%20Biden%20%E2%80%98stunned%E2%80%99%20and%20%E2%80%98plunged%20into%20sadness%E2%80%99%20over%20potential%20indictment%20of%20Hunter%20-%20Rebel%20News&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHKF44EVZV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rebelnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 19:08:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rebelnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
272 B 459ms
419ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102440200
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102439615
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 634ms
595ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102634298
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102634085
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 637ms
600ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102634515
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102634142
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 647ms
610ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102634787
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102634279
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 636ms
600ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102634462
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102634225
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 646ms
612ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102634881
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1694632102634399
access-control-allow-credentials: true
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4F56 0
715 B 209ms
206ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102291188
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102290379
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4F56 0
716 B 211ms
207ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102292659
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102291936
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame A033 930 B
1 KB 28ms
27ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 104
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 19:08:22 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 126
x-content-type-options: nosniff
x-request-id: 4cd6e9db-3c43-4c71-8e87-841bb58b2b0c
x-served-by: cache-fra-eddf8230127-FRA
x-timer: S1694632102.201023,VS0,VE0

GET
H2 200 phone-numbers-lib-12ff6fba58e6c35240f70bcada1d1c6d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0518 129 KB
31 KB 23ms
23ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-12ff6fba58e6c35240f70bcada1d1c6d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6eaf243e54b530454f1552f3c3b848d9093e559bf4d44869ac10c37bdb63b488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:40:36 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1669
x-cache: Hit from cloudfront
last-modified: Thu, 17 Aug 2023 20:05:32 GMT
server: Cloudfront
etag: W/"77f70bac4642cea3e221082993faa983"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: s2BGa6zb0QFoWedONYkqrGjLhqDIfxavCj3NkGiwTxV1gZjzFQkh1A==

GET
H2 200 phone-numbers-lib-12ff6fba58e6c35240f70bcada1d1c6d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1142 129 KB
31 KB 23ms
23ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-12ff6fba58e6c35240f70bcada1d1c6d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6eaf243e54b530454f1552f3c3b848d9093e559bf4d44869ac10c37bdb63b488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:40:36 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1669
x-cache: Hit from cloudfront
last-modified: Thu, 17 Aug 2023 20:05:32 GMT
server: Cloudfront
etag: W/"77f70bac4642cea3e221082993faa983"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gSDhuyo6A2Cx-opUcbpcNosgRq6plXJ6l5ffba9D4gOi4eyX110X7g==

GET
H2 200 phone-numbers-lib-12ff6fba58e6c35240f70bcada1d1c6d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7B17 129 KB
31 KB 24ms
24ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-12ff6fba58e6c35240f70bcada1d1c6d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6eaf243e54b530454f1552f3c3b848d9093e559bf4d44869ac10c37bdb63b488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundist-rebel-news.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:40:36 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1669
x-cache: Hit from cloudfront
last-modified: Thu, 17 Aug 2023 20:05:32 GMT
server: Cloudfront
etag: W/"77f70bac4642cea3e221082993faa983"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: eMLESLO1xOXc4DPnHHivkCzf2zJQDzFg9C0DVtyFjoi-pvMBFVhNdg==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 19:08:22 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 555ms
555ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102636035
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102635645
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 562ms
561ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102636452
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102635855
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 562ms
562ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102636368
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102635902
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 572ms
571ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102636283
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102636042
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 558ms
558ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102636255
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102635969
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 558ms
558ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102636433
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102636243
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 53ms
52ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame E61C 131 B
155 B 66ms
66ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

POST
H3 200 log Show response
play.google.com/ Frame 04F4 131 B
155 B 88ms
87ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 83ms
83ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 82ms
82ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame B7EE 131 B
155 B 109ms
108ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

POST
H3 200 log Show response
play.google.com/ Frame E61C 131 B
155 B 102ms
102ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 553ms
544ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102636819
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102636406
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 539ms
530ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102636883
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1694632102636590
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 78ms
68ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 04F4 131 B
155 B 86ms
85ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 89ms
85ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 564ms
559ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102636885
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1694632102636521
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 535ms
531ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102636968
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102636571
access-control-allow-credentials: true
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame B7EE 131 B
155 B 81ms
81ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 19:08:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 210ms
206ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 559ms
556ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102637286
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102636697
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 547ms
544ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102637358
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102636899
access-control-allow-credentials: true
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A033 0
490 B 206ms
204ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102340668
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1694632102340339
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame A033 87 KB
15 KB 29ms
26ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 13 Sep 2023 19:08:22 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 45
x-cache: HIT
content-length: 15509
x-request-id: eaff00e9-1a1f-45dd-8d5f-dadb7212428d
x-served-by: cache-fra-eddf8230127-FRA
server: Fastly
x-timer: S1694632102.249086,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 65

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 548ms
545ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102637455
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102636790
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 534ms
531ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102637189
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102636899
access-control-allow-credentials: true
content-length: 0

GET
H2 200 elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html Show response
js.stripe.com/v3/ Frame FCDE 820 B
2 KB 27ms
23ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c838997f7bf8588a91589cf4123711db3af117353bbfeda2b64e88d3407c9030

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2050
cache-control: max-age=31536000
content-length: 820
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 18:34:13 GMT
etag: "e43c98648ce4aa66398aba3a03d4d61a"
last-modified: Wed, 13 Sep 2023 17:20:31 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: p8jbLCecbnKWIDszhqeS5GR8Zm-B2PEzMpji7KjLxtRJtxmlgqGDMQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 540ms
536ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102637314
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102637095
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 540ms
537ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102637414
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102637215
access-control-allow-credentials: true
content-length: 0

GET
H2 200 elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html Show response
js.stripe.com/v3/ Frame 7FF4 820 B
2 KB 23ms
23ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c838997f7bf8588a91589cf4123711db3af117353bbfeda2b64e88d3407c9030

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2050
cache-control: max-age=31536000
content-length: 820
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 18:34:13 GMT
etag: "e43c98648ce4aa66398aba3a03d4d61a"
last-modified: Wed, 13 Sep 2023 17:20:31 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: Kc5I5GXa_csV2o8JaSQl9muyxgrja0UcONKMVcsnpKnlK7EH7bkhyw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 522ms
522ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102637795
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102637600
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 535ms
535ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102637703
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102637514
access-control-allow-credentials: true
content-length: 0

GET
H2 200 elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html Show response
js.stripe.com/v3/ Frame 7AC3 820 B
2 KB 23ms
23ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c838997f7bf8588a91589cf4123711db3af117353bbfeda2b64e88d3407c9030

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2050
cache-control: max-age=31536000
content-length: 820
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 18:34:13 GMT
etag: "e43c98648ce4aa66398aba3a03d4d61a"
last-modified: Wed, 13 Sep 2023 17:20:31 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: v_uUMWkI_AuSh6lHhoYarnxQCpDP4-03B7vkXo9nNNnyrgtgNB7udw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 527ms
521ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638156
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102637645
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 526ms
520ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102637967
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102637689
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 499ms
494ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638405
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102637782
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 544ms
541ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638480
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1694632102637934
access-control-allow-credentials: true
content-length: 0

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 7B17 23 KB
23 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fundist-rebel-news.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 07:55:38 GMT
x-content-type-options: nosniff
age: 385964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 07:55:38 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 534ms
534ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638529
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 6
x-stripe-client-envoy-start-time-us: 1694632102638069
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 506ms
506ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638304
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102637847
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 480ms
479ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638079
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102637896
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 520ms
520ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638548
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102638233
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 497ms
497ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638447
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102637998
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 484ms
484ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638436
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102638128
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 497ms
497ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638591
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102638068
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
272 B 469ms
469ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638308
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102638112
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 481ms
480ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638332
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102638176
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 479ms
479ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638432
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102638227
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 510ms
509ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102639162
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102638478
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 517ms
517ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638934
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1694632102638565
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 509ms
509ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102639208
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102638694
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 508ms
508ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102639003
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102638648
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 506ms
506ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638959
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102638679
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 487ms
486ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102638919
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102638735
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
272 B 506ms
506ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102639202
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102638806
access-control-allow-credentials: true
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 57C8 13 KB
5 KB 20ms
18ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2885
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 18:20:17 GMT
expires: Thu, 12 Sep 2024 18:20:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C8D2 829 B
558 B 31ms
30ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4752bc2153fd98debb396670a8d7164c4a0a65762c16ae739ce87064e5236a96

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ijx0tZ-hgUv45lcMh7H6cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rebelnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-ijx0tZ-hgUv45lcMh7H6cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 19:08:22 GMT
expires: Wed, 13 Sep 2023 19:08:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 shared-1ef4dde40625a09cfb9d086e7dccd1d2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FCDE 459 KB
102 KB 25ms
24ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a21699ef714fd9fb7c1c7b29f547e7a7413a429af3187198ca2de6782b137758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:10 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2773
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:46 GMT
server: Cloudfront
etag: W/"8733b02350539f09a646bdb645a3e5ca"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: RikM2Y4licH8ozwujWJsSaxbyr71z2uR_fZ3BBspNMA5nwatocY4PQ==

GET
H2 200 ui-shared-9b0d8562d67ec37bff806d531338e878.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FCDE 306 KB
87 KB 29ms
29ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-9b0d8562d67ec37bff806d531338e878.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9885f9fef429610af34c9467a2f29fa685e5f08e4944498f193daf2cd9b5cbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:38:22 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1840
x-cache: Hit from cloudfront
last-modified: Tue, 12 Sep 2023 17:09:41 GMT
server: Cloudfront
etag: W/"1883414101ffcd6f30de63324803a25c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: SBXeeI53jIAlAgVqS893iKglk8R5CKcxpU3jfui_Lny0Rlp1ctWmVw==

GET
H2 200 elements-inner-payment-request-0dd821e7efa78cf378e75c756cb3871f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FCDE 71 KB
23 KB 30ms
25ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-0dd821e7efa78cf378e75c756cb3871f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

44dffd9aa3ba575e45d2ec321831bedc70d553e746ec9464948c9bb749b91fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:40:06 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1742
x-cache: Hit from cloudfront
last-modified: Fri, 08 Sep 2023 21:23:47 GMT
server: Cloudfront
etag: W/"cccd44029937855c5d201a096fb5d854"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: F8CH34Sznnx0sLGmDlKo6agGQnU3KLMCKVX6b3YZhLIQo_pCoUxIqQ==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame FCDE 20 KB
3 KB 29ms
28ms Stylesheet
text/css 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:53:15 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 913
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 19:34:18 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ZOp5WPebCK26v5IWbC39s_poYrsbbtZrwQ3E5xxJoaE73bVAA6N9qA==

GET
H2 200 elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
js.stripe.com/v3/fingerprinted/css/ Frame FCDE 11 KB
3 KB 28ms
27ms Stylesheet
text/css 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:48:52 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1324
x-cache: Hit from cloudfront
last-modified: Fri, 11 Aug 2023 20:01:10 GMT
server: Cloudfront
etag: W/"828ee6578d45b518446bf74a1cc39038"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: dSlwS7X3mdmpFe0bzmq1HAvbnAFpKsXvjDhh1JZ4P2AD17bkwLZllQ==

GET
H2 200 shared-1ef4dde40625a09cfb9d086e7dccd1d2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7FF4 459 KB
102 KB 31ms
29ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a21699ef714fd9fb7c1c7b29f547e7a7413a429af3187198ca2de6782b137758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:10 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2773
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:46 GMT
server: Cloudfront
etag: W/"8733b02350539f09a646bdb645a3e5ca"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 0LK7eHqvzOygSiA5Pmcv3_5WSmyKGp6hVle4qEdaiNcfIWUoO_nx2w==

GET
H2 200 ui-shared-9b0d8562d67ec37bff806d531338e878.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7FF4 306 KB
87 KB 33ms
31ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-9b0d8562d67ec37bff806d531338e878.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9885f9fef429610af34c9467a2f29fa685e5f08e4944498f193daf2cd9b5cbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:38:22 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1840
x-cache: Hit from cloudfront
last-modified: Tue, 12 Sep 2023 17:09:41 GMT
server: Cloudfront
etag: W/"1883414101ffcd6f30de63324803a25c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 3xEEuiPaRh1RtczVfbKnbMbmeDgIOWyz_zT89WwzJ7C39FzBwF2s9w==

GET
H2 200 elements-inner-payment-request-0dd821e7efa78cf378e75c756cb3871f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7FF4 71 KB
23 KB 30ms
26ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-0dd821e7efa78cf378e75c756cb3871f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

44dffd9aa3ba575e45d2ec321831bedc70d553e746ec9464948c9bb749b91fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:40:06 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1742
x-cache: Hit from cloudfront
last-modified: Fri, 08 Sep 2023 21:23:47 GMT
server: Cloudfront
etag: W/"cccd44029937855c5d201a096fb5d854"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: A9nNiAXyQTNNjtDYl_x8DsOls2buLS7J1TYXcpPJlKu97Yiaw_1KTw==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 7FF4 20 KB
3 KB 30ms
29ms Stylesheet
text/css 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:53:15 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 913
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 19:34:18 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: NyGzmImsgThZhCpsckjBW3_I2OHbww5xq3BmvnU5kr0jI0lSrNzTDg==

GET
H2 200 elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
js.stripe.com/v3/fingerprinted/css/ Frame 7FF4 11 KB
3 KB 32ms
31ms Stylesheet
text/css 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:48:52 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1324
x-cache: Hit from cloudfront
last-modified: Fri, 11 Aug 2023 20:01:10 GMT
server: Cloudfront
etag: W/"828ee6578d45b518446bf74a1cc39038"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gw4Mz8wlaNtgAoXIgaUZLfwk9LRjTR3qLO7B7yf2bF1OYavORv4qeQ==

GET
H2 200 shared-1ef4dde40625a09cfb9d086e7dccd1d2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7AC3 459 KB
102 KB 31ms
30ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a21699ef714fd9fb7c1c7b29f547e7a7413a429af3187198ca2de6782b137758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:22:10 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2773
x-cache: Hit from cloudfront
last-modified: Wed, 13 Sep 2023 17:20:46 GMT
server: Cloudfront
etag: W/"8733b02350539f09a646bdb645a3e5ca"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xEDFAcNP90_UJLcn9AY1PORLl_3US-k9y1x7rAUTAuPUlknCAqAhZw==

GET
H2 200 ui-shared-9b0d8562d67ec37bff806d531338e878.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7AC3 306 KB
87 KB 42ms
42ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-9b0d8562d67ec37bff806d531338e878.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9885f9fef429610af34c9467a2f29fa685e5f08e4944498f193daf2cd9b5cbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:38:22 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1840
x-cache: Hit from cloudfront
last-modified: Tue, 12 Sep 2023 17:09:41 GMT
server: Cloudfront
etag: W/"1883414101ffcd6f30de63324803a25c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ElzR3rB7mUsLcayKy6eB1zON4aw_EUQaO_AScnW2VOs_HFfGzo02qw==

GET
H2 200 elements-inner-payment-request-0dd821e7efa78cf378e75c756cb3871f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7AC3 71 KB
23 KB 28ms
25ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-0dd821e7efa78cf378e75c756cb3871f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

44dffd9aa3ba575e45d2ec321831bedc70d553e746ec9464948c9bb749b91fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:40:06 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1742
x-cache: Hit from cloudfront
last-modified: Fri, 08 Sep 2023 21:23:47 GMT
server: Cloudfront
etag: W/"cccd44029937855c5d201a096fb5d854"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: mjjPId1f_3aT6ytFayGHdDHaPyAQBd4_1CDjPokWSnKOqwwGyEBwYg==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 7AC3 20 KB
3 KB 33ms
32ms Stylesheet
text/css 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:53:15 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 913
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 19:34:18 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: HBUK7RmkyDrLEIRDn-kFMWHAaqOJF4mB2jWFPePzAkDf3OVgBNu47w==

GET
H2 200 elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
js.stripe.com/v3/fingerprinted/css/ Frame 7AC3 11 KB
3 KB 41ms
41ms Stylesheet
text/css 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 18:48:52 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1324
x-cache: Hit from cloudfront
last-modified: Fri, 11 Aug 2023 20:01:10 GMT
server: Cloudfront
etag: W/"828ee6578d45b518446bf74a1cc39038"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ozpV371xV3wW-6IvM_Wj9mPMLRrRsHaRkN2EcMLqlMkFsN0HISv2lw==

POST
H2 200 6 Show response
m.stripe.com/ Frame A033 156 B
666 B 241ms
239ms XHR
application/json 34.216.188.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.188.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-188-66.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0c709f189d32bdbb878f5848dbe8b9417348ed22671516023972697601db3a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102532205
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1694632102531849
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 csp-report
q.stripe.com/ Frame FCDE 0
716 B 205ms
205ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102523840
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102523369
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame FCDE 0
716 B 208ms
208ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102524183
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102523585
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C8D2 0
0 120ms
120ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230912&jk=1753369821826639&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame FCDE 474 B
864 B 22ms
21ms Fetch
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 561374db39fcfebff3cc5d2c12318ac73f83935d2a72e68107dcfd9a98e58c11

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 19:07:27 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Wed, 13 Sep 2023 17:58:34 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 58
etag: "1aa9c9b58a1d583e92dedb69537e195d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: FfEbFcqlLDQiYVo8MlzDWd-rUmF9yLi1Ter_QUHDezOZ2CriLOqESw==

POST
H2 200 csp-report
q.stripe.com/ Frame 7AC3 0
716 B 206ms
206ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102553094
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102552768
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7AC3 0
716 B 209ms
208ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102554181
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102553006
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7FF4 0
716 B 210ms
210ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102555751
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102554759
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7FF4 0
716 B 213ms
213ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.rebelnews.com
URL: https://www.rebelnews.com/joe_biden_stunned_and_plunged_into_sadness_over_potential_indictment_of_hunter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102555573
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694632102554991
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 7FF4 474 B
865 B 21ms
21ms Fetch
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 561374db39fcfebff3cc5d2c12318ac73f83935d2a72e68107dcfd9a98e58c11

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 19:07:27 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Wed, 13 Sep 2023 17:58:34 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 58
etag: "1aa9c9b58a1d583e92dedb69537e195d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: RkYZr79FenwtzHmRQwKyCHZGOOAMPg4w12i5NrbzTjoTc7_tkhT-TQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 7AC3 474 B
863 B 21ms
21ms Fetch
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 561374db39fcfebff3cc5d2c12318ac73f83935d2a72e68107dcfd9a98e58c11

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-e43c98648ce4aa66398aba3a03d4d61a.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 19:07:27 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Wed, 13 Sep 2023 17:58:34 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 58
etag: "1aa9c9b58a1d583e92dedb69537e195d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: DhZx2ss9E65RfUlMtzN1jp_iTla07Pt5jsw3UDiAu69IfWM65DJexw==

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 57C8 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:46:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 06:46:56 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
272 B 317ms
317ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102639201
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102638943
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
272 B 333ms
333ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102639335
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102639010
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 340ms
340ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102639380
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1694632102638919
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 38C1 0
273 B 311ms
311ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102639176
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102638974
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B544 0
273 B 328ms
328ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102639754
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102639049
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 335ms
334ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102639805
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1694632102639189
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 226D 156 B
667 B 207ms
206ms XHR
application/json 34.216.188.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.188.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-188-66.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4a42bc4b27f166cc185981858fd4631760d95844a3d69f09e569b208d8f2a69a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102613866
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1694632102613665
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 226D 156 B
666 B 252ms
252ms XHR
application/json 34.216.188.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.188.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-188-66.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4a42bc4b27f166cc185981858fd4631760d95844a3d69f09e569b208d8f2a69a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102663120
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1694632102662798
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame BE42 156 B
665 B 288ms
288ms XHR
application/json 34.216.188.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.188.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-188-66.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9be76a19dd21ed33d99e0397b48005db5a098de811f7fbf394eae0816310a1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102712811
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1694632102712512
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame BE42 156 B
667 B 334ms
333ms XHR
application/json 34.216.188.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.188.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-188-66.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9be76a19dd21ed33d99e0397b48005db5a098de811f7fbf394eae0816310a1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102763260
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1694632102762632
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 277ms
277ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102647651
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1694632102647382
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 387ms
387ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102828573
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 9
x-stripe-client-envoy-start-time-us: 1694632102828064
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
273 B 360ms
360ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102828472
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102828147
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 241E 0
272 B 361ms
361ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ef4dde40625a09cfb9d086e7dccd1d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
x-stripe-server-envoy-start-time-us: 1694632102828517
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1694632102828222
access-control-allow-credentials: true
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 57C8 0
11 B 19ms
18ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rkJu5w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:08:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 1492 156 B
665 B 267ms
266ms XHR
application/json 34.216.188.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.188.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-188-66.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8aab5585526719b67a2844a63ad5ff5f248b265f671dbd630db6576080dd93ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102813108
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1694632102812803
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 1492 156 B
667 B 316ms
316ms XHR
application/json 34.216.188.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.188.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-188-66.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8aab5585526719b67a2844a63ad5ff5f248b265f671dbd630db6576080dd93ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 13 Sep 2023 19:08:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694632102863367
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1694632102862805
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 122ms
122ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230912&jk=1753369821826639&bg=!TU6lTgHNAAa6D61Rmg87ADQBe5WfOGjrY9YWfzgw5atSRxRJvJnbgnjNVXq657fGjBD5AXRt_UUTkkyNsBz7DGehLdshAgAAAE5SAAAACGgBB5kCtK4YxgRsQNDov6fLR6O3VdDXyDETPSKX_TAX60Gp8S7a4dW4589QJQn2Jekw2SACItptFCFwBMUDpy_IdlquHEuONgPKUpIN9583qTQvpIXeL8kXkodZaoy10r2VJhkmdn6bi7OV3muc8i_gsNspAR9WZ7ETR4DDwXfyNqmwFB5kPDhy_Mf7oODKjpq8SIzFnEOu1dBBa9nkLUtl_KYW1pgnVCvI-kl3f96eIVrEIvgtXpGSoO9HTO5yk1yCaakhQeuHYO9TvXtJMiNZl0BWmug_JXhFwccwdmyZCVU0TcXaGcercYkpMSHHrh90MieVx3Pu1cwjVvrjObIfntF6FUpitB86Mx2DVRKMX3LwSNfafYjlcKQTnvShOd1puMi56r256yEmBaq2mgmTUKuoSOw6YoEc8dkOPMHwjR5e9oy8ahfTZVJySOYWCMbI_qcPx4yf4BDpNzb0oJ5PVntNdJnpxBxQBt9fz9W2o1yMWVh0XEwqsEK2AjW6TmexAmQwVEM4yxlnoM4yLr2ph979tOESf-yzdBYMjD7QzzGp053CIIUSv4PMDnAHHo8UJDnIZ2hyUkceMSkH8T35k1LHgOkwVVA0KHhK-DjLznD4bEL3xNyZ7akGuaxT50MLVXX2z9qZHiVmPCSx0nxv8Jr4hVpJgc4ELkSDjg-TlHOImIlyEihh7bjeI6bvidXyVC69lgIs2ceZVdoS62yK_ph_GicFg3-iYmVNbTEEd973b23B4SAIdvX8H2YCQCgI-ndb-Ikm-nR9Gcnsi5QdbgzGu1EQamEvQAxW83wjlCA45lhUDSbcoDUhgM9BybLPfPXIFSfKgPixuAPlyB6q6BBe7TKGluIgmyo8utavpBCGi3jjIa6qulJkkclK1V7SClczGjd2ENCxebv58jT3DHuobdi2zpEi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rebelnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.rebelnews.com/	1969-12-31 23:59:59	Name: _nbuild_token Value: KFKf7hfKKlYbx7GG6puskQWQRKVXjzsuWyo7mjzs4PQ%3D
.www.rebelnews.com/	1970-01-20 14:43:53	Name: __cf_bm Value: 8bfNsgUzaPzZHISWnjvhGx3nYr46.eTmlmXOtwH857M-1694632097-0-AcCy3teTOR2I1f1lg8RTZf23fuGEe1PtdXnSvwJhFfUnfN0pDDbLVbgp1hZV5ACp9zAVdnKZnOfRTYWbu70gy4A=
.nationbuilder.com/	1970-01-20 14:43:53	Name: __cf_bm Value: 4_ZORBQ7vkcHXUk0Soq_LtE64uqB8QduZHZsydo.0dk-1694632097-0-AS15icG96aj8v30+qu/pnlp3x2HsV28hsgsXo1icYj5KQzfJLVZ+DCo890W832SkOJvc7SkGHse7/7GSbrvwW7E=
www.rebelnews.com/	1970-01-20 15:27:04	Name: modal_form_cookie Value: seen
.rebelnews.com/	1970-01-20 16:53:28	Name: _gcl_au Value: 1.1.889717644.1694632099
.rebelnews.com/	1970-01-21 00:19:52	Name: _ga Value: GA1.2.186837678.1694632099
.rebelnews.com/	1970-01-20 14:45:18	Name: _gid Value: GA1.2.1737008732.1694632099
.rebelnews.com/	1970-01-20 14:43:52	Name: _gat_UA-151986661-1 Value: 1
.www.rebelnews.com/	1970-01-20 23:29:28	Name: cf_clearance Value: QYncVgq4JZiecuIotIjIcjWj6Fj48PgcvVmhnxBLFCw-1694632099-0-1-a0a5de34.3a1a9e60.ea8e777f-0.2.1694632099
.rebelnews.com/	1970-01-21 00:05:28	Name: __gads Value: ID=093bdc137a0a556f-229c3432d5e30060:T=1694632099:RT=1694632099:S=ALNI_MYRXKqf7bcAfTOQWfG-ZoDmqKqPLg
.rebelnews.com/	1970-01-21 00:05:28	Name: __gpi Value: UID=00000da5c11b3e7b:T=1694632099:RT=1694632099:S=ALNI_MaCBgqL8Bkfn5Ult7kqYXvP_6SWPA
.googleadservices.com/	1970-01-20 16:53:28	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 14:43:55	Name: DSID Value: NO_DATA
.google.com/	1970-01-20 19:07:23	Name: NID Value: 511=DhREB8lbZRsVZ6xdCz4TW4_GPASGJtIZp-OrVw367FgtC98MaY5HDscHNyzOOjFEFEFMMxWC2g2BAyC2ay0rXLz1Bs1Y_oUYhizvaIG63KYoEj2pAjtXeKKsRoOfk9FgPiFQExKrTRn_Tlv5FHyHKrG7x-ylX78JJsDmbaAz3ck
.doubleclick.net/	1970-01-21 00:05:28	Name: IDE Value: AHWqTUkoHwQwRV5Cni0W4I1TGJMyUd37OnDJgsHZNDXJhqZk5V1k3yRhiIEsFvlmFRE
.rebelnews.com/	1970-01-21 00:19:52	Name: _ga_ZHKF44EVZV Value: GS1.1.1694632099.1.0.1694632102.57.0.0
.www.rebelnews.com/	1970-01-20 23:29:28	Name: __stripe_mid Value: e4a1579a-39e3-4ff6-948a-2e7e422349b3696b1a
.www.rebelnews.com/	1970-01-20 14:43:53	Name: __stripe_sid Value: 195bac30-de23-42b4-8719-352e8d2e0b2a53e2f2
m.stripe.com/	1970-01-21 00:19:52	Name: m Value: 30102637-f360-4b17-b80d-3e4c2d07a4673c0735

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/iframeresizer.min.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fundist-rebel-news.herokuapp.com') does not match the recipient window's origin ('https://www.rebelnews.com').
security	error	URL: https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/iframeresizer.min.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fundist-rebel-news.herokuapp.com') does not match the recipient window's origin ('https://www.rebelnews.com').
security	error	URL: https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111693593506/default/iframeresizer.min.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fundist-rebel-news.herokuapp.com') does not match the recipient window's origin ('https://www.rebelnews.com').
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.inplayer.com
assets.nationbuilder.com
cdn.jsdelivr.net
challenges.cloudflare.com
connect.facebook.net
d3n8a8pro7vhmx.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fundist-rebel-news.herokuapp.com
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pay.google.com
platform.twitter.com
play.google.com
q.stripe.com
r.stripe.com
rebelnewscss-1756d.kxcdn.com
region1.analytics.google.com
services.inplayer.com
static.cloudflareinsights.com
stats.g.doubleclick.net
syndication.twitter.com
therebel.nationbuilder.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rebelnews.com
104.244.42.72
151.101.192.176
172.217.16.194
18.165.227.24
2001:4860:4802:34::36
23.22.52.7
2600:9000:225e:1a00:19:eb8b:91c0:93a1
2600:9000:24dd:200:5:2cea:4ec0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:7::a29f:802d
2606:4700:7::a29f:8a2c
2606:4700::6810:3965
2606:4700::6810:5814
2606:4700::6811:3b8
2606:4700::6812:bcf
2a00:1450:4001:801::200e
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::5c
2a00:1450:400c:c0c::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a0b:4d07:101::1
34.216.188.66
54.186.23.98
54.187.159.182
54.76.53.164
99.86.4.99
0366197940c089239ccf24a538c6570ecb13718d1b2b30aa21edd6b609ad1a03
05a0f2e2de4b70350884a18c1e41993dd4aa2e0e863eb957504a0fe208eedc9b
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0919948a689e08cb05c08dfa9fb3d0d88ef0b28b364134231d7dc14f747f50b5
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0a7dff9464425212bb2e58ba741cb4ed312280a7202aeae38d3469e2f917cb57
0bb4b47e0cd0628758cd5b9577ea07b7e48348de2273af7b2137fa8f52d8d5ea
0c709f189d32bdbb878f5848dbe8b9417348ed22671516023972697601db3a54
0fddf6dbf00e6b6647c54dda1e6a1e8abc9030f73b91dc3b15b5bbf07d11253e
10075944b043fdd4fa326cdb35579b3ec40ca6d1895474ec94ccd3fe7d447706
1044caa1178bd6d7aa1cd3d7da31070cd443b4c3e78d6055867520c0e56114b5
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2
159aba6e28b599f90c5b291afa9e0da6a6e87c86349631c5f39306861d0494e9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1816fd7a1782e9aa79243318eb8a02554df96f69a3ef42845f342e9155044570
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
19253c279e8c78023dcec68aec9ff458c9555fff66593a342d58a797749ed73f
1c56ffc47b4761b0396058aa73916486a33095af06bba5e72072ae332483dc7f
213c5d1b47e20c95495b7fd80a1a9b41af4b3aaa9605f202654bd2b8a6cfb67c
219a98e8f0c7033c774b0236266fd305af7f72a0883e8108cdc6f7fed8964630
239b0eb40cc57c91fa7aa9c58d9bea7cb2cbd89301e55ae13517a01f0aed73cb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
264c3d9e416626007e6fcc318786ac052c53164a206a97fa07c611660dbb185d
265763bfcb13cf0fd010fc6eb315c6992f4f3e817642c2aa906e0cb940bee7ee
292c319677393083ce52ea6ba29cd67b1a0a1d5190e5c66732d1aafb1170ed13
2c70a1da21b844cbb8306fd4e93182db6e1520fc0bab6b89a981a90e212e9235
2ff05841ffd7a1874183454050ef84f2362aab9233d4d0c8f30af30bf835a4d1
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a6743349e3b26b252b8c979921f57e9f302e1649c4d7d528d0eb8d215b24e9
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
355d5a686095662b4e9b009023065b8c40f094a7dbec780c211acc9eeb709bc2
355d62802c72b7a13be4ba0281a5d9781760fb3bf550df3142f240b221a41218
35789758de8ebe00db488858c0d5809e93589408ff5fc0e022218091501ea89e
36a2d7525af83799c39ae368dbf945430ac61594ca5fa8f0d6fe758f673e1bb6
370c49c5ba241c54b36196c644394dd9f91554a875ab4dbfae6549ca7088dee3
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c9f970621a0ac4681641c66f56c5fb1cebc2ff2f9961594c7879f5d54557f23
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
44d76b0d88eb01366af4b97d398ec6288599908596d9e0542b3adc6385ea4f3e
44dffd9aa3ba575e45d2ec321831bedc70d553e746ec9464948c9bb749b91fd5
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4752bc2153fd98debb396670a8d7164c4a0a65762c16ae739ce87064e5236a96
4a42bc4b27f166cc185981858fd4631760d95844a3d69f09e569b208d8f2a69a
4ab6b2156d6519ee95394a33c81006f3f9eee6cba8f736ae4a49300ddaf7969f
4dfda583d0aad93d493f4eb9f7623c2746149a36ef4f92e8eeca47dd54cd1030
4ee1abb09a0a4db5624bd18254d92379361e4d9c20f0335c3dbe3728ecdcd658
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
53ba6e49ea8e838495e817f4a8f410a426f8083bfe560ea623823985b1a005cc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561374db39fcfebff3cc5d2c12318ac73f83935d2a72e68107dcfd9a98e58c11
59d97a5a18933e0b52529a581d9a51bfe2d79210789158412e0937a6dd32f410
5b4c2027350f4bfdf91c56ebb416268a1cb6718ed93a812ab251fa0a48da3519
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
5dd83c7ab77c8d07b1269011bada1bf2d875a52c4a18ed2059f7dbe00d431574
5f3ca08629dbf4b97858143154de2a7b48c4c671d6849b56aa592033a2546cf3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
666ea8fccc6357315c19049cba0ee7b821e5898d5b0d7d2273c03196e664cef8
69719c91d75ed1b6aba9e5b88795ccc5566af13128555810c5376841d2c76fb7
6b0acb48f399c880b5f581a9137825c84e2f8c7fc570ba807b51b2be80f8ac31
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b986cc934432b19f05b4a2f0d0f5fbeb96cf698b545465df15cf53c35ecd196
6e51b39b935c7d0ffb35a8c983c49209aab324ffe297a272bb1c7ddeb7541ea9
6eaf243e54b530454f1552f3c3b848d9093e559bf4d44869ac10c37bdb63b488
6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a
7229a4577045e6fb4fb04b260316147d695f4648b7b9eafc56996d7de7f3fe04
764109e2840b895aa4d85330c0042453f040d1a8385a2c35b996e76341c8346c
77442162b7dce49e21676143e5e1b4a4794864bd72e1f855f6f89a88d45cab1e
7a2a885ced31775688b02c8e38311884e2894c8d4b65aa5d23d7c7b879a371b4
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
814c8c3e6d3002492af4072c7de4181dced967721f00e892dea2ec25f05210fd
81af49b01a69139978210134c8b311c60ebe055d5ec844f9b10b6beb0cc33ef6
829ad3ed0c2f892e7df84989078dd4246fc0a5f1a179439e6314462465dbb2f6
83dbdaac66a11adf187c138f98bd930dc1bc6cb951214d2903edf9602dc3ba8c
843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166
8852b76884a908641b32805f679f9b4864f20dd071233fab986135c9920b3ca1
8a4ec54225700a8d0a673739815da8a4d609d9ff38bd6d238ce735e37f7cdf56
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
8aab5585526719b67a2844a63ad5ff5f248b265f671dbd630db6576080dd93ca
8ac053e0ccc40ad525c810d904c0a17e79d71d60e69458580026fa7adcdada1f
8e216ef6426028ff54f8706b86c8ea7243a5cdbecbbbcf72ecac62b5a8541c0b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91f5dd2e3010c02d53b39b7976bd035a582f929c5563a356a76fd84b4b11dc31
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9885f9fef429610af34c9467a2f29fa685e5f08e4944498f193daf2cd9b5cbc1
98e80999c79fa2a235d33c805d09527810cf18bc38d2c5495ff25cc42ed7ddc1
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
997e1bdccc2046e6ab9fc361a9340cfdaa49bd28d9b6157b9020dffe8512453e
9be76a19dd21ed33d99e0397b48005db5a098de811f7fbf394eae0816310a1f3
9f8a32eb3c1d6bfd89189d8b25f75c3365e45760f8d10de20f16f26e9da727db
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a01583bb1046d42e54d2ddf18e6659d54025b7db0a792464dba2a2572e23c696
a21699ef714fd9fb7c1c7b29f547e7a7413a429af3187198ca2de6782b137758
a44e537eb0dfe0dfdb3a7ab134b25790c6f99e33436bf603e879598ec164a9fd
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
aa27ce9979168a3dcd6dc4279b6158a7eb1b78c137e4b160717ae07d811141d1
aa354db55bf821c4a43ea906bb27cae810f4afc7305f441696f4ed5bb5d9543b
aa94da4ebb7486eca07cced021b0b2512678a1e07c54edab548f8f1c4021181e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac39a2835304dd00b420774ba94d34b480c0c58f3e8963a945127d71bb88aa53
ad2b369a9fad37f4d0c2bd23746d9c4b8be3cbba24baf781f25a853246875fe3
ad6e29b6b24bfac850f56d8c808d77f8e6477da0dd0993b87d0faf5acd894d11
adb0b68a61c32480585085ef7fe5e2618fb67179a24a572d947808fabadecd0a
af113010d3cb5d5d56f44c72caf7cc1d62596909485b69171c01c9ddb2774e5b
b0738f6af798c2dd78ada1779be0b1f57cd151ef746e38c2849cebd53b839dcf
b1bcd36950e0cd2e7c1d94806420176e3a46a5e59685b23bb5f52e0bf1bd0c62
b50ca410d6ac5611af69438f071ab9b9e3881d0d5d134fb6dec83a0bf06d57ac
b8117c5a6621d13fc50a7a3a528aa4ea0ebcf94c619fa0591cc146e600ab0fa0
b83557d147c1394b0fc00568863c4873ba6a1b742ff1a9c286ed5264c8f445d7
b891794d1d6d5c58c744ec2bb2ca47684d75ca6ec8c63b7b34be1886f7e19906
b8a803ffb4fef3ac3d5bcc99239abb1d3e1f4e2858f54c2fe135c88648f45656
b9357ce5562b97ec4994bb02f50161cf71189358bf77f8a2667bd7e12cb953f3
bc4a90e5c0f890d1f8668b26236db8f1d35448714f9812270008613d7b0ad0d2
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c21ea2a0ec1a9c48686c58d481b308e247fa9f747d2208099ce598ef823e555c
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c2d17f5c65a7fbd197b7a65357ac82be1a4ff51b2932b32fd233152158bca307
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c63fbe27b5ec54fcceac224a62ccfe9eedcedfe2047880b0683df29451fb27c5
c838997f7bf8588a91589cf4123711db3af117353bbfeda2b64e88d3407c9030
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
cad8491124a34a04a98cc1ccabdd735e6e8cf35c753b73afc1765ce4723fdd49
cc6188d577695e0ea6e5fb16080529d197903ffb763a5241a594d6288bf21e1c
cee552dbd0aeb03b2390ceb280beeae96087773d98ed412aafe5af20032307bf
d0a280e23c0dbdd7ae4b610f0a74fb0a7259d58ddadccc2ddef2e590f1325d3d
d1749f8329dc8a38cb50470193ed3826aa7ed79f4f470665327cc1aaa2aa6e6e
d35ba76c48e46467c560e775b9c1fc0341936db69fbcba554f7f5143b0e188d4
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
ddb28fa080da256666c27e044e667722ca48af8a9f37512b3b57d7aa64ad4ad8
dde4a072c30878ceaed8fa4cf1cba223d692dc727eef3c5d4e2bdd683530a057
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0b9fd745eb7fba2fcef71f960ddd5d85c666b2c78b9f14a83c6dba0d70e4de4
e2fbe009be97318df7b58b55e699513f43d710a5b66ecf198790958d2acc217f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98f0f82e4621f52910bef54affe938caca322728484563378131c51317ef768
ea0a576035aacc2ac4cbc449e78babe48275635c2c2a55b42dc549c050c3c0b6
ea7d0a4836a8cbdcd622bfe154b241f7d9804ed9eb75f311def058e3bbed4379
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f8417abe7993d52fce44df7ffdbe1d8d341edb316e80afabb8295aad05e62422
f9358b278c65de2c0707bdbf242d64b1212939659115f6af44fe904b4b4a9f79
fcfee70144904fd3988afe1169ffc8d774b0a6366d7cd9dc214dbee02d8a41cd

www.rebelnews.com Open in urlscan Pro 2606:4700:7::a29f:8a2c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

463 Requests

98 %HTTPS

74 %IPv6

25 Domains

40 Subdomains

40 IPs

5 Countries

22093 kBTransfer

44449 kBSize

19 Cookies

14 Outgoing links

Redirected requests

463 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.rebelnews.com Open in urlscan Pro
2606:4700:7::a29f:8a2c Public Scan

Screenshot
Live screenshot

Full Image

463
Requests

98 %
HTTPS

74 %
IPv6

25
Domains

40
Subdomains

40
IPs

5
Countries

22093 kB
Transfer

44449 kB
Size

19
Cookies

463 HTTP transactions
14 data transactions