bestnewshere.com Open in urlscan Pro
149.28.118.2  Public Scan

42 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbestnewshere.com%2F&domain=bestnewshere.com&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=4trbYnxocHZyQ3ZSVkZUa3ViSzd3UTZSVUZtZlZ5MWs1bzVOUy8wMHZnQ1d2V2VBZ2c4VDNuZWV3NFRqbDdseUNkeEkySDZEemFpSzFkWnBnMER3S1VucUlSeW14ZWs0bk84dlZvVExOdVVwRDZYazgrNTd3dkRlV3pWbmlESmo1cmh4N1E3aVpzaHc4emMzR2QxRElRbjBseWVFSk5pM29HOGVDRzNBbUk5QVAwRjdGeE5MeG8wdTFRUGU5WXcrRGxoWXdqUk9DMC9wK29Ld25za01SeWF4N2xEbnpKcE1CSEk4cG9rQ2xjejk2UlEwPXw&cppv=2

Request Chain 52

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbestnewshere.com%2F&domain=bestnewshere.com&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=GZz0AHwyS3hZWnErdnRUTFlSSVhlSzIwTFVjNk5yUU1PeUdBNmxKRWpURm01R1QxVHJtd0lUeU9NcUh3WE1UUGVzVU5OcXVHMW5TT0lweWdFTUNTZjNzTkh1MUdNU3RGUHE4dTZrS0tLYzFpWWIzb1JiRDZ3bWJtSXdya0ZKbWNsTlpxcnkyaFJqR251UFA2VWpVcjRLcU5SUjRqVTRJc3ozQk11U2E1WUQvVHArUDZBOGFwNks4dnhQd25NL0V6cTdLZFIrRlQ2ZDdUQzFnY2xRNUpnaFoxdU9tWTVxZ3FkdWhVQjU1T2FvV0o5K3UwPXw&cppv=2

Request Chain 54

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbestnewshere.com%2F&domain=bestnewshere.com&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=T4SsKXxaRysxTm1oRDY0UG93Z3UreFlqOGJ5NW5aUEp2M1VzMDFmcTdNUUtkaFg2OWRLMHJUZWx0Yy9qY2NxSFIrbyszdE5pNHhaQWRvc3VXWWxYam9nc2cwUDdEV0drRmRBNDRIOTNuaVQ0RWp3ZG1aQXk0VVo1UlhwSkhUYXcvU0p1cXA2aThDRkY4RUVSUDE2b0IwRDEwakticzJwMlFsd1lxRmgzWVpsa1VsOEdBbk5ySEhhaE5idjNNYW1sY3ZDYWthTEZqVVYrSXQ5TCtFSGppR1kzTmhYMzZSZGZoV1ZFS084QVd3VVJRc0kwPXw&cppv=2

Request Chain 58

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbestnewshere.com%2F&domain=bestnewshere.com&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=A3QUMHxhUlNpTFJyeWFBNVdieENZLzdVY0gwdUlXdCtLSHh5K3FYcEtNQlVnMm55WWJpQlpGMmppOEpQNXhLVy8wUXRmcDVSNktwYnJVUXV0VjRnb1FrRU1LNlVxaGVQSTY1MEZFc0VvYys0OHVuWDZtUVpEN1JuLzRxR2tWekZOWmFqcEg3NFpqK0dtOVIwa0x1MjBVVzJLNWt5bHVKaTY2bnR0NjRZNUx1QXpVWnI1dEw4d2JRS21BcEJzTVUrclZlc0JOS0xUdGV1WVNsd0dydzlEcEg0WkdGcGtldGtIME42UU5VKzlJUFlQdVpvPXw&cppv=2

Request Chain 131

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 133

• https://x.bidswitch.net/sync?ssp=mgid HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
• https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid HTTP 302
• https://x.bidswitch.net/sync?dsp_id=70&user_id=4979732836795298135&ssp=mgid HTTP 302
• https://cm.mgid.com/m?cdsp=433145&c=e588748c-ec59-4544-a12b-db4a8c753766&gdpr=&gdpr_consent=&us_privacy=

Request Chain 135

• https://creativecdn.com/cm-notify?pi=mgid HTTP 302
• https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
• https://cm.mgid.com/m?cdsp=501037&c=kukMiME15PTV8SpJKEWR&pi=mgid&tc=1

Request Chain 137

• https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
• https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
• https://cm.mgid.com/m?cdsp=287839&c=855ea237-46e0-4c76-be66-c96fb86d14af

Request Chain 138

• https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGIzNm84V3dEbnc4&muidn=lb36o8WwDnw8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGIzNm84V3dEbnc4&muidn=lb36o8WwDnw8&google_tc= HTTP 302
• https://cm.mgid.com/google?muidn=lb36o8WwDnw8&google_ula={guid},5&google_gid=CAESELaeNH3E88svzb0Mqkxtq6o&google_cver=1

Request Chain 139

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
• https://cm.mgid.com/m?cdsp=371158&c=f5aed51c-54d1-4343-bde7-bf1144174493&ttl=1641141127

Request Chain 140

• https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
• https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
• https://cm.mgid.com/m?cdsp=665953&c=20ce8fbe-29dc-45c6-b3b7-8be1c24b4888

Request Chain 141

• https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lb36o8WwDnw8 HTTP 302
• https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
• https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=5907245826734858392&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 142

• https://x.bidswitch.net/sync?dsp_id=303&user_id=lb36o8WwDnw8 HTTP 302
• https://crb.kargo.com/api/v1/bswsync?bsw_uuid=e588748c-ec59-4544-a12b-db4a8c753766&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

Request Chain 176

• https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D42%26key%3D HTTP 302
• https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D42%26key%3D&s=190719&C=1

Request Chain 177

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
• https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east

Request Chain 190

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YapGh1rj3KoemgqGuGSxogAABHQAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG2GYCK3iTrSnXG7oVOMNMA&google_cver=1

Request Chain 191

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YapGh1rj3KoemgqGuGSxogAABHQAAAIB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YapGh1rj3KoemgqGuGSxogAABHQAAAIB&dcc=t

Request Chain 193

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YapGh1rj3KoemgqGuGSxogAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPvrn4-hl6g9PqlRss3fIUQ&google_cver=1&gdpr=1

Request Chain 196

• https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YapGh1rj3KoemgqGuGSxogAA%261140?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YapGh1rj3KoemgqGuGSxogAA%261140?gdpr_consent=&us_privacy=&gdpr=1

221 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/	62 KB 14 KB	360ms 126ms	Document text/html	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash 09c60894eb3cddf0ae2eab3fbc7ee283de4ef1e39badc6eae620aa48077b4e40 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Fri, 03 Dec 2021 16:32:05 GMT content-type text/html; charset=UTF-8 content-length 13659 x-pingback https://bestnewshere.com/xmlrpc.php link <https://bestnewshere.com/wp-json/>; rel="https://api.w.org/", <https://bestnewshere.com/wp-json/wp/v2/posts/24577>; rel="alternate"; type="application/json", <https://bestnewshere.com/?p=24577>; rel=shortlink cache-provider CLOUDWAYS-CACHE-DC content-encoding gzip vary Accept-Encoding last-modified Fri, 03 Dec 2021 12:58:41 GMT cache-control max-age=0 expires Fri, 03 Dec 2021 12:58:41 GMT age 12804 x-cache HIT accept-ranges bytes
GET H2	200	style.min.css bestnewshere.com/wp-includes/css/dist/block-library/	79 KB 10 KB	129ms 127ms	Stylesheet text/css	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Wed, 21 Jul 2021 03:42:57 GMT server nginx etag W/"60f797c1-13abe" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000
GET H2	200	scriptlesssocialsharing-style.css bestnewshere.com/wp-content/plugins/scriptless-social-sharing/includes/css/	2 KB 847 B	130ms 128ms	Stylesheet text/css	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/wp-content/plugins/scriptless-social-sharing/includes/css/scriptlesssocialsharing-style.css?ver=3.1.6 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash 8cd9d704e6f42c7b473766cd51927ba0a6723b339ff0e1173989f66576d802c5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Tue, 09 Feb 2021 01:34:46 GMT server nginx etag W/"6021e6b6-989" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000
GET H2	200	all.css use.fontawesome.com/releases/v5.10.2/css/	55 KB 13 KB	37ms 19ms	Stylesheet text/css	2606:4700:3037::6815:4e07 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.10.2/css/all.css?ver=5.10.2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 12947039 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id 4MW7A81SS7Y35FVN x-amz-id-2 6BqxwlCn+jprvaIgUiBbkfj+QNkiC2WmMpm5pxhqxDPyFxOLTvsb4gssg8dSs+evnnizugUL88g= last-modified Wed, 30 Jun 2021 15:36:08 GMT server cloudflare etag W/"164a58dcca37a5b00c22e06ee8e2fc68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l11YkFKFUvwBbpgK3QNPcWHkN2Z5jVVfajBagC4YAb3Akdl%2Byi8NqjMJHYcEcJhw3%2FZwMXgVJHB9mtBXUYDe5NbDlzjuE3gQ%2FIciqfL0CE5DIn9JCnuVXymZrFVngS8mbWn%2FqHNR6931XPjpIsAxPPhB"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 6b7e30633f2f0eab-FRA
GET H2	200	scriptlesssocialsharing-fontawesome.css bestnewshere.com/wp-content/plugins/scriptless-social-sharing/includes/css/	1007 B 487 B	135ms 133ms	Stylesheet text/css	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/wp-content/plugins/scriptless-social-sharing/includes/css/scriptlesssocialsharing-fontawesome.css?ver=3.1.6 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash d298301d93d7cb69af9a377f3f193e22dad1a6e053f3d3826a43813473c9fb32 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Tue, 09 Feb 2021 01:35:14 GMT server nginx etag W/"6021e6d2-3ef" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000
GET H2	200	reset.css bestnewshere.com/wp-content/themes/flex-mag/css/	1 KB 767 B	135ms 134ms	Stylesheet text/css	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/wp-content/themes/flex-mag/css/reset.css?ver=5.8.2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash 2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Tue, 09 Feb 2021 01:32:02 GMT server nginx etag W/"6021e612-434" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000
GET H2	200	font-awesome.css netdna.bootstrapcdn.com/font-awesome/4.4.0/css/	32 KB 7 KB	50ms 24ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=5.8.2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 565, 718, 718 age 1980595 cdn-cachedat 2021-06-06 22:32:03 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:54 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 97ecd9a50c2d3ff03961ca573651b70d cf-ray 6b7e30634adf6903-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	style.css bestnewshere.com/wp-content/themes/flex-mag/	96 KB 15 KB	167ms 165ms	Stylesheet text/css	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/wp-content/themes/flex-mag/style.css?ver=5.8.2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash cc37f65dc37a6ee1ee6478bdf3fe663b9d7a4e446a584f7eea756f77cb1c128d Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Tue, 09 Feb 2021 01:34:26 GMT server nginx etag W/"6021e6a2-181ce" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000
GET H2	200	style-entertainment.css bestnewshere.com/wp-content/themes/flex-mag/css/	4 KB 1 KB	173ms 172ms	Stylesheet text/css	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/wp-content/themes/flex-mag/css/style-entertainment.css?ver=5.8.2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash 561cd60795008e6d3713619a66f144b405ad565c173e1ecd46a2597c368ab119 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Tue, 09 Feb 2021 01:35:33 GMT server nginx etag W/"6021e6e5-119d" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000
GET H2	200	media-queries.css bestnewshere.com/wp-content/themes/flex-mag/css/	91 KB 9 KB	192ms 191ms	Stylesheet text/css	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/wp-content/themes/flex-mag/css/media-queries.css?ver=5.8.2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Tue, 09 Feb 2021 01:31:42 GMT server nginx etag W/"6021e5fe-16af9" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000
GET H2	200	jquery.min.js Show response bestnewshere.com/wp-includes/js/jquery/	87 KB 30 KB	245ms 244ms	Script application/javascript	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Wed, 21 Jul 2021 03:42:57 GMT server nginx etag W/"60f797c1-15db1" vary Accept-Encoding content-type application/javascript cache-control public, max-age=2592000
GET H2	200	jquery-migrate.min.js Show response bestnewshere.com/wp-includes/js/jquery/	11 KB 4 KB	282ms 281ms	Script application/javascript	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Tue, 09 Feb 2021 01:34:43 GMT server nginx etag W/"6021e6b3-2bd8" vary Accept-Encoding content-type application/javascript cache-control public, max-age=2592000
GET H2	200	css fonts.googleapis.com/	50 KB 3 KB	40ms 17ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 690171e371c6a19019d406143fb4244572ee418eb19adc29f6e87e552c0e4544 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 03 Dec 2021 16:10:45 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 03 Dec 2021 16:32:05 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 03 Dec 2021 16:32:05 GMT
GET H2	200	IMG-9c5ba4442302d594b19b5b9c6c3627a2-V.jpg bestnewshere.com/wp-content/uploads/2021/05/	13 KB 14 KB	154ms 152ms	Image image/jpeg	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://bestnewshere.com/wp-content/uploads/2021/05/IMG-9c5ba4442302d594b19b5b9c6c3627a2-V.jpg Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash a4fb6e71ff4b3e20ddae588929632b1b0cdb672d0db0d6c1b7c00ffeb63ee098 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT last-modified Fri, 21 May 2021 23:46:13 GMT server nginx etag "60a84645-355e" content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 13662
GET H2	200	bestnewshere.com.1093798.js Show response jsc.mgid.com/b/e/	2 KB 1 KB	68ms 33ms	Script text/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/b/e/bestnewshere.com.1093798.js Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b6bcc8d95f7323b753be629c9ffca9ef1297b1f6e9db0acdf0bda3c6b34d4fe Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding br cf-cache-status HIT age 3920 last-modified Tue, 30 Nov 2021 07:41:20 GMT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id CV5GSXB1J5ZTH9JC x-amz-id-2 f63LGCEGnYdo42ONJfIskSoM9UJ7zD1cMyFfeIa6/GJrZjwjJCwVRudg0uJm6QsT+BPAZ5pa0VY= cf-bgj minify server cloudflare etag W/"3fdc8ac33af6e1d8fece572d1c247b19" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 6b7e30653f9b68eb-FRA expires Fri, 03 Dec 2021 19:32:05 GMT
GET H2	200	delivery.js Show response assets.revcontent.com/master/	192 KB 62 KB	91ms 27ms	Script application/x-javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://assets.revcontent.com/master/delivery.js Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software AmazonS3 / Resource Hash 6c5ba5de44dc2151422e69dd3be56227262e1522190b621a1bd429fcf9f45f2c Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Thu, 02 Dec 2021 22:31:13 GMT server AmazonS3 x-amz-request-id 82HWD117K4ECE61Y etag "d48ef2cdb4ac60d2952593d7c8031fde" x-hw 1638549125.cds017.ml1.hn,1638549125.cds214.ml1.c content-type application/x-javascript access-control-allow-origin * cache-control public,max-age=60 accept-ranges bytes content-length 63415 x-amz-id-2 eokGEruLqHNwIq0T4DLvFnnf3h3RNY9sjllbKoj2PgKdkP7+vgsnPnziZ2xGnGuYHAaddjhcnAU=
GET H2	200	bestnewshere.com.1059382.js Show response jsc.mgid.com/b/e/	2 KB 1 KB	64ms 30ms	Script text/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/b/e/bestnewshere.com.1059382.js Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f3cbc48d20402c8d96f8e76445244d38166eb0f03fa80698e5eacf207794a5c Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding br cf-cache-status HIT age 3920 last-modified Tue, 30 Nov 2021 12:43:43 GMT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id CV5XKYGWKCJY2NGF x-amz-id-2 ECTharBdzRnej06UkZ8yMQvSWpmFSvKgmBlE5VOvAiZckccMRAUUL/KZsK1lOtx0FtQSYMkDNkk= cf-bgj minify server cloudflare etag W/"bf23588b18c3c04b995bde8692befc53" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 6b7e30653f9e68eb-FRA expires Fri, 03 Dec 2021 19:32:05 GMT
GET		/ bestnewshere/	0 0
GET H2	200	comment-reply.min.js Show response bestnewshere.com/wp-includes/js/	3 KB 1 KB	111ms 110ms	Script application/javascript	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/wp-includes/js/comment-reply.min.js?ver=5.8.2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Thu, 15 Apr 2021 03:42:56 GMT server nginx etag W/"6077b640-ba8" vary Accept-Encoding content-type application/javascript cache-control public, max-age=2592000
GET H2	200	scripts.js Show response bestnewshere.com/wp-content/themes/flex-mag/js/	142 KB 33 KB	126ms 126ms	Script application/javascript	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/wp-content/themes/flex-mag/js/scripts.js?ver=5.8.2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Tue, 09 Feb 2021 01:34:31 GMT server nginx etag W/"6021e6a7-237aa" vary Accept-Encoding content-type application/javascript cache-control public, max-age=2592000
GET H2	200	retina.min.js Show response bestnewshere.com/wp-content/themes/flex-mag/js/	1 KB 881 B	141ms 140ms	Script application/javascript	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/wp-content/themes/flex-mag/js/retina.min.js?ver=5.8.2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash a4b979b136d37e751132c84dfb54d711e029081fa3bb1fa33f2d9150b9f5dd5e Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Tue, 09 Feb 2021 01:33:16 GMT server nginx etag W/"6021e65c-564" vary Accept-Encoding content-type application/javascript cache-control public, max-age=2592000
GET H2	200	wp-embed.min.js Show response bestnewshere.com/wp-includes/js/	1 KB 934 B	142ms 140ms	Script application/javascript	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/wp-includes/js/wp-embed.min.js?ver=5.8.2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Tue, 09 Feb 2021 01:33:43 GMT server nginx etag W/"6021e677-592" vary Accept-Encoding content-type application/javascript cache-control public, max-age=2592000
GET H2	200	wp-emoji-release.min.js Show response bestnewshere.com/wp-includes/js/	18 KB 5 KB	156ms 155ms	Script application/javascript	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://bestnewshere.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip last-modified Wed, 21 Jul 2021 03:42:57 GMT server nginx etag W/"60f797c1-4705" vary Accept-Encoding content-type application/javascript cache-control public, max-age=2592000
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	28ms 7ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 3422 date Fri, 03 Dec 2021 15:35:03 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 03 Dec 2021 17:35:03 GMT
GET H2	200	fontawesome-webfont.woff2 netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/	63 KB 64 KB	31ms 17ms	Font font/woff2	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 Requested by Host: netdna.bootstrapcdn.com URL: https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=5.8.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=5.8.2 Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 756 age 3272365 cdn-proxyver 1.0 cdn-cachedat 08/08/2021 23:07:32 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 64464 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:54 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type font/woff2 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid cad40f77296f03d514ef731fd95b992d accept-ranges bytes cf-ray 6b7e306519944a6e-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v18/	19 KB 20 KB	44ms 17ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 07:59:11 GMT x-content-type-options nosniff age 289974 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19844 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:10 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 30 Nov 2022 07:59:11 GMT
GET H2	200	QGYsz_wNahGAdqQ43Rh_fKDp.woff2 fonts.gstatic.com/s/worksans/v13/	47 KB 47 KB	46ms 20ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 13:26:13 GMT x-content-type-options nosniff age 11152 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48480 x-xss-protection 0 last-modified Wed, 10 Nov 2021 18:05:58 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 03 Dec 2022 13:26:13 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	20 KB 20 KB	45ms 19ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 13:18:02 GMT x-content-type-options nosniff age 11643 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20040 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:44 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 03 Dec 2022 13:18:02 GMT
GET H3	200	fa-brands-400.woff2 use.fontawesome.com/releases/v5.10.2/webfonts/	73 KB 74 KB	32ms 22ms	Font font/woff2	2606:4700:3037::6815:4e07 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.10.2/webfonts/fa-brands-400.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/releases/v5.10.2/css/all.css?ver=5.10.2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d Request headers Referer https://use.fontawesome.com/releases/v5.10.2/css/all.css?ver=5.10.2 Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT access-control-allow-methods GET vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 12946944 cf-ray 6b7e30651d2305b3-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 74524 x-amz-id-2 3iTHus/TS5Gg+0Ek0ZfnDyDnKH2PgUKVZplLE+dRkZ51AANPHQaz5gDCMtq4mbO9g5INalcwODg= last-modified Wed, 30 Jun 2021 15:36:28 GMT server cloudflare etag "3e1b2a654a784ceb385157140b4ccd71" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekFOrsw4HyTaSOeSDaVfNeLLL4yvXPOioEZG%2FAjPlEBKn8rqjn1R1GpkXSVm%2B85FtlVD%2B6cp5yhOQBiRxY3kxeFhPixhas%2FyiRU%2FlA2tCr39D4B3Un6UKMRvhm5EuWz89s%2Fg4P9%2BxalZB3x77bpcr0FF"}],"group":"cf-nel","max_age":604800} x-amz-request-id F81BNC9PPNN1EAWB access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes content-type font/woff2
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v20/	22 KB 23 KB	33ms 7ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 04:27:49 GMT x-content-type-options nosniff age 43456 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22992 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:18:57 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 03 Dec 2022 04:27:49 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v20/	23 KB 23 KB	34ms 13ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 29 Nov 2021 21:26:28 GMT x-content-type-options nosniff age 327937 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23484 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:19:01 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 29 Nov 2022 21:26:28 GMT
GET H2	200	Ghislaine-Maxwell-Trial-Coverage-Sparse-as-MSM-Wages-Massive-Fearmonger-Campaign-on-%E2%80%98Omicron-Variant-e1638279650138.jpg bestnewshere.com/wp-content/uploads/2021/12/	76 KB 76 KB	148ms 148ms	Image image/jpeg	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://bestnewshere.com/wp-content/uploads/2021/12/Ghislaine-Maxwell-Trial-Coverage-Sparse-as-MSM-Wages-Massive-Fearmonger-Campaign-on-%E2%80%98Omicron-Variant-e1638279650138.jpg Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash 1ff1da793269d919de6509721456662e4b617395d33385870853fb8d6fbe8e99 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:05 GMT last-modified Fri, 03 Dec 2021 00:44:10 GMT server nginx etag "61a9685a-12ef6" content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 77558
GET H2	200	JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	20 KB 20 KB	26ms 24ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 04:13:50 GMT x-content-type-options nosniff age 44295 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20016 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:21:37 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 03 Dec 2022 04:13:50 GMT
GET H2	200	download-1024x768-1-300x180.jpg bestnewshere.com/wp-content/uploads/2021/08/	8 KB 9 KB	197ms 196ms	Image image/jpeg	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://bestnewshere.com/wp-content/uploads/2021/08/download-1024x768-1-300x180.jpg Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash fdcd99bbf5f9f20b5da56aa30fd21e0dfff93aa85041ca0e2d64acebae05d8dd Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT last-modified Tue, 31 Aug 2021 16:06:07 GMT server nginx etag "612e536f-21d6" content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 8662
GET H2	200	0-32-1024x596-1-300x180.jpg bestnewshere.com/wp-content/uploads/2021/07/	11 KB 11 KB	207ms 205ms	Image image/jpeg	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://bestnewshere.com/wp-content/uploads/2021/07/0-32-1024x596-1-300x180.jpg Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash ba44c5137390df2bc9d79cf9404ac497d9f71e494605b69c0d020c58b3361b80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT last-modified Fri, 23 Jul 2021 21:43:05 GMT server nginx etag "60fb37e9-2c7a" content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 11386
GET H2	200	MOSHED-2020-3-1-23-48-48-300x180.gif bestnewshere.com/wp-content/uploads/2021/08/	7 KB 7 KB	214ms 213ms	Image image/gif	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://bestnewshere.com/wp-content/uploads/2021/08/MOSHED-2020-3-1-23-48-48-300x180.gif Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash e70db3da0c050d6d7612679670a1dfc348b03258f47c4733aa91c05040ef720c Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT last-modified Wed, 04 Aug 2021 22:51:16 GMT server nginx etag "610b19e4-1d0a" content-type image/gif cache-control public, max-age=2592000 accept-ranges bytes content-length 7434
GET H2	200	download-6-300x180.jpg bestnewshere.com/wp-content/uploads/2021/07/	13 KB 13 KB	224ms 223ms	Image image/jpeg	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://bestnewshere.com/wp-content/uploads/2021/07/download-6-300x180.jpg Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash 75f693739105932866d638973167a2aadbf6b144f5f7dda0378e76811c54110c Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT last-modified Sun, 19 Sep 2021 01:30:48 GMT server nginx etag "614692c8-3274" content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 12916
GET H2	200	9ADCA517-B7CB-4808-8DD1-4873E688B595-300x180.jpeg bestnewshere.com/wp-content/uploads/2021/11/	16 KB 16 KB	229ms 227ms	Image image/jpeg	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://bestnewshere.com/wp-content/uploads/2021/11/9ADCA517-B7CB-4808-8DD1-4873E688B595-300x180.jpeg Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash 1c8f3113da15d4b3a5b514fe6327a0fed5715926b163ff58288e417f9169de29 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT last-modified Sun, 28 Nov 2021 16:07:27 GMT server nginx etag "61a3a93f-3f50" content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 16208
GET H2	200	MGXjmJsscKFETTS9fHGA80WH_640x360-300x180.jpg bestnewshere.com/wp-content/uploads/2021/08/	16 KB 16 KB	229ms 228ms	Image image/jpeg	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://bestnewshere.com/wp-content/uploads/2021/08/MGXjmJsscKFETTS9fHGA80WH_640x360-300x180.jpg Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash a97c1c5a2644a31e8443a0cf374a80a32d97da09e62da850505a352d6bc76fc1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT last-modified Thu, 05 Aug 2021 20:16:37 GMT server nginx etag "610c4725-4019" content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 16409
GET H2	200	EC0F2BGYFYfx1VKdJYhVO34v_640x360-300x180.jpg bestnewshere.com/wp-content/uploads/2021/10/	19 KB 19 KB	229ms 228ms	Image image/jpeg	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://bestnewshere.com/wp-content/uploads/2021/10/EC0F2BGYFYfx1VKdJYhVO34v_640x360-300x180.jpg Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash 28efb04ddbd534b09556412478e3005a130458f8c7b5bfd08b66e81402565f8e Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT last-modified Fri, 01 Oct 2021 23:05:15 GMT server nginx etag "6157942b-4a11" content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 18961
GET H2	200	supreme-300x180.jpg bestnewshere.com/wp-content/uploads/2021/08/	14 KB 14 KB	229ms 228ms	Image image/jpeg	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://bestnewshere.com/wp-content/uploads/2021/08/supreme-300x180.jpg Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash e1efa8100f2570d82eb360d1a3e3df4c21156c334de60ea5f9b31c256104ae04 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT last-modified Sat, 28 Aug 2021 21:47:43 GMT server nginx etag "612aaeff-367a" content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 13946
GET H2	200	gatesevil-300x180.jpg bestnewshere.com/wp-content/uploads/2021/08/	10 KB 10 KB	229ms 228ms	Image image/jpeg	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://bestnewshere.com/wp-content/uploads/2021/08/gatesevil-300x180.jpg Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash 8d0b14361233d8598e0d95b3a77c1eb5a8d5c08460fd5b6c576abe311b45ca39 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT last-modified Sun, 01 Aug 2021 13:57:00 GMT server nginx etag "6106a82c-27c1" content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 10177
GET H2	200	download-960x720-1-300x180.jpg bestnewshere.com/wp-content/uploads/2021/11/	8 KB 9 KB	229ms 227ms	Image image/jpeg	149.28.118.2 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://bestnewshere.com/wp-content/uploads/2021/11/download-960x720-1-300x180.jpg Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.118.2.vultr.com Software nginx / Resource Hash b0d3470ce5ce7da28755da706fcfe7e9fc6efcb4110bef2660ce56497562d862 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT last-modified Fri, 19 Nov 2021 00:11:41 GMT server nginx etag "6196ebbd-21d3" content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 8659
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	31ms 15ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1009506707&t=pageview&_s=1&dl=https%3A%2F%2Fbestnewshere.com%2Fghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant%2F&ul=en-us&de=UTF-8&dt=Ghislaine%20Maxwell%20Trial%3A%20Coverage%20Sparse%20As%20MSM%20Wages%20Massive%20Fearmonger%20Campaign%20On%20%E2%80%98Omicron%20Variant%E2%80%99%20-%20best%20news%20here&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1625134248&gjid=1267563822&cid=1965137904.1638549126&tid=UA-77201563-5&_gid=16608291.1638549126&_r=1&_slc=1&z=1281678683 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:06 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://bestnewshere.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	bestnewshere.com.1059382.es6.js Show response jsc.mgid.com/b/e/	242 KB 70 KB	165ms 39ms	Script text/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e979c96377d4958929e7f2843d4c617f55939fafc4972d45dbf331db0b813f1e Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT content-encoding br cf-cache-status HIT age 3189 last-modified Thu, 02 Dec 2021 15:11:51 GMT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id ABSK0GSRVFQJ481Z x-amz-id-2 3Q9ssKRi4SxBzrH+/x/DViKfPutAARz33qBAaMFQrpFqTqW6c6tDyjB55rJ8BR9mvQvgCk97NSs= cf-bgj minify server cloudflare etag W/"3bc7851f4baa1f56910cd9fee9f79ca2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 6b7e30666fe15cb0-FRA expires Fri, 03 Dec 2021 19:32:06 GMT
GET H2	200	mgWidget_1.11.65.js Show response cdn.mgid.com/js/wglibs/	359 KB 67 KB	34ms 26ms	Script text/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.mgid.com/js/wglibs/mgWidget_1.11.65.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46480d7c4b292a057462dc9b7c854504a5807063e2788de35245b56b7385b4b6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT content-encoding br cf-cache-status HIT age 432 last-modified Tue, 30 Nov 2021 12:20:18 GMT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id YQSHFCFW62JSZGCK x-amz-id-2 YvRDd7o4epooJgBLVwmQjXyWLeMdbfcYbE7Sk9M7BI1wYLZQrGRPPGwUMxDv7zdvdbgxX1i15gw= cf-bgj minify server cloudflare etag W/"908bfbb7928e4c9194c6855956b791fa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=86400 cf-ray 6b7e3065a8a768eb-FRA expires Sat, 04 Dec 2021 16:32:06 GMT
GET H3	200	bestnewshere.com.1093798.es6.js Show response jsc.mgid.com/b/e/	240 KB 71 KB	152ms 26ms	Script text/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c924901e117f26e2ea5445a6400ae90d58c559dee2373196a3be661d742da4b Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT content-encoding br cf-cache-status HIT age 3189 last-modified Thu, 02 Dec 2021 15:34:16 GMT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id S042A3GD6YJS1AV2 x-amz-id-2 LbC1MGH70jMyGsokNSm+Os/ciPjXWJg3I/nxa/BcEvjKScBncKEyflACi3Kyl5c1QLNdVUlXNsc= cf-bgj minify server cloudflare etag W/"6e2af71c1b4c94ae6ba32ec5980f2b1e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 6b7e30666fe45cb0-FRA expires Fri, 03 Dec 2021 19:32:06 GMT
GET H2	200	pwt.js Show response ads.pubmatic.com/AdServer/js/pwt/160835/4933/	165 KB 53 KB	76ms 9ms	Script text/javascript	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT content-encoding gzip last-modified Fri, 30 Jul 2021 21:19:34 GMT server Apache/2.2.15 (CentOS) etag "16a1416-29219-5c85dc6abdd56" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control public, max-age=17847 accept-ranges bytes content-type text/javascript content-length 54050 expires Fri, 03 Dec 2021 21:29:33 GMT
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	40ms 14ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbestnewshere.com%2F&domain=bestnewshere.com&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://bestnewshere.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin https://bestnewshere.com access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 2533 date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbestnewshere.com%2F&domain=bestnewshere.com&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=4trbYnxocHZyQ3ZSVkZUa3ViSzd3UTZSVUZtZlZ5MWs1bzVOUy8wMHZnQ1d2V2VBZ2c4VDNuZWV3NFRqbDdseUNkeEkySDZEemFpSzFkWnBnMER3S1VucUlSeW14ZWs0bk84dlZvVExOdVVwRDZYazgrNTd3dkRlV3pWbm...	339 B 597 B	37ms 14ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=4trbYnxocHZyQ3ZSVkZUa3ViSzd3UTZSVUZtZlZ5MWs1bzVOUy8wMHZnQ1d2V2VBZ2c4VDNuZWV3NFRqbDdseUNkeEkySDZEemFpSzFkWnBnMER3S1VucUlSeW14ZWs0bk84dlZvVExOdVVwRDZYazgrNTd3dkRlV3pWbmlESmo1cmh4N1E3aVpzaHc4emMzR2QxRElRbjBseWVFSk5pM29HOGVDRzNBbUk5QVAwRjdGeE5MeG8wdTFRUGU5WXcrRGxoWXdqUk9DMC9wK29Ld25za01SeWF4N2xEbnpKcE1CSEk4cG9rQ2xjejk2UlEwPXw&cppv=2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 1b758e01b876c276015b2ad2e073de0f8989a5823405f31a088d5ada4718593d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip date Fri, 03 Dec 2021 16:32:05 GMT vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 3105 expires 0 Redirect headers pragma no-cache strict-transport-security max-age=31536000 date Fri, 03 Dec 2021 16:32:06 GMT location https://mug.criteo.com/sid?cpp=4trbYnxocHZyQ3ZSVkZUa3ViSzd3UTZSVUZtZlZ5MWs1bzVOUy8wMHZnQ1d2V2VBZ2c4VDNuZWV3NFRqbDdseUNkeEkySDZEemFpSzFkWnBnMER3S1VucUlSeW14ZWs0bk84dlZvVExOdVVwRDZYazgrNTd3dkRlV3pWbmlESmo1cmh4N1E3aVpzaHc4emMzR2QxRElRbjBseWVFSk5pM29HOGVDRzNBbUk5QVAwRjdGeE5MeG8wdTFRUGU5WXcrRGxoWXdqUk9DMC9wK29Ld25za01SeWF4N2xEbnpKcE1CSEk4cG9rQ2xjejk2UlEwPXw&cppv=2 access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://bestnewshere.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2002 content-length 482 expires 0
GET H2	200	/ Show response trends.revcontent.com/api/demand/	52 B 266 B	108ms 39ms	Fetch text/html	52.213.21.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trends.revcontent.com/api/demand/?w=182780 Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-21-126.eu-west-1.compute.amazonaws.com Software Apache/2.4.25 (Debian) / Resource Hash 8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7 Security Headers Name Value Strict-Transport-Security max-age=931536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:06 GMT access-control-allow-credentials true server Apache/2.4.25 (Debian) content-length 52 strict-transport-security max-age=931536000; includeSubDomains content-type text/html; charset=UTF-8
GET H2	204	sync trends.revcontent.com/	0 0	100ms 31ms	Fetch	52.213.21.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trends.revcontent.com/sync Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-21-126.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:06 GMT access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	25ms 13ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbestnewshere.com%2F&domain=bestnewshere.com&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://bestnewshere.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin https://bestnewshere.com access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1738 date Fri, 03 Dec 2021 16:32:06 GMT content-encoding gzip vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbestnewshere.com%2F&domain=bestnewshere.com&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=GZz0AHwyS3hZWnErdnRUTFlSSVhlSzIwTFVjNk5yUU1PeUdBNmxKRWpURm01R1QxVHJtd0lUeU9NcUh3WE1UUGVzVU5OcXVHMW5TT0lweWdFTUNTZjNzTkh1MUdNU3RGUHE4dTZrS0tLYzFpWWIzb1JiRDZ3bWJtSXdya0...	334 B 596 B	36ms 13ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=GZz0AHwyS3hZWnErdnRUTFlSSVhlSzIwTFVjNk5yUU1PeUdBNmxKRWpURm01R1QxVHJtd0lUeU9NcUh3WE1UUGVzVU5OcXVHMW5TT0lweWdFTUNTZjNzTkh1MUdNU3RGUHE4dTZrS0tLYzFpWWIzb1JiRDZ3bWJtSXdya0ZKbWNsTlpxcnkyaFJqR251UFA2VWpVcjRLcU5SUjRqVTRJc3ozQk11U2E1WUQvVHArUDZBOGFwNks4dnhQd25NL0V6cTdLZFIrRlQ2ZDdUQzFnY2xRNUpnaFoxdU9tWTVxZ3FkdWhVQjU1T2FvV0o5K3UwPXw&cppv=2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 9eb729f015c5119c5ba73821ebfdded5344a0bc6735741ffcb4617f87b9a983d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip date Fri, 03 Dec 2021 16:32:06 GMT vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2435 expires 0 Redirect headers pragma no-cache strict-transport-security max-age=31536000 date Fri, 03 Dec 2021 16:32:05 GMT location https://mug.criteo.com/sid?cpp=GZz0AHwyS3hZWnErdnRUTFlSSVhlSzIwTFVjNk5yUU1PeUdBNmxKRWpURm01R1QxVHJtd0lUeU9NcUh3WE1UUGVzVU5OcXVHMW5TT0lweWdFTUNTZjNzTkh1MUdNU3RGUHE4dTZrS0tLYzFpWWIzb1JiRDZ3bWJtSXdya0ZKbWNsTlpxcnkyaFJqR251UFA2VWpVcjRLcU5SUjRqVTRJc3ozQk11U2E1WUQvVHArUDZBOGFwNks4dnhQd25NL0V6cTdLZFIrRlQ2ZDdUQzFnY2xRNUpnaFoxdU9tWTVxZ3FkdWhVQjU1T2FvV0o5K3UwPXw&cppv=2 access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://bestnewshere.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1732 content-length 482 expires 0
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	13ms 12ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbestnewshere.com%2F&domain=bestnewshere.com&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://bestnewshere.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin https://bestnewshere.com access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1442 date Fri, 03 Dec 2021 16:32:06 GMT content-encoding gzip vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbestnewshere.com%2F&domain=bestnewshere.com&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=T4SsKXxaRysxTm1oRDY0UG93Z3UreFlqOGJ5NW5aUEp2M1VzMDFmcTdNUUtkaFg2OWRLMHJUZWx0Yy9qY2NxSFIrbyszdE5pNHhaQWRvc3VXWWxYam9nc2cwUDdEV0drRmRBNDRIOTNuaVQ0RWp3ZG1aQXk0VVo1UlhwSk...	345 B 608 B	37ms 13ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=T4SsKXxaRysxTm1oRDY0UG93Z3UreFlqOGJ5NW5aUEp2M1VzMDFmcTdNUUtkaFg2OWRLMHJUZWx0Yy9qY2NxSFIrbyszdE5pNHhaQWRvc3VXWWxYam9nc2cwUDdEV0drRmRBNDRIOTNuaVQ0RWp3ZG1aQXk0VVo1UlhwSkhUYXcvU0p1cXA2aThDRkY4RUVSUDE2b0IwRDEwakticzJwMlFsd1lxRmgzWVpsa1VsOEdBbk5ySEhhaE5idjNNYW1sY3ZDYWthTEZqVVYrSXQ5TCtFSGppR1kzTmhYMzZSZGZoV1ZFS084QVd3VVJRc0kwPXw&cppv=2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 659b4941cee790a59f5f8adfca8d939a006b4e791c4167ce1a6c4f2a020f45df Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip date Fri, 03 Dec 2021 16:32:05 GMT vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2056 expires 0 Redirect headers pragma no-cache strict-transport-security max-age=31536000 date Fri, 03 Dec 2021 16:32:05 GMT location https://mug.criteo.com/sid?cpp=T4SsKXxaRysxTm1oRDY0UG93Z3UreFlqOGJ5NW5aUEp2M1VzMDFmcTdNUUtkaFg2OWRLMHJUZWx0Yy9qY2NxSFIrbyszdE5pNHhaQWRvc3VXWWxYam9nc2cwUDdEV0drRmRBNDRIOTNuaVQ0RWp3ZG1aQXk0VVo1UlhwSkhUYXcvU0p1cXA2aThDRkY4RUVSUDE2b0IwRDEwakticzJwMlFsd1lxRmgzWVpsa1VsOEdBbk5ySEhhaE5idjNNYW1sY3ZDYWthTEZqVVYrSXQ5TCtFSGppR1kzTmhYMzZSZGZoV1ZFS084QVd3VVJRc0kwPXw&cppv=2 access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://bestnewshere.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1763 content-length 482 expires 0
GET H2	200	/ Show response trends.revcontent.com/api/demand/	52 B 266 B	52ms 34ms	Fetch text/html	52.213.21.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trends.revcontent.com/api/demand/?w=184305 Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-21-126.eu-west-1.compute.amazonaws.com Software Apache/2.4.25 (Debian) / Resource Hash 8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7 Security Headers Name Value Strict-Transport-Security max-age=931536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:06 GMT access-control-allow-credentials true server Apache/2.4.25 (Debian) content-length 52 strict-transport-security max-age=931536000; includeSubDomains content-type text/html; charset=UTF-8
GET H2	204	sync trends.revcontent.com/	0 0	50ms 32ms	Fetch	52.213.21.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trends.revcontent.com/sync Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-21-126.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:06 GMT access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	13ms 13ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbestnewshere.com%2F&domain=bestnewshere.com&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://bestnewshere.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin https://bestnewshere.com access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1525 date Fri, 03 Dec 2021 16:32:06 GMT content-encoding gzip vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbestnewshere.com%2F&domain=bestnewshere.com&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=A3QUMHxhUlNpTFJyeWFBNVdieENZLzdVY0gwdUlXdCtLSHh5K3FYcEtNQlVnMm55WWJpQlpGMmppOEpQNXhLVy8wUXRmcDVSNktwYnJVUXV0VjRnb1FrRU1LNlVxaGVQSTY1MEZFc0VvYys0OHVuWDZtUVpEN1JuLzRxR2...	342 B 599 B	36ms 13ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=A3QUMHxhUlNpTFJyeWFBNVdieENZLzdVY0gwdUlXdCtLSHh5K3FYcEtNQlVnMm55WWJpQlpGMmppOEpQNXhLVy8wUXRmcDVSNktwYnJVUXV0VjRnb1FrRU1LNlVxaGVQSTY1MEZFc0VvYys0OHVuWDZtUVpEN1JuLzRxR2tWekZOWmFqcEg3NFpqK0dtOVIwa0x1MjBVVzJLNWt5bHVKaTY2bnR0NjRZNUx1QXpVWnI1dEw4d2JRS21BcEJzTVUrclZlc0JOS0xUdGV1WVNsd0dydzlEcEg0WkdGcGtldGtIME42UU5VKzlJUFlQdVpvPXw&cppv=2 Requested by Host: bestnewshere.com URL: https://bestnewshere.com/ghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant/ Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 1876d78234d8ad1adc78fc8c8619c6683d9b20ff28dc5d2cae52220cb61a6352 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip date Fri, 03 Dec 2021 16:32:05 GMT vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2206 expires 0 Redirect headers pragma no-cache strict-transport-security max-age=31536000 date Fri, 03 Dec 2021 16:32:05 GMT location https://mug.criteo.com/sid?cpp=A3QUMHxhUlNpTFJyeWFBNVdieENZLzdVY0gwdUlXdCtLSHh5K3FYcEtNQlVnMm55WWJpQlpGMmppOEpQNXhLVy8wUXRmcDVSNktwYnJVUXV0VjRnb1FrRU1LNlVxaGVQSTY1MEZFc0VvYys0OHVuWDZtUVpEN1JuLzRxR2tWekZOWmFqcEg3NFpqK0dtOVIwa0x1MjBVVzJLNWt5bHVKaTY2bnR0NjRZNUx1QXpVWnI1dEw4d2JRS21BcEJzTVUrclZlc0JOS0xUdGV1WVNsd0dydzlEcEg0WkdGcGtldGtIME42UU5VKzlJUFlQdVpvPXw&cppv=2 access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://bestnewshere.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1478 content-length 482 expires 0
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	40ms 12ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=GZz0AHwyS3hZWnErdnRUTFlSSVhlSzIwTFVjNk5yUU1PeUdBNmxKRWpURm01R1QxVHJtd0lUeU9NcUh3WE1UUGVzVU5OcXVHMW5TT0lweWdFTUNTZjNzTkh1MUdNU3RGUHE4dTZrS0tLYzFpWWIzb1JiRDZ3bWJtSXdya0ZKbWNsTlpxcnkyaFJqR251UFA2VWpVcjRLcU5SUjRqVTRJc3ozQk11U2E1WUQvVHArUDZBOGFwNks4dnhQd25NL0V6cTdLZFIrRlQ2ZDdUQzFnY2xRNUpnaFoxdU9tWTVxZ3FkdWhVQjU1T2FvV0o5K3UwPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1077 date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip vary Accept-Encoding
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	40ms 13ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=4trbYnxocHZyQ3ZSVkZUa3ViSzd3UTZSVUZtZlZ5MWs1bzVOUy8wMHZnQ1d2V2VBZ2c4VDNuZWV3NFRqbDdseUNkeEkySDZEemFpSzFkWnBnMER3S1VucUlSeW14ZWs0bk84dlZvVExOdVVwRDZYazgrNTd3dkRlV3pWbmlESmo1cmh4N1E3aVpzaHc4emMzR2QxRElRbjBseWVFSk5pM29HOGVDRzNBbUk5QVAwRjdGeE5MeG8wdTFRUGU5WXcrRGxoWXdqUk9DMC9wK29Ld25za01SeWF4N2xEbnpKcE1CSEk4cG9rQ2xjejk2UlEwPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1312 date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip vary Accept-Encoding
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	40ms 12ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=T4SsKXxaRysxTm1oRDY0UG93Z3UreFlqOGJ5NW5aUEp2M1VzMDFmcTdNUUtkaFg2OWRLMHJUZWx0Yy9qY2NxSFIrbyszdE5pNHhaQWRvc3VXWWxYam9nc2cwUDdEV0drRmRBNDRIOTNuaVQ0RWp3ZG1aQXk0VVo1UlhwSkhUYXcvU0p1cXA2aThDRkY4RUVSUDE2b0IwRDEwakticzJwMlFsd1lxRmgzWVpsa1VsOEdBbk5ySEhhaE5idjNNYW1sY3ZDYWthTEZqVVYrSXQ5TCtFSGppR1kzTmhYMzZSZGZoV1ZFS084QVd3VVJRc0kwPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1069 date Fri, 03 Dec 2021 16:32:05 GMT content-encoding gzip vary Accept-Encoding
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	31ms 13ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=A3QUMHxhUlNpTFJyeWFBNVdieENZLzdVY0gwdUlXdCtLSHh5K3FYcEtNQlVnMm55WWJpQlpGMmppOEpQNXhLVy8wUXRmcDVSNktwYnJVUXV0VjRnb1FrRU1LNlVxaGVQSTY1MEZFc0VvYys0OHVuWDZtUVpEN1JuLzRxR2tWekZOWmFqcEg3NFpqK0dtOVIwa0x1MjBVVzJLNWt5bHVKaTY2bnR0NjRZNUx1QXpVWnI1dEw4d2JRS21BcEJzTVUrclZlc0JOS0xUdGV1WVNsd0dydzlEcEg0WkdGcGtldGtIME42UU5VKzlJUFlQdVpvPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1472 date Fri, 03 Dec 2021 16:32:06 GMT content-encoding gzip vary Accept-Encoding
GET H2	200	/ Show response trends.revcontent.com/api/delivery/	10 KB 5 KB	103ms 103ms	Fetch text/html	52.213.21.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=184305&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fbestnewshere.com%2Fghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant%2F&icr_url=&va=0&time=1638549126289&up=pc&bn=chrome&bv=96&widget_width=1021&style_id=0&idhub[pubcid]=a5052194-1880-4dc8-98b5-b619f91871b6 Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-21-126.eu-west-1.compute.amazonaws.com Software Apache/2.4.25 (Debian) / Resource Hash ab221d4340e51e63c53984447a74f8d19969506106d9ff950438d519db064aee Security Headers Name Value Strict-Transport-Security max-age=931536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT content-encoding gzip server Apache/2.4.25 (Debian) vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin https://bestnewshere.com access-control-allow-credentials true strict-transport-security max-age=931536000; includeSubDomains content-length 4517
GET H2	200	/ Show response trends.revcontent.com/api/delivery/	63 KB 26 KB	120ms 120ms	Fetch text/html	52.213.21.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=182780&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fbestnewshere.com%2Fghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant%2F&icr_url=&va=0&time=1638549126296&up=pc&bn=chrome&bv=96&widget_width=1021&style_id=0&idhub[pubcid]=a5052194-1880-4dc8-98b5-b619f91871b6 Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-21-126.eu-west-1.compute.amazonaws.com Software Apache/2.4.25 (Debian) / Resource Hash a85f6636559cecf70972e4f3ee7c8f4d2598f2d32017b0325303846572e281f2 Security Headers Name Value Strict-Transport-Security max-age=931536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT content-encoding gzip server Apache/2.4.25 (Debian) vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin https://bestnewshere.com access-control-allow-credentials true strict-transport-security max-age=931536000; includeSubDomains content-length 25905
POST H2	204	impression trends.revcontent.com/event/	0 0	87ms 30ms	Fetch	52.213.21.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trends.revcontent.com/event/impression Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-21-126.eu-west-1.compute.amazonaws.com Software Grizzly/2.4.4 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=931536000; includeSubDomains Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:06 GMT access-control-allow-credentials true server Grizzly/2.4.4 access-control-allow-headers Content-Type strict-transport-security max-age=931536000; includeSubDomains
GET H2	200	defaultWidget~feedWidget.delivery.js Show response assets.revcontent.com/master/	42 KB 12 KB	27ms 26ms	Script application/x-javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software AmazonS3 / Resource Hash 4e1016ccefba2fee5f3e197bfa3d81e71481c0a47bfa1432a6aa64e86434eb31 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT content-encoding gzip last-modified Thu, 02 Dec 2021 22:31:16 GMT server AmazonS3 x-amz-request-id 82HPPVTZMWQ4KMEV etag "3f7370fd2dc9579cbd898db3a011a301" x-hw 1638549126.cds017.ml1.hn,1638549126.cds029.ml1.c content-type application/x-javascript access-control-allow-origin * cache-control public,max-age=60 accept-ranges bytes content-length 11869 x-amz-id-2 DuRAeJXNgPNgpI7/NHtDvu9JrC/IcmLeUbRaqyHevnjCWuIlmUAEXPX9uAlfWIIXyUcqYbajZq0=
GET H2	200	defaultWidget.delivery.js Show response assets.revcontent.com/master/	16 KB 6 KB	28ms 28ms	Script application/x-javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://assets.revcontent.com/master/defaultWidget.delivery.js Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software AmazonS3 / Resource Hash 65d6070542564e5779932c524c408777d671cd623c394aacb248b526594f1ae1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT content-encoding gzip last-modified Thu, 02 Dec 2021 22:31:13 GMT server AmazonS3 x-amz-request-id 82HWZC5JGCAS48KT etag "b8fc8e0948d171f3d36784ae9b0dd68a" x-hw 1638549126.cds017.ml1.hn,1638549126.cds011.ml1.c content-type application/x-javascript access-control-allow-origin * cache-control public,max-age=60 accept-ranges bytes content-length 6207 x-amz-id-2 pBdPh1PQ+r+NMLGjcKrb97yxGnJii4cyTdnmVFbC6h0Rd45+dRdi0DmcAF625Q1VmsVOnoDWHd4=
GET H2	200	commonModal.delivery.js Show response assets.revcontent.com/master/	3 KB 2 KB	27ms 27ms	Script application/x-javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://assets.revcontent.com/master/commonModal.delivery.js Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software AmazonS3 / Resource Hash 0a64aa12761e24b243a212173ce94a765a3b4cab431e0028a16ad85b29faffa0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT content-encoding gzip last-modified Thu, 02 Dec 2021 22:31:16 GMT server AmazonS3 x-amz-request-id 82HMXGTRB2H433VY etag "a1ddfdf21e54d3a095c03847a335dcdd" x-hw 1638549126.cds017.ml1.hn,1638549126.cds004.ml1.c content-type application/x-javascript access-control-allow-origin * cache-control public,max-age=60 accept-ranges bytes content-length 1643 x-amz-id-2 XqN7GusM6ozDCpeXEErWs5M2tLY5EYthG9y2ivDuosSKsTJ73KcCJBewxI4OhVB4xQBTA8Lth1M=
POST H2	204	impression trends.revcontent.com/event/	0 0	71ms 34ms	Fetch	52.213.21.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trends.revcontent.com/event/impression Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-21-126.eu-west-1.compute.amazonaws.com Software Grizzly/2.4.4 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=931536000; includeSubDomains Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:06 GMT access-control-allow-credentials true server Grizzly/2.4.4 access-control-allow-headers Content-Type strict-transport-security max-age=931536000; includeSubDomains
GET H/1.1	200 OK	score.min.js Show response js.ad-score.com/	314 KB 108 KB	45ms 7ms	Script application/javascript	2600:9000:2250:b600:a:deb0:3380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.ad-score.com/score.min.js?pid=1000177&tt=opt Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:b600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8886275ccb1e273cdafafbd9a2ccbb34674e187ccd15198b44f4a7e52cd656f4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 03 Dec 2021 13:32:42 GMT Content-Encoding gzip Age 10764 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Access-Control-Allow-Origin * Last-Modified Fri, 03 Dec 2021 13:32:42 GMT Access-Control-Allow-Methods GET Content-Type application/javascript Via 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront) Cache-Control public, max-age=86400 Access-Control-Allow-Credentials true X-Amz-Cf-Pop FRA60-P2 Access-Control-Allow-Headers Cache-Control X-Amz-Cf-Id CESQwC6jfPkhgFKY3b_lrcYJalq6SLrky8bCekYdFpTxrsV9YO-I4w== Expires Sat, 04 Dec 2021 13:32:42 GMT
GET H2	200	/ img.revcontent.com/	20 KB 20 KB	92ms 27ms	Image image/png	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT last-modified Wed, 01 Jul 2020 17:13:25 GMT etag "1593623605" x-hw 1638549126.cds028.ml1.hn,1638549126.cds224.ml1.c content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 20438
GET H2	200	rc-logo.png cdn.revcontent.com/assets/img/	4 KB 4 KB	111ms 33ms	Image image/png	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.revcontent.com/assets/img/rc-logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT last-modified Wed, 01 Dec 2021 16:11:10 GMT etag "1638375070" x-hw 1638549126.cds019.ml1.hn,1638549126.cds215.ml1.c content-type image/png access-control-allow-origin * cache-control max-age=78707 accept-ranges bytes content-length 4298
GET H/1.1	200 OK	/ oba-pool-eu.perf-serving.com/imp_notice_c2s/v1/jvqY2c7lDG3t-XLkSmFxyOOnKNoQ6t5GDc7og5pyfGsGVRgHmOLTxYIOe5DnF3adAyMYbuAhOJiflZd9j0vwxNa6em1KFXwDn_ymOsMmoH5_31M9Pu8Kjvo_yPTq0VyNn0TlaZE67OiEYEYHMbpWDy...	43 B 220 B	57ms 8ms	Image image/gif	18.159.171.176 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://oba-pool-eu.perf-serving.com/imp_notice_c2s/v1/jvqY2c7lDG3t-XLkSmFxyOOnKNoQ6t5GDc7og5pyfGsGVRgHmOLTxYIOe5DnF3adAyMYbuAhOJiflZd9j0vwxNa6em1KFXwDn_ymOsMmoH5_31M9Pu8Kjvo_yPTq0VyNn0TlaZE67OiEYEYHMbpWDyy2QUDcgm-3bnZmLBE73i8wTVie1aWNCh6KH6s5PoVJOK5aAahsiczseBminMk3AOuVYivDdLkvawgDJAQIyIUSL2U1-jcy7C5804J4ipairGtxxpjTMR7V58LjSOFyfHN1L0k0nDv4nT9UbvBSVoLAcSh1layUTg4kv4d2VAE6y0Ppf5GPrAVNAiu9srjuJbu_PR4k6dKiaS51LN0bZy_v-U1KjVB8cYgRyT7wY-kAFErqE2oH0mYk63HsDJzAawuqagJZk82C3YD3iNKxuvvhuYSiM94o7cTkawH3l4k7IKuIOVLua9Sdt6jiZgNZy0Y-A9tXPDEuBtA3gUwg6Fn4IpU8t2jujmX1kxjeISAR583Cx4VZFCue5lu4JsxN-6f3URrqXHicH5pmMsC_0Nhrgb86X-FRQJOGGpJ2yZOJgQjiVW2ekLClZFmmy47PJkr4VXwIwqeqwLPMT1A-hPtg8F4CPMM9gxzj6WqmSbe_BrQKJuk66lGAA8aVgPz7uNpZX8BHzOlJbnaWdJyInCiX4-1zQTd39GIMzQDhGJjsNM4oUF9BN5pKYZB7l52fh6ZLX89WhceEgaVnvZccVDrfYvM0nbq8Jv87euJac5Lvp9lKQBL-Q9VUAK3Yc2kZh06fVnD_oXFd7OKeSSVNrBU3K09KoU3WznqNGxEkZvAS5TTVz12eeiUSpm4SQuKnk1eKeslIZtgmyvtcbNaq0KuTWIAT9244w6TDXCA0NsMsGoeD5UZHFqxG3VOr96fmwXidMP6PW37b1Ko1ZxDp8GiDIE-mABgJ2eDoMgpa7dYskLRu9lzkPO5koKQsPqU0irhzt24UE8CroxIdbOq4Khb5Rx_AIX3VdbGKQQH4eP8ujilQofzALsY9sX6pMVgNdXhArVeQn1GQ96g5JFYyuFC6I5C0qRwKQHb8FLLIROseYADHpHyvuUNKmkrxZCIHVDHBx6FJt54IbD7XdLr28Lzy51yeqClBQk5td2lgz3ptm7BqCm5cUC-Qaf42_gX4yQqdIxWakhaegIatl8ggASoSdor3wpZPWrJ87RInV8jhEFDC78kcOp1_GUMQIeRUPoWhOa_ZSiKhwiuSBmPKk3SSWmB9sIVYcCKJJCr6RNjCBm8k7K1OJXhpmFTs0BFjYhczS9PL-1QGXKo-4KtGyxHq3piP6vSPa8Hmsg5QeqZcGpulcl3_-uhYzae676Yb8zbv3g61HFfojmRkM9xi/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.159.171.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-171-176.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 03 Dec 2021 16:32:06 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	/ oba-pool-eu.perf-serving.com/imp_notice_c2s/v1/6fT7BYq6_ux581YQ-63cfbMoiwWW9R_1ZtXaTMWziilC95Pxretf-XzaCEPsja4AbPG3lXf3xH4RUl_lZ0nb3PCtKEAut40ujaBC-1wNM03NNv_CZVlXh03YwE99Y_brxQQN82v59scq6yUB8Bikg_...	43 B 220 B	57ms 8ms	Image image/gif	18.159.171.176 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://oba-pool-eu.perf-serving.com/imp_notice_c2s/v1/6fT7BYq6_ux581YQ-63cfbMoiwWW9R_1ZtXaTMWziilC95Pxretf-XzaCEPsja4AbPG3lXf3xH4RUl_lZ0nb3PCtKEAut40ujaBC-1wNM03NNv_CZVlXh03YwE99Y_brxQQN82v59scq6yUB8Bikg_K3mScwb9HUiBoYWEOgFxpx2YAHGC3bYN4DEmh-6vNjScD8TAwesairhiROhKd17H_KpCYDOCgljBwUj5B55WBRNZ-NYkYdcioqB9drQ3xfLnaRexHBvJYaV5SffPVNsjcsLSKPP0FN_J5Lc4kcoy_Ot1pU81gnb-vNiGWpR-BJEz6Dsv1T7XYQVo2aFeTdHNCdaWvKoC3OxH_Axc1QqpmzWd-JuN-kWPOWDm7I69Bvq2vPezC42M8_sZR7qu9UpNBPQxgUTT8NXhZVQX_0KZw168B_-jG9TJof596MH7BcIniJpi0Us98nBBzDo-AIIZ0bOcxrAqhVEFmYEsl6Gm7X6lqvXsVHk-S4C5UxMka8iXQvfqMR4_mhMoUejjWp9y8B7eRkkZKz81_CHpfAhXakSK8iVYn0__yB8M6JYr9xYADOGNx4Lxl-BXXbdX9w2RhuLYYE_1pQ6qXDteXrxW_1e1zOM1Jib4r_lQfexPUgyqq2p1RggmcHwDhexGipD4yQKICqB_0Mx9U8bryqATi-29yKGenWcEXozwTaZBmNByN8sZNtbE2GabJncqyx8OF8gRPlIUhjFs53lU1gBcLy4J8scwJMWs0FfJ9UBZynJ9U-ty0sC7z9AA87B4zxhOBZosM9RIV_1aEFcJj5_tSIyI0Int1DoX4C-c4zf_eUsQZg_rrUgyPJmJlnIhAh6s5jQzYlEL7r1HBuxTlCSIPDlqAxoivHN7fn59INFqSvzgKC_Bt6FhP1dx5Xbm3RH6sbVsaBWP5H5SmYEOOgmTdYtxICl52QSIRb6GCao8Eli55B_iLRJXJMrIbdV1kz20gyQlxuIboYhSHXG8Ws1KOihKLqAWgQuyadbDR8DMlYNAl_7B32zbGS1AmpgjMOo0lRje1rNjueK8JRxiazMVBfL0UdJqDKk2LB11AAZ116m2v_8DYK5ciafCsklBkDIdvfLr029nKPM4RgaUV1fKnfYHBwQ2dD9aatImY_KjmdyYKgCNW6fFFJ4iD7gcwi-XoyKP-_vCf2-4iETZ-UizCGBv16zmIyw8sE4_8qwgcJTOzO0OxgnhTvWON8N_VyguXZiroZr_eVzDob3nd4AWKp3UijF6UZ74ZYkEIix9CAQzkXxv8XhoN1e252GU7jIzJB96dEJGUuPBm3upQN-tgERRhftBg7cxshS04NkHVwnLDp7OTSd-9LKUTdM75lj8SyPuqhNvcfYshjkWShOmc/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.159.171.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-171-176.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 03 Dec 2021 16:32:06 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif
POST H/1.1	200 OK	cors Show response data.ad-score.com/data/	50 B 719 B	459ms 115ms	XHR text/plain	130.211.115.4 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data.ad-score.com/data/cors?pm_st=DrqXElyrQJnLtjxoQNGSAjttMwjyiZiV-FE7fPshldVrkKD8a3HLOFE3JPg==-E0zCNMhkY1HkNA==&pm_ct=7cf4a1b12de1dd223a6a5748&pm_pl=1638549126541&pm_td=6&pid=1000177&en=1.1&callback=__pm_glbl_nVjovaDBhHzVRUOQZ3krjuAr._gc1&tt=opt&v=8f13b2e Requested by Host: js.ad-score.com URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 4.115.211.130.bc.googleusercontent.com Software / Resource Hash 3acbac26a7bbc675f3ba2f8cef2329ed88436bce4aee937b4c891d7bcbf15396 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 03 Dec 2021 16:32:06 GMT Age 0 Access-Control-Allow-Methods POST P3p CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR" Access-Control-Allow-Origin https://bestnewshere.com Cache-Control post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0 Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/plain; charset=utf-8 Content-Length 50
GET H/1.1	200 OK	x.html Show response js.ad-score.com/ Frame 280A	16 KB 8 KB	8ms 7ms	Document text/html	2600:9000:2250:b600:a:deb0:3380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.ad-score.com/x.html?pid=1000177 Requested by Host: js.ad-score.com URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:b600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 0740f3559a074d95496ad0a70cfc6e360e17a8d3c568874693c9e6dbc29ccde7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ Response headers Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Content-Encoding gzip Last-Modified Fri, 03 Dec 2021 08:19:16 GMT Date Fri, 03 Dec 2021 13:32:42 GMT X-Cache Hit from cloudfront Via 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA60-P2 X-Amz-Cf-Id KlqsChxbG75wVvxamQtpVc9ZBC6OJUtNXGkO40rbrAm_8afyEsfk-A== Age 10764
POST H/1.1	200 OK	cors Show response data.ad-score.com/data/	1 B 272 B	474ms 143ms	XHR text/plain	130.211.115.4 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data.ad-score.com/data/cors?pm_st=DrqXElyrQJnLtjxoQNGSAjttMwjyiZiV-FE7fPshldVrkKD8a3HLOFE3JPg==-E0zCNMhkY1HkNA==&pm_ct=7cf4a1b12de1dd223a6a5748&pm_pl=1638549126541&pm_td=41&pid=1000177&en=1.1&callback=__pm_glbl_nVjovaDBhHzVRUOQZ3krjuAr._gc2&tt=opt&v=8f13b2e Requested by Host: js.ad-score.com URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 4.115.211.130.bc.googleusercontent.com Software / Resource Hash 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://bestnewshere.com Date Fri, 03 Dec 2021 16:32:07 GMT Access-Control-Allow-Credentials true Connection keep-alive Content-Length 1 Access-Control-Allow-Methods POST Content-Type text/plain; charset=utf-8
GET DATA	200 OK	truncated /	35 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F43aa8f8e-74a4-42b2-8f43-63226346da94%2F640x480.jpg images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/	10 KB 10 KB	89ms 27ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F43aa8f8e-74a4-42b2-8f43-63226346da94%2F640x480.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Cloudinary / Resource Hash 8c8baffcbc46c84d4e2207819e099ee5883706283f9c3f64cc5302929d77bfd1 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT x-content-type-options nosniff last-modified Fri, 03 Dec 2021 08:29:21 GMT server Cloudinary etag "e8f0421a490582a00d4f9e4ddc5cd3c9" strict-transport-security max-age=604800 x-hw 1638549126.cds019.ml1.hn,1638549126.cds009.ml1.c content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=604800 server-timing fastly;dur=201;cpu=0;start=2021-12-03T12:07:23.575Z;desc=miss,rtt;dur=1,cloudinary;dur=102;start=2021-12-03T12:07:23.626Z accept-ranges bytes timing-allow-origin * content-length 9850
GET H2	200	https%3A%2F%2Fimages.perf-serving.com%2Favm%2F15156%2F13-800x600.jpg images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/	15 KB 15 KB	116ms 59ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https%3A%2F%2Fimages.perf-serving.com%2Favm%2F15156%2F13-800x600.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Cloudinary / Resource Hash 41394b7b1794539288c793f9761ba318f6a0ac158ab003b216b05e025b7d3cfb Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT x-content-type-options nosniff last-modified Sat, 20 Nov 2021 13:26:49 GMT server Cloudinary etag "980a62eacc83f46af8d4485ee18ee1a4" strict-transport-security max-age=604800 x-hw 1638549126.cds019.ml1.hn,1638549126.cds217.ml1.sc,1638549126.cds217.ml1.p content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=604800 server-timing fastly;dur=2;cpu=1;start=2021-12-03T16:32:06.679Z;desc=hit,rtt;dur=0 accept-ranges bytes timing-allow-origin * content-length 15238
GET H2	200	https%3A%2F%2Fimages.perf-serving.com%2Favm%2F15154%2F22-800x600.jpg images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/	13 KB 14 KB	97ms 41ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https%3A%2F%2Fimages.perf-serving.com%2Favm%2F15154%2F22-800x600.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Cloudinary / Resource Hash 9954787308f3f66a6351160258546d1584dcb37ed45183cb8aee34657e5c5492 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT x-content-type-options nosniff last-modified Sat, 13 Nov 2021 12:18:01 GMT server Cloudinary etag "a9e09265cba514e88380839532d46c73" strict-transport-security max-age=604800 x-hw 1638549126.cds019.ml1.hn,1638549126.cds220.ml1.c content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=604800 server-timing fastly;dur=1;cpu=0;start=2021-12-01T06:32:11.238Z;desc=hit,rtt;dur=0 accept-ranges bytes timing-allow-origin * content-length 13658
GET H2	200	6123fe2c075678-87773733.jpg images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/	15 KB 15 KB	96ms 42ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/6123fe2c075678-87773733.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Cloudinary / Resource Hash 5ea3663863d6a6d4dcadfb822459fedb69c59d6be72967630ca5aaf7dce36bec Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT x-content-type-options nosniff last-modified Thu, 11 Nov 2021 17:39:09 GMT server Cloudinary etag "b01276967f6185da9618909a9dd0ba13" strict-transport-security max-age=604800 x-hw 1638549126.cds019.ml1.hn,1638549126.cds028.ml1.c content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=604800 server-timing fastly;dur=1;cpu=0;start=2021-11-11T17:39:20.445Z;desc=hit,rtt;dur=0 accept-ranges bytes timing-allow-origin * content-length 15269
GET H2	200	ff27af5a5930935680a4c10289ad39e5.jpeg images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/	12 KB 12 KB	86ms 36ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ff27af5a5930935680a4c10289ad39e5.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Cloudinary / Resource Hash 640cfa03a0edf6a9ccc1794366dc2a16dcdb308bd4b2dcbb60ff5e60e795d7ac Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT x-content-type-options nosniff last-modified Thu, 11 Nov 2021 17:39:08 GMT server Cloudinary etag "313c72d28a2cf468da14109e09e946f1" strict-transport-security max-age=604800 x-hw 1638549126.cds019.ml1.hn,1638549126.cds007.ml1.c content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=604800 server-timing fastly;dur=198;cpu=0;start=2021-11-12T05:14:01.108Z;desc=miss,rtt;dur=0,cloudinary;dur=96;start=2021-11-12T05:14:01.161Z accept-ranges bytes timing-allow-origin * content-length 12067
GET H2	200	15643107941285251590.jpg images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/	12 KB 13 KB	78ms 28ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15643107941285251590.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Cloudinary / Resource Hash b82c8c68bf5dff687d2fe7031cfd4586c53d01060fa15845a7428e5ad7516192 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT x-content-type-options nosniff last-modified Fri, 12 Nov 2021 21:36:43 GMT server Cloudinary etag "0ca311774175b38723f20b12ba2665ef" strict-transport-security max-age=604800 x-hw 1638549126.cds019.ml1.hn,1638549126.cds032.ml1.c content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=604800 server-timing fastly;dur=231;cpu=1;start=2021-11-12T21:43:01.485Z;desc=miss,rtt;dur=0,cloudinary;dur=130;start=2021-11-12T21:43:01.537Z accept-ranges bytes timing-allow-origin * content-length 12756
GET H2	200	15640404341084736444.png images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/	11 KB 11 KB	23ms 23ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15640404341084736444.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Cloudinary / Resource Hash 3f2d112ddda65577456366e17acfdc97a7e8da3a20fa46efd2340fd3c79b7878 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT x-content-type-options nosniff last-modified Fri, 12 Nov 2021 21:37:59 GMT server Cloudinary etag "bffac14538bf1aff8b713ece4d734a4f" strict-transport-security max-age=604800 x-hw 1638549126.cds019.ml1.hn,1638549126.cds219.ml1.c content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=604800 server-timing fastly;dur=128;cpu=1;start=2021-11-12T21:43:01.481Z;desc=miss,rtt;dur=0,cloudinary;dur=24;start=2021-11-12T21:43:01.535Z accept-ranges bytes timing-allow-origin * content-length 11372
GET H2	200	613f333bc3e010-26406824.jpg images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/	8 KB 8 KB	27ms 26ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/613f333bc3e010-26406824.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Cloudinary / Resource Hash 7431dacd09ab3d6ff07f8d2a309ca0e5738e80a616608aa28b28f0a234cc79be Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT x-content-type-options nosniff last-modified Thu, 11 Nov 2021 17:39:09 GMT server Cloudinary etag "bb70887a1534a10b7ea73e0500b02c61" strict-transport-security max-age=604800 x-hw 1638549126.cds019.ml1.hn,1638549126.cds207.ml1.c content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=604800 server-timing fastly;dur=137;cpu=0;start=2021-11-11T17:39:12.615Z;desc=miss,rtt;dur=0,cloudinary;dur=37;start=2021-11-11T17:39:12.668Z accept-ranges bytes timing-allow-origin * content-length 7840
GET H2	200	15493657210151659760.jpeg images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/	8 KB 9 KB	27ms 26ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15493657210151659760.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Cloudinary / Resource Hash 256f050206c0cdabf27822326d071e012e0b35c4837d520a627a38e939895d87 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT x-content-type-options nosniff last-modified Thu, 11 Nov 2021 17:39:09 GMT server Cloudinary etag "479a802fb75db6732cd4a1518af072be" strict-transport-security max-age=604800 x-hw 1638549126.cds019.ml1.hn,1638549126.cds213.ml1.c content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=604800 server-timing fastly;dur=1;cpu=0;start=2021-11-11T17:41:28.982Z;desc=hit,rtt;dur=0 accept-ranges bytes timing-allow-origin * content-length 8537
GET H2	200	15611898080496488125.png images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/	10 KB 10 KB	29ms 28ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15611898080496488125.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Cloudinary / Resource Hash 6d4506d9a40c774cce12cfae6feac248dee9c3cd121b7e64d4145a93edd540a3 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT x-content-type-options nosniff last-modified Fri, 12 Nov 2021 21:42:09 GMT server Cloudinary etag "7488aa067ac3c0d4eac5a49a68140166" strict-transport-security max-age=604800 x-hw 1638549126.cds019.ml1.hn,1638549126.cds024.ml1.c content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=604800 server-timing fastly;dur=406;cpu=1;start=2021-11-12T21:45:58.701Z;desc=miss,rtt;dur=0,cloudinary;dur=16;start=2021-11-12T21:45:59.045Z accept-ranges bytes timing-allow-origin * content-length 10123
GET H2	200	61761636e04a02-05331468.jpg images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/	16 KB 16 KB	32ms 32ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/61761636e04a02-05331468.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Cloudinary / Resource Hash 439b690d82b1bbae2b2702f04f44ed4e5cebfb6a7895ba71dc5beaedeba37523 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT x-content-type-options nosniff last-modified Thu, 11 Nov 2021 17:39:08 GMT server Cloudinary etag "64f74063ea42113d27eb3be68dd16da2" strict-transport-security max-age=604800 x-hw 1638549126.cds019.ml1.hn,1638549126.cds017.ml1.c content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=604800 server-timing fastly;dur=120;cpu=0;start=2021-11-11T17:40:09.708Z;desc=miss,rtt;dur=0,cloudinary;dur=21;start=2021-11-11T17:40:09.760Z accept-ranges bytes timing-allow-origin * content-length 16320
GET H2	200	6177554190dcf0-39986786.jpg images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/	19 KB 19 KB	34ms 34ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/6177554190dcf0-39986786.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Cloudinary / Resource Hash 787510382dbb250019f27614314040e9970504bcd4d2545363c5a890858aba46 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT x-content-type-options nosniff last-modified Thu, 11 Nov 2021 17:39:59 GMT server Cloudinary etag "1dde989afc4cbb61a69a3cbf66953145" strict-transport-security max-age=604800 x-hw 1638549126.cds019.ml1.hn,1638549126.cds015.ml1.c content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=604800 server-timing fastly;dur=55;cpu=0;start=2021-11-11T20:16:48.580Z;desc=hit,rtt;dur=0 accept-ranges bytes timing-allow-origin * content-length 19163
GET H2	200	https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F43aa8f8e-74a4-42b2-8f43-63226346da94%2F640x480.jpg images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/	6 KB 6 KB	36ms 35ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F43aa8f8e-74a4-42b2-8f43-63226346da94%2F640x480.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Cloudinary / Resource Hash 28af9d210575e1b6c145081370a916a582c828422960721c6a4ef194b0eab033 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT x-content-type-options nosniff last-modified Fri, 03 Dec 2021 08:29:20 GMT server Cloudinary etag "abf0837024e3f2f16a92feff56bb7922" strict-transport-security max-age=604800 x-hw 1638549126.cds019.ml1.hn,1638549126.cds003.ml1.c content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=604800 server-timing fastly;dur=153;cpu=1;start=2021-12-03T09:16:18.463Z;desc=miss,rtt;dur=0,cloudinary;dur=54;start=2021-12-03T09:16:18.516Z accept-ranges bytes timing-allow-origin * content-length 5871
GET H2	206	5915766.mp4 media.revcontent.com/cr_videos/153898/	33 KB 33 KB	110ms 32ms	Media application/octet-stream	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://media.revcontent.com/cr_videos/153898/5915766.mp4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software AmazonS3 / Resource Hash 763ba751925d80ccaffdaff56474ba226248d54b95a11ef490d20b9bae66afed Request headers Referer https://bestnewshere.com/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Range bytes=0- Response headers date Fri, 03 Dec 2021 16:32:06 GMT last-modified Mon, 25 Oct 2021 03:00:37 GMT server AmazonS3 x-amz-request-id N272EVSDDZWTT5PK etag "87b4559d0f7d19cc2322c8a21229bb38" x-hw 1638549126.cds023.ml1.hn,1638549126.cds027.ml1.c content-type application/octet-stream Content-Range bytes 0-33889/33890 cache-control max-age=3600 x-amz-version-id EOrde2IDgZoHZs9MA1espj2M0.OUwMmQ accept-ranges bytes access-control-allow-origin * Content-Length 33890 x-amz-id-2 xsxTQmgITUH8jSD/Cq2mCifkXBn4YU21c21XqZkwe8Blb13ibQN/hCjImaxr+8eotmuivt+NDxA=
GET H2	206	5929110.mp4 media.revcontent.com/cr_videos/153898/	63 KB 63 KB	135ms 58ms	Media application/octet-stream	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://media.revcontent.com/cr_videos/153898/5929110.mp4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software AmazonS3 / Resource Hash b65c37a1ae24e1d405498d5d7c5b8aebfc000d01f0a5306b96063f631d7578e5 Request headers Referer https://bestnewshere.com/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Range bytes=0- Response headers date Fri, 03 Dec 2021 16:32:06 GMT last-modified Tue, 26 Oct 2021 02:00:54 GMT server AmazonS3 x-amz-request-id XXNFY5XETJDDPKTM etag "42f9bd6b33eaaf1f2c9bbd2ff8706b2e" x-hw 1638549126.cds023.ml1.hn,1638549126.cds025.ml1.c content-type application/octet-stream Content-Range bytes 0-64573/64574 cache-control max-age=3600 x-amz-version-id gAamJd5jE2AMFWMdUZpx.6m_xaDkga3w accept-ranges bytes access-control-allow-origin * Content-Length 64574 x-amz-id-2 JjWHnR1dTZh99tkSaKIHgreSLzFLJWpImdZKrf8d7YCZ9pP/KcvwE7c3GVc3uTXqp5E+jIWWqAQ=
HEAD H/1.1	200 OK	x.html Show response js.ad-score.com/ Frame 280A	0 565 B	8ms 8ms	XHR text/html	2600:9000:2250:b600:a:deb0:3380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.ad-score.com/x.html?pid=1000177 Requested by Host: js.ad-score.com URL: https://js.ad-score.com/x.html?pid=1000177 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:b600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.ad-score.com/x.html?pid=1000177 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 03 Dec 2021 13:46:16 GMT Content-Encoding gzip Connection keep-alive Last-Modified Thu, 02 Dec 2021 05:04:57 GMT Age 10764 Access-Control-Allow-Methods GET Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Access-Control-Allow-Credentials true X-Cache Hit from cloudfront X-Amz-Cf-Pop FRA60-P2 Accept-Ranges bytes X-Amz-Cf-Id JbirvjXgO55fGkT7C2eOQFPPt_ZE1ILBW6ilAk3qqYqRYQqbx7rsTQ== Via 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
GET H2	200	/ Show response c.mgid.com/pv/	0 280 B	68ms 60ms	Script text/plain	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.mgid.com/pv/?pv=5&cbuster=1638549126816500068581&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbestnewshere.com%2Fghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant%2F&lu=https%3A%2F%2Fbestnewshere.com%2Fghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant%2F&sessionId=61aa4687-0c34f&pageView=1&pvid=17d81237ea09c3e6240&site=663986&implVersion=11&dpr=1 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:06 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 6b7e306aaca468eb-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	MGID_plus.svg cdn.mgid.com/images/logos/	2 KB 1 KB	18ms 17ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/MGID_plus.svg Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT content-encoding br cf-cache-status HIT age 3375 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id TV9EGYWE00S199ZT x-amz-id-2 PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw= last-modified Tue, 23 Feb 2021 16:22:15 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root etag W/"f7525f3a5f32c6f4a8e9867e9f57ab45" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 6b7e306acbc85cb0-FRA expires Sat, 04 Dec 2021 16:32:06 GMT
GET H3	200	Adchoices.svg cdn.mgid.com/images/logos/	836 B 1 KB	36ms 36ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/Adchoices.svg Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT content-encoding br cf-cache-status HIT age 3374 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id 50VWJQBT5W4QYKJG x-amz-id-2 xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE= last-modified Wed, 17 Feb 2021 18:15:53 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root etag W/"7d59364b7ed2df3f02507c9f92560df9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 6b7e306acbcb5cb0-FRA expires Sat, 04 Dec 2021 16:32:06 GMT
POST H/1.1	200 OK	cors Show response data.ad-score.com/data/	1 B 272 B	247ms 113ms	XHR text/plain	130.211.115.4 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data.ad-score.com/data/cors?pm_st=DrqXElyrQJnLtjxoQNGSAjttMwjyiZiV-FE7fPshldVrkKD8a3HLOFE3JPg==-E0zCNMhkY1HkNA==&pm_ct=7cf4a1b12de1dd223a6a5748&pm_pl=1638549126541&pm_td=333&pid=1000177&en=1.1&callback=__pm_glbl_nVjovaDBhHzVRUOQZ3krjuAr._gc3&tt=opt&v=8f13b2e Requested by Host: js.ad-score.com URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 4.115.211.130.bc.googleusercontent.com Software / Resource Hash 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://bestnewshere.com Date Fri, 03 Dec 2021 16:32:07 GMT Access-Control-Allow-Credentials true Connection keep-alive Content-Length 1 Access-Control-Allow-Methods POST Content-Type text/plain; charset=utf-8
GET H2	200	1 Show response servicer.mgid.com/1093798/	2 KB 1 KB	68ms 57ms	Script application/x-javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.mgid.com/1093798/1?pv=5&cbuster=1638549126902176575241&niet=4g&nisd=false&jsv=es6&w=1021&h=320&p3_w=330&p3_h=274&maxw_3=330&maxh_3=274&cols=3&ref=&cxurl=https%3A%2F%2Fbestnewshere.com%2Fghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant%2F&lu=https%3A%2F%2Fbestnewshere.com%2Fghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant%2F&sessionId=61aa4687-0c34f&pageView=1&pvid=17d81237ea09c3e6240&implVersion=11&dpr=1 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 992982b85eee76f4def999e9f87fef4caefe31533f3af37d025ee6dbf399624f Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:06 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/x-javascript; charset=utf-8 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 6b7e306b3def68eb-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	1 Show response servicer.mgid.com/1059382/	14 KB 5 KB	80ms 80ms	Script application/x-javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.mgid.com/1059382/1?w=1021&h=2926&p6_w=300&p6_h=250&maxw_6=300&maxh_6=250&cols=1&pv=5&cbuster=1638549126916809616663&uniqId=07377&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbestnewshere.com%2Fghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant%2F&lu=https%3A%2F%2Fbestnewshere.com%2Fghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant%2F&sessionId=61aa4687-0c34f&pageView=0&pvid=17d81237ea09c3e6240&implVersion=11&dpr=1 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b4830bcb08effd8c5ee5c30d14578fed3ec5f1100ab345aa0ba67f651f8789a Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:06 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/x-javascript; charset=utf-8 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 6b7e306b3e0468eb-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST H2	204	generic trends.revcontent.com/event/	0 0	40ms 39ms	Fetch	52.213.21.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trends.revcontent.com/event/generic Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-21-126.eu-west-1.compute.amazonaws.com Software Grizzly/2.4.4 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=931536000; includeSubDomains Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:06 GMT access-control-allow-credentials true server Grizzly/2.4.4 access-control-allow-headers Content-Type strict-transport-security max-age=931536000; includeSubDomains
POST H2	204	generic trends.revcontent.com/event/	0 0	39ms 39ms	Fetch	52.213.21.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trends.revcontent.com/event/generic Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-21-126.eu-west-1.compute.amazonaws.com Software Grizzly/2.4.4 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=931536000; includeSubDomains Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:06 GMT access-control-allow-credentials true server Grizzly/2.4.4 access-control-allow-headers Content-Type strict-transport-security max-age=931536000; includeSubDomains
POST H2	204	generic trends.revcontent.com/event/	0 0	42ms 42ms	Fetch	52.213.21.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trends.revcontent.com/event/generic Requested by Host: assets.revcontent.com URL: https://assets.revcontent.com/master/delivery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-21-126.eu-west-1.compute.amazonaws.com Software Grizzly/2.4.4 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=931536000; includeSubDomains Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:06 GMT access-control-allow-credentials true server Grizzly/2.4.4 access-control-allow-headers Content-Type strict-transport-security max-age=931536000; includeSubDomains
GET H3	200	MGID_plus.svg cdn.mgid.com/images/logos/	2 KB 1 KB	18ms 18ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/MGID_plus.svg Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT content-encoding br cf-cache-status HIT age 3375 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id TV9EGYWE00S199ZT x-amz-id-2 PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw= last-modified Tue, 23 Feb 2021 16:22:15 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root etag W/"f7525f3a5f32c6f4a8e9867e9f57ab45" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 6b7e306badce5cb0-FRA expires Sat, 04 Dec 2021 16:32:06 GMT
GET H3	200	Adchoices.svg cdn.mgid.com/images/logos/	836 B 1 KB	23ms 23ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/Adchoices.svg Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT content-encoding br cf-cache-status HIT age 3375 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id 50VWJQBT5W4QYKJG x-amz-id-2 xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE= last-modified Wed, 17 Feb 2021 18:15:53 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root etag W/"7d59364b7ed2df3f02507c9f92560df9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 6b7e306badd25cb0-FRA expires Sat, 04 Dec 2021 16:32:07 GMT
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzM2NjY5OTlkMWI5ZjZmZjIzMDRlMTlmNDFhYmE3NDM3LmpwZWc.webp s-img.mgid.com/g/4039679/492x328/0x142x640x426/	33 KB 34 KB	149ms 124ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/4039679/492x328/0x142x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzM2NjY5OTlkMWI5ZjZmZjIzMDRlMTlmNDFhYmE3NDM3LmpwZWc.webp?v=1638549126-BDJe8cAif5xXjvikrOPnAd9RxIfuZeOv00wpd8gwOwk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f973f1ade28db30559486fc500b7552d66d6bc1e6b2e60dda8e640e3ac16d509 Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status MISS last-modified Thu, 11 Nov 2021 15:47:10 GMT x-mg-request-uuid c9800e09-66e0-436a-9ef7-cbb93df1bdc0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306bdf7168e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 34166 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzMzOTkzNTAxOWQ1MTdkZjVlMDQ5MDRkYTE2NTZkYWE1LmpwZWc.webp s-img.mgid.com/g/4147870/492x328/80x4x629x419/	11 KB 12 KB	44ms 18ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/4147870/492x328/80x4x629x419/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzMzOTkzNTAxOWQ1MTdkZjVlMDQ5MDRkYTE2NTZkYWE1LmpwZWc.webp?v=1638549126-vDm0bVNjVfQ37TcdalPEkRseBrUcgNkjbp67ODEJD2s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc467ccf4335fc7075d1aa451c2648c5fae6ea3efba0448d33295c65d6aa9418 Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:56:17 GMT x-mg-request-uuid 9778b14e-c88f-42e2-b946-c11d24745c50 age 516493 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306bdf7568e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 11366 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzk0NzczNWVkNjBlN2Q1M2UyN2U2NTk4ODdjYTFkMzk3LnBuZw.webp s-img.mgid.com/g/8193529/492x328/0x12x597x398/	9 KB 9 KB	58ms 33ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8193529/492x328/0x12x597x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzk0NzczNWVkNjBlN2Q1M2UyN2U2NTk4ODdjYTFkMzk3LnBuZw.webp?v=1638549126-DvR_Z-h9JMnZBN3b62dq8JRMlsrgV3Fkcta-AwMHrgs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 011c914e55d974425a09c9a008bd79868ea80c9a54f2091745c8600ef8b0851a Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:45:51 GMT x-mg-request-uuid 5065fadf-8929-4bc1-a9d8-5976381fe9a0 age 563743 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306bdf7368e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 9030 server cloudflare
GET H2	200	performance.css video-native.mgid.com/mgPlayer/css/1.11/	40 KB 7 KB	46ms 9ms	Stylesheet text/css	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://video-native.mgid.com/mgPlayer/css/1.11/performance.css Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 02ba7dde63b05ebdf61208cba2cf4c7016d04efe8b8dd37baccb21bba67b8a48 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-id fr5-up-gc38 date Fri, 03 Dec 2021 16:32:10 GMT content-encoding gzip last-modified Mon, 19 Jul 2021 11:03:51 GMT server nginx etag "9ff4-5c777e47117fe-gzip" vary Accept-Encoding x-cached-since 2021-09-28T08:01:57+00:00 content-type text/css access-control-allow-origin * cache-control max-age=290304000, public cache HIT accept-ranges bytes content-length 6890 expires Wed, 28 Sep 2022 08:01:57 GMT
GET H3	200	MGID_plus.svg cdn.mgid.com/images/logos/	2 KB 1 KB	20ms 20ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/MGID_plus.svg Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT content-encoding br cf-cache-status HIT age 3376 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id TV9EGYWE00S199ZT x-amz-id-2 PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw= last-modified Tue, 23 Feb 2021 16:22:15 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root etag W/"f7525f3a5f32c6f4a8e9867e9f57ab45" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 6b7e306bee6b5cb0-FRA expires Sat, 04 Dec 2021 16:32:07 GMT
GET H3	200	Adchoices.svg cdn.mgid.com/images/logos/	836 B 1 KB	22ms 22ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/Adchoices.svg Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT content-encoding br cf-cache-status HIT age 3375 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id 50VWJQBT5W4QYKJG x-amz-id-2 xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE= last-modified Wed, 17 Feb 2021 18:15:53 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root etag W/"7d59364b7ed2df3f02507c9f92560df9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 6b7e306bee715cb0-FRA expires Sat, 04 Dec 2021 16:32:07 GMT
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMDYvMTAxOTI0LzE5YjgxMGNjNjc1ZWFmN2NlYzU3MDk0Zjc2MDRkYjVhLmpwZWc_dD0xNTA5OTc5NzM4NTg1.webp s-img.mgid.com/g/8164919/492x277/0x89x598x398/	23 KB 23 KB	30ms 30ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8164919/492x277/0x89x598x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMDYvMTAxOTI0LzE5YjgxMGNjNjc1ZWFmN2NlYzU3MDk0Zjc2MDRkYjVhLmpwZWc_dD0xNTA5OTc5NzM4NTg1.webp?v=1638549126--zAQ8U5mJ5SW_IRiMIp5utwjfmUCjCg7pud4wVaCi3o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02810e956d84641218d016effe7678e6029cf304707c5adb1850eed9f196eeb6 Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 08:57:54 GMT x-mg-request-uuid ed949f66-33a6-43dd-8a12-ecefb806e36f age 1923484 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306befa668e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 23250 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzU0YWNjYTMwY2ZiYmVhMzhmNDFiNTE5NDdmMzAyYWU5LmpwZWc.webp s-img.mgid.com/g/4001397/492x277/41x0x756x504/	8 KB 9 KB	18ms 17ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/4001397/492x277/41x0x756x504/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzU0YWNjYTMwY2ZiYmVhMzhmNDFiNTE5NDdmMzAyYWU5LmpwZWc.webp?v=1638549126-U6UJJYhUPfl5o0i48Nqg8tNGgaHNJu4KbZj9x4jZtyE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 035c924c026481e218300aa880beba724355747c0cfba498a5e454d16e04c39a Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Fri, 01 Oct 2021 14:25:12 GMT x-mg-request-uuid 242523a5-8fdc-45b1-a7e4-27615f61e98f age 2637310 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306befaa68e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 8492 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2FmMDk3N2NmYWExNTk4MmRhMDRiMTdlNzY1NGQ2MDI5LmpwZWc.webp s-img.mgid.com/g/5097642/492x277/0x0x641x427/	6 KB 7 KB	19ms 18ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/5097642/492x277/0x0x641x427/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2FmMDk3N2NmYWExNTk4MmRhMDRiMTdlNzY1NGQ2MDI5LmpwZWc.webp?v=1638549126-OaPiW1sq1VZ-ys0dJp97_UhSl0Ng3ln_oe10iLpxbhI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c2ad76e2e2a279f769be95c973867a931f8b2f02e09247b6b05d754057160d2 Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:52:28 GMT x-mg-request-uuid 9c74a8cd-c92c-4ed7-bbd9-fb6335a8b809 age 67694 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306befab68e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6446 server cloudflare
GET H2	200	aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.jpg s-img.mgid.com/l/-/492x277/-/	28 KB 28 KB	27ms 25ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.jpg?v=1638549126-Br6aAyZfwrve2yhuPd4jLdsVzEXyEBBNLtwwTHSYErk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36d7d981d8ac09da34c03c3b4914104e830ceed745bad1523117e9d511073a0e Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT x-mg-request-uuid e15f8907-e5a6-47b1-9e7a-81c370a29cb5 age 1479506 cf-polished qual=85, origFmt=jpeg, origSize=35326 content-disposition inline; filename="aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 28540 last-modified Thu, 11 Nov 2021 15:42:46 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306befb468e6-FRA cf-bgj imgq:85,h2pri
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQyMWI2MmNmYzE1MWViMTBkZjMyMzJlZGRkZDRmMmVlLmpwZWc.webp s-img.mgid.com/g/3885459/492x277/0x0x682x454/	34 KB 34 KB	31ms 29ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3885459/492x277/0x0x682x454/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQyMWI2MmNmYzE1MWViMTBkZjMyMzJlZGRkZDRmMmVlLmpwZWc.webp?v=1638549126-Ao_U8raPUYh1vAA1CklvIBD0e2kU-fGxWHMGOQIkmbA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c66e4f4f78eec800580f8884aa70e87675951bc18e8ea601f11a1a87cceffdf Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:56:34 GMT x-mg-request-uuid 45980959-d931-4a2c-8f8c-8ebaa29e3014 age 391385 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306befb568e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 34514 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE2N2M0OTZmNzkyOThhYzBlNGRhZDgwN2VhMGI2Y2U1LmpwZz90PTE0OTc5ODQwMTQ5NjU.webp s-img.mgid.com/g/3805481/492x277/0x205x800x533/	16 KB 16 KB	21ms 18ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3805481/492x277/0x205x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE2N2M0OTZmNzkyOThhYzBlNGRhZDgwN2VhMGI2Y2U1LmpwZz90PTE0OTc5ODQwMTQ5NjU.webp?v=1638549126-wNX3VMsXbZ2YISk7bhKCzeXV53CRt-gSGxuqHpX6rUo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 297489ccb667f6076f816e00c3664df68ca7b545910ee93191aa6dffa774062e Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Fri, 01 Oct 2021 14:24:19 GMT x-mg-request-uuid e155fc86-fcab-4e5e-87ce-6a493a16fce0 age 5446688 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306befb968e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 16252 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDcvMTAxOTI0L2NmYjM5MGE0NGZmZjhiOTczMTI0N2FjYTgyOTlkYTRkLmpwZz90PTE0OTE1ODc3OTE5NDE.webp s-img.mgid.com/g/3805563/492x277/0x0x492x328/	6 KB 7 KB	24ms 22ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3805563/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDcvMTAxOTI0L2NmYjM5MGE0NGZmZjhiOTczMTI0N2FjYTgyOTlkYTRkLmpwZz90PTE0OTE1ODc3OTE5NDE.webp?v=1638549126-L6sDDWVCPRQQ_0vcwHT9r2ZN-70kP_VnYQZcwQS7-Xc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 171446efc3147e504563f7ebf76d49b06248cb4ed519eb5f91396ed325c97685 Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:53:48 GMT x-mg-request-uuid f74493ba-862e-47b1-aacd-2cf508dfa45b age 1209116 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306befbc68e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6526 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTQvMTAxOTI0L2U5M2JkMjcyOGU0ODlhOGJjMTlmNDJhOTYzYzRkMDAwLmpwZz90PTE0OTIxOTU2MzI3Mzk.webp s-img.mgid.com/g/3805533/492x277/0x0x492x328/	6 KB 7 KB	29ms 27ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3805533/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTQvMTAxOTI0L2U5M2JkMjcyOGU0ODlhOGJjMTlmNDJhOTYzYzRkMDAwLmpwZz90PTE0OTIxOTU2MzI3Mzk.webp?v=1638549126-Ob9KLJzYU3xeNFe7dNrepHbxC2gT4sGWCH0mvGfVMHs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f975844cd3a09813cd7d6d95f34e4a73dcb596314a04c99953d8c606048944a Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Fri, 01 Oct 2021 14:24:08 GMT x-mg-request-uuid e7d9e7a8-393c-4ca7-8f14-b900f98a2640 age 2253172 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306befbe68e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6506 server cloudflare
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvNmM2YmMzMzc2YWQ3MGEwM... s-img.mgid.com/g/10839597/492x277/-/	12 KB 13 KB	25ms 23ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/10839597/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvNmM2YmMzMzc2YWQ3MGEwMjg3NGU2NmE1Mzk1ZDM3NWUuanBlZw.webp?v=1638549126-MTdWN478TT4ruvQO88zaikRKHT2ugWyAhkTDLuHiWuA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 194c747163198072c818b9eb8b35b2afca979f93f54009c67903e1dcb7503aef Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:56:06 GMT x-mg-request-uuid 20b86cba-cefd-4139-aaaa-06f0944db2f0 age 372539 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306befc068e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 12622 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzBmNjE3MzQxMmZiMDJiOTMzMDdlYTVmMWJhMGMyZTExLnBuZz90PTE0OTgxNjEyNzI1NjE.webp s-img.mgid.com/g/3805599/492x277/2x0x595x396/	14 KB 14 KB	34ms 32ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3805599/492x277/2x0x595x396/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzBmNjE3MzQxMmZiMDJiOTMzMDdlYTVmMWJhMGMyZTExLnBuZz90PTE0OTgxNjEyNzI1NjE.webp?v=1638549126-wQzl_i_VV9DJfZ_J-foRmg5gpUX-BlspJ_cxNmfAnkc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 719550f20344313c9f32f4fc6d9c4dee7ddf147eb9f8c9b75a32f9a024dba1da Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:53:41 GMT x-mg-request-uuid 7ffc1a8c-78c8-4092-b5f1-aa14ebd4c73d age 587781 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306bffcc68e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 14080 server cloudflare
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTU3LHlfMzkxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC84YTlkO... s-img.mgid.com/g/10839617/492x277/-/	12 KB 12 KB	35ms 33ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/10839617/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTU3LHlfMzkxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC84YTlkOWNmNDIxYTQ4ZTdjNWI3YzA5MGM0ZmYwZGZlYi5qcGVn.webp?v=1638549126-9CQxUGvLw2Zb5oKIx_L-jNYBUpjCjAs_wyxwpIoqKSY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e25d03a13e235ebda6c622ae14f571f235a768e104765e129d45735fbfd63641 Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:55:09 GMT x-mg-request-uuid 4a65ff48-8707-4a57-9866-663be549afb1 age 365491 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306bffce68e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 11778 server cloudflare
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfOTgxLHlfMzEyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC85ZWQ1Y... s-img.mgid.com/g/11533472/492x277/-/	21 KB 22 KB	34ms 33ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/11533472/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfOTgxLHlfMzEyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC85ZWQ1YmM2ODVhNWVlNmMyOTExYjc1YWY3OTI4MmQ1ZC5qcGVn.webp?v=1638549126-OBFvB60rYE-Z-XLacdVNVRL5AxGRf6xnJQLpS_YyiOI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc5fe037d5163def0e82e4550d525ab5da055a39a2dd0502774c13b1dba1358f Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Wed, 01 Dec 2021 12:34:48 GMT x-mg-request-uuid 6dd3f556-0974-4047-9be5-31a48ed6c338 age 104108 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306bffd168e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 21866 server cloudflare
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvODc2MDIzNDA4MWQ5YTFkM... s-img.mgid.com/g/11533460/492x277/-/	12 KB 13 KB	32ms 31ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/11533460/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvODc2MDIzNDA4MWQ5YTFkM2Y3M2M1YWVjZjc5MjVlM2IuanBlZw.webp?v=1638549126-RQWTokwr_V51XbGYylyK7ZOjszNGYytVfiPe_5Z4KtA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf3db3cdb134ed21be961f2211a1891d3eb1117bb53fb39e21dc75dc03a4912a Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Wed, 01 Dec 2021 12:35:20 GMT x-mg-request-uuid f6968471-dec9-4225-b546-1c41ade2cb36 age 183801 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306bffd568e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 12600 server cloudflare
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZDY1MmQ4Y2M4N2NiNmU2Z... s-img.mgid.com/g/11533317/492x277/-/	11 KB 11 KB	125ms 124ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/11533317/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZDY1MmQ4Y2M4N2NiNmU2ZTE0NWZmYWU2ZWQxYTYzZjQuanBlZw.webp?v=1638549126-NR1bmUt5l6HAXnkzNq_Zn2wkl1ewSyLkQIXajKcTC64 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0007bb301c0e1e7fc293fdf041dca0ff89902af9d7c1932bbe171a429ade05b Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status MISS last-modified Wed, 01 Dec 2021 12:24:29 GMT x-mg-request-uuid b1991e09-0d3a-4356-94bc-4c455fa9d81a expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306bffd968e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 11184 server cloudflare
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzk1NGRmODliYWY3MzhiM... s-img.mgid.com/g/11533480/492x277/-/	6 KB 6 KB	47ms 47ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/11533480/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzk1NGRmODliYWY3MzhiMjNmZDVhMzE0Zjk2OWJiMTcuanBlZw.webp?v=1638549126-2Uo6JBgQX1klz3iXpf6dGcyUZYcgFrge5eaaGEl7kHY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab3280e8c19ccb73da6dbdeaa67509dffdb6b0fa33ba44d81ecc7e95133226b0 Request headers Referer https://bestnewshere.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status HIT last-modified Wed, 01 Dec 2021 12:34:38 GMT x-mg-request-uuid e6378411-9236-4729-8078-580998b34e97 age 36902 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6b7e306bffdc68e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6154 server cloudflare
GET H2	200	i.js Show response cm.mgid.com/	2 KB 922 B	87ms 77ms	Script application/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i.js?&cbuster=1638549127076963104095 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3e9796807bd45823fe781f919869cdbac9b8a742b8d81481b3ea8a4108ec514 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6b7e306c48cd68eb-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	245ce5fa-079e-4387-881a-f3b9d27be08e Show response player.ex.co/player/	695 KB 204 KB	56ms 28ms	Script application/javascript	151.101.66.132 FASTLY
General Check archive.org Show headers Download Go to Full URL https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e Requested by Host: cdn.mgid.com URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.65.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.132 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 86458630cdf265d487a786af20751992a6c75b78e23eadb6f7fb624918ecd1ff Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT content-encoding gzip age 5416 x-cache MISS, HIT access-control-max-age 600 content-length 208153 x-served-by cache-dca17751-DCA, cache-hhn4074-HHN access-control-allow-origin * server nginx x-timer S1638549127.131771,VS0,VE1 etag W/"adb42-+9pp72B/w0BcWfL5ryCTf7vTgVU" vary Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player access-control-allow-methods GET, POST, PUT, DELETE content-type application/javascript; charset=utf-8 via 1.1 varnish, 1.1 varnish cache-control no-cache accept-ranges bytes access-control-allow-headers Accept, Authorization, Content-Type x-cache-hits 0, 1
GET H2	200	i-noref.js Show response cm.mgid.com/ Frame 0EBC	19 B 209 B	64ms 64ms	Script application/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i-noref.js?cbuster=1638549127096187596808 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6b7e306c58fd68eb-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	sync.html Show response s.adtelligent.com/ Frame 8FAA	1 KB 884 B	177ms 19ms	Document text/html	2a0c:5c81:5139::2 24SHELLS
General Check archive.org Show headers Download Go to Full URL https://s.adtelligent.com/sync.html?aid=658327 Requested by Host: cm.mgid.com URL: https://cm.mgid.com/i.js?&cbuster=1638549127076963104095 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US), Reverse DNS Software VertaMedia 1.0 / Resource Hash 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ Response headers Server VertaMedia 1.0 Date Fri, 03 Dec 2021 16:32:07 GMT Content-Type text/html; charset=UTF-8 Content-Length 600 Access-Control-Allow-Origin https://bestnewshere.com Access-Control-Allow-Credentials true Connection Keep-Alive Content-Encoding gzip
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame E380 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu	281 B 554 B	40ms 6ms	Document text/html	23.79.143.124 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu Requested by Host: cm.mgid.com URL: https://cm.mgid.com/i.js?&cbuster=1638549127076963104095 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-143-124.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 26 Oct 2021 17:01:05 GMT ETag "40334-119-5cf446c48f640" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 03 Dec 2021 16:32:07 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu Date Fri, 03 Dec 2021 16:32:07 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H2	200	mw mwzeom.zeotap.com/	95 B 455 B	53ms 26ms	Image image/png	2606:4700:10::ac43:db6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?cid=lb36o8WwDnw8&zpartnerid=1532&zdid=1532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://bestnewshere.com access-control-allow-credentials true cf-ray 6b7e306d4c19697b-FRA access-control-allow-headers * content-length 95
GET H3	200	m cm.mgid.com/ Redirect Chain https://x.bidswitch.net/sync?ssp=mgid https://x.bidswitch.net/ul_cb/sync?ssp=mgid https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid https://x.bidswitch.net/sync?dsp_id=70&user_id=4979732836795298135&ssp=mgid https://cm.mgid.com/m?cdsp=433145&c=e588748c-ec59-4544-a12b-db4a8c753766&gdpr=&gdpr_consent=&us_privacy=	43 B 577 B	73ms 73ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=433145&c=e588748c-ec59-4544-a12b-db4a8c753766&gdpr=&gdpr_consent=&us_privacy= Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6b7e306f3f635cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers Location //cm.mgid.com/m?cdsp=433145&c=e588748c-ec59-4544-a12b-db4a8c753766&gdpr=&gdpr_consent=&us_privacy= Date Fri, 03 Dec 2021 16:32:07 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H2	200	/ cm.lentainform.com/setmuidn/	0 495 B	91ms 61ms	Image image/gif	104.19.216.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.lentainform.com/setmuidn/?muidf=lb36o8WwDnw8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6b7e306d4ce56904-FRA p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	m cm.mgid.com/ Redirect Chain https://creativecdn.com/cm-notify?pi=mgid https://creativecdn.com/cm-notify?pi=mgid&tc=1 https://cm.mgid.com/m?cdsp=501037&c=kukMiME15PTV8SpJKEWR&pi=mgid&tc=1	43 B 561 B	71ms 70ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=501037&c=kukMiME15PTV8SpJKEWR&pi=mgid&tc=1 Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6b7e306debd75cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers location https://cm.mgid.com/m?cdsp=501037&c=kukMiME15PTV8SpJKEWR&pi=mgid&tc=1 pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT, Fri, 03 Dec 2021 16:32:07 GMT cache-control no-cache, no-store, must-revalidate, private, max-age=0 content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	/ cm.idealmedia.io/setmuidn/	0 412 B	108ms 79ms	Image image/gif	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.idealmedia.io/setmuidn/?muidf=lb36o8WwDnw8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6b7e306d4a6a2c42-FRA p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true content-type image/gif
GET H3	200	m cm.mgid.com/ Redirect Chain https://rtb-usw.mfadsrvr.com/sync?ssp=mgid https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid https://cm.mgid.com/m?cdsp=287839&c=855ea237-46e0-4c76-be66-c96fb86d14af	43 B 593 B	60ms 59ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=287839&c=855ea237-46e0-4c76-be66-c96fb86d14af Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6b7e30715c425cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers location //cm.mgid.com/m?cdsp=287839&c=855ea237-46e0-4c76-be66-c96fb86d14af date Fri, 03 Dec 2021 16:32:07 GMT cache-control no-cache, no-store, must-revalidate alt-svc clear content-length 0 via 1.1 google
GET H3	200	google cm.mgid.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGIzNm84V3dEbnc4&muidn=lb36o8WwDnw8 https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGIzNm84V3dEbnc4&muidn=lb36o8WwDnw8&google_tc= https://cm.mgid.com/google?muidn=lb36o8WwDnw8&google_ula={guid},5&google_gid=CAESELaeNH3E88svzb0Mqkxtq6o&google_cver=1	0 376 B	89ms 88ms	Image text/plain	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/google?muidn=lb36o8WwDnw8&google_ula={guid},5&google_gid=CAESELaeNH3E88svzb0Mqkxtq6o&google_cver=1 Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type text/plain cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 6b7e306dfbf45cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.mgid.com/google?muidn=lb36o8WwDnw8&google_ula={guid},5&google_gid=CAESELaeNH3E88svzb0Mqkxtq6o&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 327 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	m cm.mgid.com/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 https://cm.mgid.com/m?cdsp=371158&c=f5aed51c-54d1-4343-bde7-bf1144174493&ttl=1641141127	43 B 561 B	57ms 57ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=371158&c=f5aed51c-54d1-4343-bde7-bf1144174493&ttl=1641141127 Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6b7e306e3c8e5cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.mgid.com/m?cdsp=371158&c=f5aed51c-54d1-4343-bde7-bf1144174493&ttl=1641141127 cache-control private,no-cache, must-revalidate content-type text/html content-length 205
GET H3	200	m cm.mgid.com/ Redirect Chain https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D https://cm.mgid.com/m?cdsp=665953&c=20ce8fbe-29dc-45c6-b3b7-8be1c24b4888	43 B 561 B	68ms 68ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=665953&c=20ce8fbe-29dc-45c6-b3b7-8be1c24b4888 Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6b7e306e3c8b5cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers location https://cm.mgid.com/m?cdsp=665953&c=20ce8fbe-29dc-45c6-b3b7-8be1c24b4888 date Fri, 03 Dec 2021 16:32:07 GMT access-control-allow-origin * content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H/1.1	204 No Content	sync.php pixel.rubiconproject.com/exchange/ Redirect Chain https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lb36o8WwDnw8 https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=5907245826734858392&gdpr=0&gdpr_consent= https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=	0 239 B	282ms 9ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 611afce88997db6fdd35eb213e662871 Content-Type image/gif Redirect headers Pragma no-cache Date Fri, 03 Dec 2021 16:32:07 GMT Server nginx Transfer-Encoding chunked Location https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy= Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Expires 0
GET H/1.1	200 OK	bswsync crb.kargo.com/api/v1/ Redirect Chain https://x.bidswitch.net/sync?dsp_id=303&user_id=lb36o8WwDnw8 https://crb.kargo.com/api/v1/bswsync?bsw_uuid=e588748c-ec59-4544-a12b-db4a8c753766&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=	43 B 360 B	40ms 8ms	Image image/gif	18.194.96.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://crb.kargo.com/api/v1/bswsync?bsw_uuid=e588748c-ec59-4544-a12b-db4a8c753766&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 18.194.96.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-96-101.eu-central-1.compute.amazonaws.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Fri, 03 Dec 2021 16:32:07 GMT Vary Origin Content-Type image/gif Cache-Control no-cache, no-store, must-revalidate, private, max-age=0 Connection keep-alive Krk-Reject-Reason consent Content-Length 43 X-Accel-Expires 0 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location //crb.kargo.com/api/v1/bswsync?bsw_uuid=e588748c-ec59-4544-a12b-db4a8c753766&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy= Date Fri, 03 Dec 2021 16:32:07 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 137 B	280ms 91ms	XHR text/plain	54.164.123.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.123.106 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-123-106.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:07 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H3	200	css2 fonts.googleapis.com/	2 KB 549 B	30ms 16ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto&display=swap Requested by Host: client URL: about:client Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 03 Dec 2021 15:42:08 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 03 Dec 2021 16:32:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 03 Dec 2021 16:32:07 GMT
GET H2	200	hls.min.js Show response player.avplayer.com/script/2/2.55/libs/	247 KB 71 KB	47ms 8ms	Script application/javascript	2a02:26f0:6c00::210:bb21 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://player.avplayer.com/script/2/2.55/libs/hls.min.js Requested by Host: player.ex.co URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:bb21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT content-encoding gzip x-guploader-uploadid ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 71831 last-modified Sun, 10 Jan 2021 14:52:52 GMT server UploadServer etag "7888b98658e8cef4a98786556ccdab66" vary Accept-Encoding x-goog-hash crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg== content-language en x-goog-generation 1610290372874389 cache-control public, max-age=300 x-goog-stored-content-length 71831 accept-ranges bytes content-type application/javascript expires Fri, 03 Dec 2021 16:37:07 GMT
GET DATA	200 OK	truncated /	216 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	385 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	237 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	238 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	411 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	240 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	AVmanager.js Show response player.aniview.com/script/6.1/ Frame 8D84	364 KB 103 KB	32ms 8ms	Script application/javascript	2a02:26f0:6c00:28a::2c79 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Requested by Host: player.ex.co URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 90b69c5f7668353e1ae5d266dba1f8a4b2dbbb254b6a2cf6e5b2d91381a714eb Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT content-encoding gzip x-guploader-uploadid ADPycdvM8Pl4fiI-ZbcE4PithR_rK-MeKxMp4OZZWD18zge6GsrKnlRzIkUA_rXDfr4ERs0JdXwI9UMEjKdEOuvM17w x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip content-length 104652 last-modified Wed, 01 Dec 2021 06:59:43 GMT server UploadServer etag "c090f073758d1a9717d1a9aa2c037cb5" vary Accept-Encoding x-goog-hash crc32c=bxmpzg==, md5=wJDwc3WNGpcX0amqLAN8tQ== content-language en access-control-allow-origin * x-goog-generation 1638341983568684 access-control-expose-headers Content-Type cache-control public, max-age=300 x-goog-stored-content-length 104652 accept-ranges bytes content-type application/javascript expires Fri, 03 Dec 2021 16:37:07 GMT
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 136 B	202ms 91ms	XHR text/plain	54.164.123.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.123.106 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-123-106.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:07 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H2	200	track atrack.avplayer.com/	0 71 B	319ms 101ms	Image text/plain	34.239.242.184 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1638549127322&cid=614af84d5fb982486400cf4d&VERSION=4.102.1&AV_PAGE_LOAD_UID=9a0f8432-d849-4621-90c7-e626d0e44795&AV_CDIM4=9a0f8432-d849-4621-90c7-e626d0e44795&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-239-242-184.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	22ms 8ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bestnewshere.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 13:39:48 GMT x-content-type-options nosniff age 10339 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 03 Dec 2022 13:39:48 GMT
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame E380	32 KB 10 KB	8ms 7ms	Script text/html	23.79.143.124 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-143-124.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 65445aacbafe7ae9e7c21a38e05b09e0b8af45eb6c11e4bd0a4816d836d016ca Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 03 Dec 2021 16:32:07 GMT Content-Encoding gzip Last-Modified Wed, 10 Nov 2021 00:01:00 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=35949 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9511 Expires Sat, 04 Dec 2021 02:31:16 GMT
GET H2	200	track track1.aniview.com/	0 71 B	282ms 92ms	Image text/plain	34.195.16.202 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?r=bestnewshere.com&sn=&cd4=9a0f8432-d849-4621-90c7-e626d0e44795&cd5=default&cd6=100&cd7=main&ic=0&tgt=0&app=&wi=680&he=383&test=&d36=6.1.2.90&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=614af84d5fb982486400cf4d&stagid=&stplid=&e=inventory&vi=0&cb=1638549127442 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-16-202.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame E380	284 B 536 B	41ms 9ms	Image image/jpg	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 611afce88997db6fdd35eb213e662871 Content-Type image/jpg
GET H2	200	/ Show response premiumsrv.aniview.com/api/adserver/tag/	7 KB 2 KB	317ms 117ms	XHR application/json	3.224.226.7 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.102.1&AV_PAGE_LOAD_UID=9a0f8432-d849-4621-90c7-e626d0e44795&AV_CDIM4=9a0f8432-d849-4621-90c7-e626d0e44795&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_sd%2Fv1490095101%2Flandscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fbestnewshere.com%2Fghislaine-maxwell-trial-coverage-sparse-as-msm-wages-massive-fearmonger-campaign-on-omicron-variant%2F&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=614af84d5fb982486400cf4d&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=bestnewshere.com&AV_DADPOS=3&d36=6.1.2.90&responsive=1&sver=1&avtoken=127441&AV_WIDTH=679&AV_HEIGHT=383&AV_DNT=0&cb=1638549127482 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.224.226.7 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-224-226-7.compute-1.amazonaws.com Software / Resource Hash 1fda9790760d192a75496b85206a0a77f904f2eff3d4effc8b58f2eccadad35f Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT content-encoding gzip vary Accept-Encoding content-type application/json access-control-allow-origin https://bestnewshere.com cache-control no-cache access-control-allow-credentials true expires Mon, 22 Nov 2021 02:45:27 GMT
GET H/1.1	200 OK	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.m3u8 Show response mcd.ex.co/video/upload/sp_sd/v1490095101/	651 B 1 KB	50ms 11ms	XHR application/x-mpegurl	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/sp_sd/v1490095101/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.m3u8 Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash d26f38ce1560b28dad6b2f72540523c29a99861eb8b522c888ecc564176134cb Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 03 Dec 2021 16:32:07 GMT Last-Modified Fri, 03 Dec 2021 02:23:20 GMT Server cloudinary X-Timer S1638498275.620062,VS0,VE54 ETag "aaa19287457e7006f592de2949f78767" X-Served-By cache-wdc5528-WDC Content-Type application/x-mpegURL Access-Control-Allow-Origin * Cache-Control public, max-age=31506697 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With Content-Length 651 X-Cache-Hits 0
GET		csync sync.adtelligent.com/ Frame 8FAA	0 0
GET H/1.1	200 OK	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.m3u8 Show response mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1638498192/	1 KB 2 KB	10ms 10ms	XHR application/x-mpegurl	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.m3u8 Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash b9ab520ee9e7908a85e8b0c6bdc90922bc47e3ede676f8d037eb28877bbdac2b Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 03 Dec 2021 16:32:07 GMT Last-Modified Fri, 03 Dec 2021 02:23:17 GMT Server cloudinary X-Timer S1638498276.533294,VS0,VE59 ETag "948c08b404c6b021da77bb3d8766bc83" X-Served-By cache-wdc5528-WDC Content-Type application/x-mpegURL Access-Control-Allow-Origin * Cache-Control public, max-age=31506623 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With Content-Length 1217 X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1638498192/ Frame	0 0	8ms 8ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://bestnewshere.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Fri, 03 Dec 2021 16:32:07 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Show response mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1638498192/	41 KB 41 KB	10ms 9ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 79e07a8d57e8bb02da9756ff70bcd0f8dbfd182d6dd4161e70d31ac9ca972b67 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Range bytes=0-41923 Response headers Date Fri, 03 Dec 2021 16:32:07 GMT Content-Range bytes 0-41923/761588 Connection keep-alive Content-Length 41924 X-Served-By cache-wdc5528-WDC Last-Modified Fri, 03 Dec 2021 02:23:16 GMT Server cloudinary X-Timer S1638498276.144073,VS0,VE26 ETag "8200c0cf436ec2dee1ab2a89e4f57939" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31506760 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
GET BLOB	200 OK	90d7ff8d-f43f-46b2-ac74-ef619b4133b8 https://bestnewshere.com/	63 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://bestnewshere.com/90d7ff8d-f43f-46b2-ac74-ef619b4133b8 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Length 64352 Content-Type text/javascript
GET H/1.1	200 OK	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.m3u8 Show response mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/	1 KB 2 KB	15ms 14ms	XHR application/x-mpegurl	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.m3u8 Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 772ef765bb7edf81e02dd3345e93482c5e9f558b1adc1f7e2736db17b91b08c0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 03 Dec 2021 16:32:07 GMT Last-Modified Fri, 03 Dec 2021 02:23:19 GMT Server cloudinary X-Timer S1638498280.602803,VS0,VE130 ETag "eef1238a034c60c7c44f0285ca676003" X-Served-By cache-wdc5528-WDC Content-Type application/x-mpegURL Access-Control-Allow-Origin * Cache-Control public, max-age=31506805 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With Content-Length 1229 X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/ Frame	0 0	7ms 7ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://bestnewshere.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Fri, 03 Dec 2021 16:32:07 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/	78 KB 79 KB	19ms 19ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash c34cc095394e6bd4d958b38e5dcd6f868b8d308853dbbd29f64bf4d1c3c5106b Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Range bytes=0-79899 Response headers Date Fri, 03 Dec 2021 16:32:07 GMT Content-Range bytes 0-79899/1697640 Connection keep-alive Content-Length 79900 X-Served-By cache-wdc5569-WDC Last-Modified Fri, 03 Dec 2021 02:23:19 GMT Server cloudinary X-Timer S1638498280.912588,VS0,VE65 ETag "b4caa9fabb852bed722cc11ae52929e6" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31506778 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/ Frame	0 0	8ms 8ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://bestnewshere.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Fri, 03 Dec 2021 16:32:07 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/	200 KB 200 KB	8ms 7ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 541cd58b3fe6eae5829cf4821329fb172dacd513ca89a6bec6843c1c52733357 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Range bytes=79900-284255 Response headers Date Fri, 03 Dec 2021 16:32:07 GMT Content-Range bytes 79900-284255/1697640 Connection keep-alive Content-Length 204356 X-Served-By cache-wdc5569-WDC Last-Modified Fri, 03 Dec 2021 02:23:19 GMT Server cloudinary X-Timer S1638498280.912588,VS0,VE65 ETag "b4caa9fabb852bed722cc11ae52929e6" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31506778 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
GET DATA	200 OK	truncated /	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 136 B	91ms 90ms	XHR text/plain	54.164.123.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.123.106 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-123-106.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:07 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H/1.1	206 Partial Content	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/	108 KB 108 KB	7ms 7ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 17ddd9c1aec9adff46fb8834464d0348c89ffff60f5fa8fb5e5ea753eb8342ca Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Range bytes=284256-394799 Response headers Date Fri, 03 Dec 2021 16:32:07 GMT Content-Range bytes 284256-394799/1697640 Connection keep-alive Content-Length 110544 X-Served-By cache-wdc5569-WDC Last-Modified Fri, 03 Dec 2021 02:23:19 GMT Server cloudinary X-Timer S1638498280.912588,VS0,VE65 ETag "b4caa9fabb852bed722cc11ae52929e6" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31506778 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/ Frame	0 0	7ms 7ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://bestnewshere.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Fri, 03 Dec 2021 16:32:07 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 23F9	14 KB 5 KB	12ms 12ms	Document text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D1%26key%3D Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=73674 expires Sat, 04 Dec 2021 13:00:01 GMT date Fri, 03 Dec 2021 16:32:07 GMT vary Accept-Encoding
GET H/1.1	200 OK	usermatch Show response ssum.casalemedia.com/ Frame BCF7 Redirect Chain https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D42%26key%3D https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D42%26key%3D&s=190719&C=1	2 KB 3 KB	27ms 27ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D42%26key%3D&s=190719&C=1 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash f8bd6da494997195745b52d7dc562494eddb92bcf28139b2d26c58cdd8de7a4b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ Response headers Server Apache Content-Type text/html Dropped-Udsids 230|241|39|45|13|190|221|206 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1917 Expires Fri, 03 Dec 2021 16:32:07 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Fri, 03 Dec 2021 16:32:07 GMT Connection keep-alive Redirect headers Server Apache Content-Length 379 Content-Type text/html; charset=iso-8859-1 Location https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D42%26key%3D&s=190719&C=1 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Expires Fri, 03 Dec 2021 16:32:07 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Fri, 03 Dec 2021 16:32:07 GMT Connection keep-alive
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 3DA0 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east	281 B 554 B	7ms 6ms	Document text/html	23.79.143.124 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-143-124.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 26 Oct 2021 17:01:05 GMT ETag "40334-119-5cf446c48f640" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 03 Dec 2021 16:32:07 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east Date Fri, 03 Dec 2021 16:32:07 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H/1.1	204 No Content	merge ce.lijit.com/ Frame B7A6	0 0	54ms 21ms	Document text/plain	216.52.2.30 AS-INAPCDN-OCY
General Check archive.org Show headers Download Go to Full URL https://ce.lijit.com/merge?pid=&3pid=1638549127732-954207814583-005728-000-006000&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D18%26key%3D%5BSOVRNID%5D Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US), Reverse DNS Software nginx / raptor Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ Response headers Server nginx Date Fri, 03 Dec 2021 16:32:07 GMT Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 Pragma no-cache Expires Fri, 20 Mar 2009 00:00:00 GMT P3P CP="CUR ADM OUR NOR STA NID" X-Powered-By raptor X-Sovrn-Pod ad_ap6ams1
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 136 B	91ms 90ms	XHR text/plain	54.164.123.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.123.106 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-123-106.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:07 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H2	200	avpb3.js Show response player.aniview.com/script/6.1/ Frame 8D84	314 KB 98 KB	8ms 8ms	Script application/javascript	2a02:26f0:6c00:28a::2c79 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://player.aniview.com/script/6.1/avpb3.js Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 272a612f7fcefd5b1292d2b642a9a252c57ee1b6c97cdfaad321eecca2466dce Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT content-encoding gzip x-guploader-uploadid ADPycdvqqILf_qwh7s9u-plstsc_Gp5PiW8jXwa7ZZBa5V-RYBlKEGcfpDbg4Mv24HJt7HqnBptCkMuVERSUizQpAs0 x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip content-length 99492 last-modified Wed, 01 Dec 2021 06:58:16 GMT server UploadServer etag "58251031c6023dee10212742471f8135" vary Accept-Encoding x-goog-hash crc32c=V+UbGA==, md5=WCUQMcYCPe4QISdCRx+BNQ== content-language en access-control-allow-origin * x-goog-generation 1638341896718566 access-control-expose-headers Content-Type cache-control public, max-age=300 x-goog-stored-content-length 99492 accept-ranges bytes content-type application/javascript expires Fri, 03 Dec 2021 16:37:07 GMT
GET H2	200	track track1.aniview.com/	0 70 B	94ms 93ms	Image text/plain	34.195.16.202 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=bestnewshere.com&rs=bestnewshere.com&sid=86812&t=1638549127&cip=91.199.118.78&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1638549127732-954207814583-005728-000-006000&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.90&cb=77129127876&cd1=4.102.1&cd4=9a0f8432-d849-4621-90c7-e626d0e44795&cd5=default&cd6=100&cd7=main&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=614af84d5fb982486400cf4d&e=request&cb=1638549127813&asid=5e09c01b28a0614eae69d74c%2C5eb93f6a62a3b73cda792534%2C6033b5166ce17d3480761314&ofpr=2.5%2C2%2C2&fpo=%2C%2C Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-16-202.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 3DA0	32 KB 10 KB	8ms 7ms	Script text/html	23.79.143.124 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-143-124.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 65445aacbafe7ae9e7c21a38e05b09e0b8af45eb6c11e4bd0a4816d836d016ca Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 03 Dec 2021 16:32:07 GMT Content-Encoding gzip Last-Modified Wed, 10 Nov 2021 00:01:00 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=35949 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9511 Expires Sat, 04 Dec 2021 02:31:16 GMT
POST H/1.1	204 No Content	275028 Show response search.spotxchange.com/openrtb/2.3/dados/	0 1 KB	100ms 36ms	XHR application/json	185.94.180.123 SPOTX-AMS
General Check archive.org Show headers Download Go to Full URL https://search.spotxchange.com/openrtb/2.3/dados/275028?src_sys=prebid Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/avpb3.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers Date Fri, 03 Dec 2021 16:32:07 GMT X-SpotX-Timing-Transform 0.000400 X-SpotX-Timing-SpotMarket 0.011980 X-SpotX-Timing-Page-Mux 0.001196 X-SpotX-Timing-Page-Require 0.000572 X-fe 046 Connection keep-alive X-SpotX-Timing-Page-Cookie 0.000040 X-SpotX-Timing-Page 0.017560 Pragma no-cache X-SpotX-Timing-Page-Context 0.000349 Last-Modified Fri, 03 Dec 2021 16:32:07 GMT Server nginx Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0 X-SpotX-Timing-SpotMarket-Primary 0.011980 Access-Control-Allow-Methods POST, GET, PATCH, DELETE, OPTIONS Content-Type application/json Access-Control-Allow-Origin https://bestnewshere.com X-SpotX-Timing-Page-Misc 0.003008 X-SpotX-Timing-Page-Exception 0.000001 X-SpotX-Timing-SpotMarket-Secondary 0.000000 X-SpotX-Timing-Page-URI 0.000014 Access-Control-Allow-Credentials true Access-Control-Allow-Headers Expires Thu, 01 Jan 1970 00:00:00 GMT
POST H/1.1	204 No Content	287223 Show response search.spotxchange.com/openrtb/2.3/dados/	0 1 KB	107ms 42ms	XHR application/json	185.94.180.123 SPOTX-AMS
General Check archive.org Show headers Download Go to Full URL https://search.spotxchange.com/openrtb/2.3/dados/287223?src_sys=prebid Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/avpb3.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers Date Fri, 03 Dec 2021 16:32:07 GMT X-SpotX-Timing-Transform 0.001082 X-SpotX-Timing-SpotMarket 0.010905 X-SpotX-Timing-Page-Mux 0.002051 X-SpotX-Timing-Page-Require 0.000491 X-fe 030 Connection keep-alive X-SpotX-Timing-Page-Cookie 0.000045 X-SpotX-Timing-Page 0.025499 Pragma no-cache X-SpotX-Timing-Page-Context 0.001380 Last-Modified Fri, 03 Dec 2021 16:32:07 GMT Server nginx Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0 X-SpotX-Timing-SpotMarket-Primary 0.010905 Access-Control-Allow-Methods POST, GET, PATCH, DELETE, OPTIONS Content-Type application/json Access-Control-Allow-Origin https://bestnewshere.com X-SpotX-Timing-Page-Misc 0.009529 X-SpotX-Timing-Page-Exception 0.000000 X-SpotX-Timing-SpotMarket-Secondary 0.000000 X-SpotX-Timing-Page-URI 0.000016 Access-Control-Allow-Credentials true Access-Control-Allow-Headers Expires Thu, 01 Jan 1970 00:00:00 GMT
POST H/1.1	204 No Content	309622 Show response search.spotxchange.com/openrtb/2.3/dados/	0 1 KB	303ms 239ms	XHR application/json	185.94.180.123 SPOTX-AMS
General Check archive.org Show headers Download Go to Full URL https://search.spotxchange.com/openrtb/2.3/dados/309622?src_sys=prebid Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/avpb3.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers Date Fri, 03 Dec 2021 16:32:08 GMT X-SpotX-Timing-Transform 0.003150 X-SpotX-Timing-SpotMarket 0.049126 X-SpotX-Timing-Page-Mux 0.010303 X-SpotX-Timing-Page-Require 0.000452 X-fe 110 Connection keep-alive X-SpotX-Timing-Page-Cookie 0.000055 X-SpotX-Timing-Page 0.099290 Pragma no-cache X-SpotX-Timing-Page-Context 0.000341 Last-Modified Fri, 03 Dec 2021 16:32:08 GMT Server nginx Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0 X-SpotX-Timing-SpotMarket-Primary 0.049126 Access-Control-Allow-Methods POST, GET, PATCH, DELETE, OPTIONS Content-Type application/json Access-Control-Allow-Origin https://bestnewshere.com X-SpotX-Timing-Page-Misc 0.035848 X-SpotX-Timing-Page-Exception 0.000001 X-SpotX-Timing-SpotMarket-Secondary 0.000000 X-SpotX-Timing-Page-URI 0.000013 Access-Control-Allow-Credentials true Access-Control-Allow-Headers Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 23F9	0 42 B	59ms 13ms	Script text/plain	198.47.127.19 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36617012&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D1%26key%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:06 GMT content-length 0
GET H/1.1	206 Partial Content	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/	222 KB 223 KB	12ms 10ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash ffbe3b25a4e615cfb707d483f720edb17aaee82a0f79aca819f89821fb093ac2 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Range bytes=394800-622091 Response headers Date Fri, 03 Dec 2021 16:32:07 GMT Content-Range bytes 394800-622091/1697640 Connection keep-alive Content-Length 227292 X-Served-By cache-wdc5569-WDC Last-Modified Fri, 03 Dec 2021 02:23:19 GMT Server cloudinary X-Timer S1638498280.912588,VS0,VE65 ETag "b4caa9fabb852bed722cc11ae52929e6" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31506778 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/ Frame	0 0	7ms 7ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://bestnewshere.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Fri, 03 Dec 2021 16:32:07 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 3DA0	284 B 536 B	11ms 10ms	Image image/jpg	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 611afce88997db6fdd35eb213e662871 Content-Type image/jpg
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame BCF7 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YapGh1rj3KoemgqGuGSxogAABHQAAAIB&gdpr_consent=&us_privacy=&gdpr=1 https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG2GYCK3iTrSnXG7oVOMNMA&google_cver=1	43 B 315 B	28ms 11ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG2GYCK3iTrSnXG7oVOMNMA&google_cver=1 Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D42%26key%3D&s=190719&C=1 Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Fri, 03 Dec 2021 16:32:07 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Fri, 03 Dec 2021 16:32:07 GMT Redirect headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG2GYCK3iTrSnXG7oVOMNMA&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame BCF7 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YapGh1rj3KoemgqGuGSxogAABHQAAAIB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YapGh1rj3KoemgqGuGSxogAABHQAAAIB&dcc=t	43 B 645 B	105ms 105ms	Image image/gif	209.54.180.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YapGh1rj3KoemgqGuGSxogAABHQAAAIB&dcc=t Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D42%26key%3D&s=190719&C=1 Protocol HTTP/1.1 Server 209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Fri, 03 Dec 2021 16:32:08 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 17368CEAY008CC85VZJ5 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 03 Dec 2021 16:32:08 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 90QB4M38F5XAGDR234KF Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YapGh1rj3KoemgqGuGSxogAABHQAAAIB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame BCF7	70 B 264 B	35ms 33ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?gdpr=1 Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D42%26key%3D&s=190719&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame BCF7 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YapGh1rj3KoemgqGuGSxogAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPvrn4-hl6g9PqlRss3fIUQ&google_cver=1&gdpr=1	43 B 999 B	14ms 13ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPvrn4-hl6g9PqlRss3fIUQ&google_cver=1&gdpr=1 Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D42%26key%3D&s=190719&C=1 Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Fri, 03 Dec 2021 16:32:07 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 03 Dec 2021 16:32:07 GMT Redirect headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPvrn4-hl6g9PqlRss3fIUQ&google_cver=1&gdpr=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 325 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		indexexchange sync.adotmob.com/cookie/ Frame BCF7	0 0
GET H/1.1	400 Request failed due to privacy signals	getuid ib.adnxs.com/ Frame BCF7	0 0	37ms 20ms	Image text/html	37.252.172.249 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D42%26key%3D&s=190719&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers
GET H2	200	tpid=YapGh1rj3KoemgqGuGSxogAA%261140 bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame BCF7 Redirect Chain https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YapGh1rj3KoemgqGuGSxogAA%261140?gdpr_consent=&us_privacy=&gdpr=1 https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YapGh1rj3KoemgqGuGSxogAA%261140?gdpr_consent=&us_privacy=&gdpr=1	49 B 737 B	41ms 40ms	Image image/gif	52.30.14.23 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YapGh1rj3KoemgqGuGSxogAA%261140?gdpr_consent=&us_privacy=&gdpr=1 Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D42%26key%3D&s=190719&C=1 Protocol H2 Server 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-14-23.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:08 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.2.0 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Fri, 03 Dec 2021 16:32:07 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YapGh1rj3KoemgqGuGSxogAA%261140?gdpr_consent=&us_privacy=&gdpr=1 cache-control no-cache x-server 10.45.6.102 content-length 0 expires 0
GET H2	204	sync ups.analytics.yahoo.com/ups/55940/ Frame BCF7	0 124 B	47ms 11ms	Image text/plain	3.126.56.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YapGh1rj3KoemgqGuGSxogAABHQAAAIB&gdpr_consent=&us_privacy=&gdpr=1 Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D42%26key%3D&s=190719&C=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-56-137.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:07 GMT server ATS/9.1.0.33 age 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	cookiesyncendpoint sync.aniview.com/ Frame BCF7	0 232 B	362ms 116ms	Image text/plain	18.208.85.173 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.aniview.com/cookiesyncendpoint?auid=1638549127732-954207814583-005728-000-006000&biddername=42&key=YapGh1rj3KoemgqGuGSxogAA%261140 Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638549127732-954207814583-005728-000-006000%26biddername%3D42%26key%3D&s=190719&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.208.85.173 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-208-85-173.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:08 GMT content-length 0
GET H/1.1	206 Partial Content	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/	173 KB 174 KB	8ms 8ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 34b4db55c96226671f6bb05b60501c27c81e6feaa2f0b5b858045027fd2bda2f Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Range bytes=622092-799563 Response headers Date Fri, 03 Dec 2021 16:32:07 GMT Content-Range bytes 622092-799563/1697640 Connection keep-alive Content-Length 177472 X-Served-By cache-wdc5569-WDC Last-Modified Fri, 03 Dec 2021 02:23:19 GMT Server cloudinary X-Timer S1638498280.912588,VS0,VE65 ETag "b4caa9fabb852bed722cc11ae52929e6" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31506778 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/ Frame	0 0	7ms 7ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://bestnewshere.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Fri, 03 Dec 2021 16:32:07 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/	194 KB 194 KB	8ms 7ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 3bece72674c81b15bc007aea0266d02cb89465104d8dd195f059bff5b4ba60ee Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Range bytes=799564-998091 Response headers Date Fri, 03 Dec 2021 16:32:07 GMT Content-Range bytes 799564-998091/1697640 Connection keep-alive Content-Length 198528 X-Served-By cache-wdc5569-WDC Last-Modified Fri, 03 Dec 2021 02:23:19 GMT Server cloudinary X-Timer S1638498280.912588,VS0,VE65 ETag "b4caa9fabb852bed722cc11ae52929e6" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31506778 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/ Frame	0 0	7ms 7ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://bestnewshere.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Fri, 03 Dec 2021 16:32:07 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H3	200	c c.mgid.com/	43 B 441 B	57ms 57ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.mgid.com/c?f=1&pv=3&v=330|284|8|sjEv53MmMHS_0ZrdlQpk3dxcYJNzkTAksX1PBIhLYX8K7b2xRI4r12qePd40Jsge&fw=1&extjs=66044&v=330|284|8|sjEv53MmMHS_0ZrdlQpk3bVOlTjL01nhxBNmehuyKjVcN-m1MTAyA0TP3c-CYQHV&v=330|284|40|sjEv53MmMHS_0ZrdlQpk3e1oS0jl_axRl9bRG1K5X5AYHqdvgrDtzFb1WUR2zVZg&cid=1093798&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=8e171a5f-5456-11ec-8263-d094662c1c35&tt=Direct&iv=11&pageImp=1&pvid=17d81237ea09c3e6240&cbuster=1638549128236441738990&tpl=0 Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:08 GMT cf-cache-status DYNAMIC x-mg-request-uuid 898a1345-7a65-4613-900b-0eb0db6247d4 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 6b7e307389585cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 server cloudflare
GET H2	451	envelope Show response api.rlcdn.com/api/identity/	44 B 328 B	39ms 14ms	XHR text/plain	34.120.133.55 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.rlcdn.com/api/identity/envelope?pid=1258 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 55.133.120.34.bc.googleusercontent.com Software / Resource Hash da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers date Fri, 03 Dec 2021 16:32:08 GMT via 1.1 google x-content-type-options nosniff access-control-allow-headers Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With access-control-allow-methods GET, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin https://bestnewshere.com access-control-allow-credentials true alt-svc clear content-length 44
GET H2	200	id Show response id.crwdcntrl.net/	63 B 337 B	52ms 43ms	XHR application/json	52.30.14.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.crwdcntrl.net/id Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-14-23.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 14fc24187c80b5534bf8a936cb45e1c73e2d4e0d2b9228edd36014cc33e6723a Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:08 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://bestnewshere.com cache-control no-cache x-server 10.45.20.225 access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 63 expires 0
GET H2	200	rid Show response match.adsrvr.org/track/	108 B 650 B	35ms 34ms	XHR application/json	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 6b39ff6642d4430accd6c944b202a8ed2dfd567fc64346c2b249af8ed8727fe8 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers date Fri, 03 Dec 2021 16:32:08 GMT x-aspnet-version 4.0.30319 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://bestnewshere.com cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 108 expires Sun, 02 Jan 2022 16:32:08 GMT
GET H2	200	id Show response id.crwdcntrl.net/	63 B 337 B	51ms 44ms	XHR application/json	52.30.14.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.crwdcntrl.net/id Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-14-23.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash c11fb9295861a7d1f8be135b77e00adcf1b2fec16724d34df49ccaf9cc8575ea Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:08 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://bestnewshere.com cache-control no-cache x-server 10.45.24.105 access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 63 expires 0
GET H2	200	rid Show response match.adsrvr.org/track/	108 B 650 B	34ms 34ms	XHR application/json	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 6b39ff6642d4430accd6c944b202a8ed2dfd567fc64346c2b249af8ed8727fe8 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers date Fri, 03 Dec 2021 16:32:08 GMT x-aspnet-version 4.0.30319 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://bestnewshere.com cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 108 expires Sun, 02 Jan 2022 16:32:08 GMT
GET H2	200	id Show response id.crwdcntrl.net/	63 B 337 B	46ms 43ms	XHR application/json	52.30.14.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.crwdcntrl.net/id Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-14-23.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash c11fb9295861a7d1f8be135b77e00adcf1b2fec16724d34df49ccaf9cc8575ea Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:08 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://bestnewshere.com cache-control no-cache x-server 10.45.13.221 access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 63 expires 0
GET H2	200	rid Show response match.adsrvr.org/track/	108 B 650 B	35ms 35ms	XHR application/json	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 6b39ff6642d4430accd6c944b202a8ed2dfd567fc64346c2b249af8ed8727fe8 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers date Fri, 03 Dec 2021 16:32:08 GMT x-aspnet-version 4.0.30319 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://bestnewshere.com cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 108 expires Sun, 02 Jan 2022 16:32:08 GMT
GET H2	200	id Show response id.crwdcntrl.net/	63 B 336 B	43ms 43ms	XHR application/json	52.30.14.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.crwdcntrl.net/id Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-14-23.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash c11fb9295861a7d1f8be135b77e00adcf1b2fec16724d34df49ccaf9cc8575ea Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:08 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://bestnewshere.com cache-control no-cache x-server 10.45.0.114 access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 63 expires 0
GET H2	200	rid Show response match.adsrvr.org/track/	108 B 650 B	35ms 34ms	XHR application/json	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 6b39ff6642d4430accd6c944b202a8ed2dfd567fc64346c2b249af8ed8727fe8 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers date Fri, 03 Dec 2021 16:32:08 GMT x-aspnet-version 4.0.30319 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://bestnewshere.com cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 108 expires Sun, 02 Jan 2022 16:32:08 GMT
POST H/1.1	200	371.json Show response id5-sync.com/g/v2/	213 B 534 B	96ms 22ms	XHR application/json	51.75.146.200 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/371.json Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/avpb3.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.75.146.200 , France, ASN16276 (OVH, FR), Reverse DNS p11.id5-sync.com Software / Resource Hash 25d908dfd9d7e36170e8d14c69ebf26a5b462b6adb9aba2dabd324a1669c9f32 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://bestnewshere.com Date Fri, 03 Dec 2021 16:32:01 GMT Access-Control-Allow-Credentials true Vary Origin Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload Content-Type application/json;charset=UTF-8
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 136 B	91ms 91ms	XHR text/plain	54.164.123.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.123.106 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-123-106.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:09 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H2	200	track atrack.avplayer.com/	0 70 B	104ms 104ms	Image text/plain	34.239.242.184 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1638549129772&cid=614af84d5fb982486400cf4d&VERSION=4.102.1&AV_PAGE_LOAD_UID=9a0f8432-d849-4621-90c7-e626d0e44795&AV_CDIM4=9a0f8432-d849-4621-90c7-e626d0e44795&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-239-242-184.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:09 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H/1.1	206 Partial Content	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/	231 KB 232 KB	19ms 18ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 7fa2d85431f7480480f176e6fa5684fe2c4b0ecbe920f6d9ec6a1a06d743b6dc Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Range bytes=998092-1234971 Response headers Date Fri, 03 Dec 2021 16:32:11 GMT Content-Range bytes 998092-1234971/1697640 Connection keep-alive Content-Length 236880 X-Served-By cache-wdc5569-WDC Last-Modified Fri, 03 Dec 2021 02:23:19 GMT Server cloudinary X-Timer S1638498280.912588,VS0,VE65 ETag "b4caa9fabb852bed722cc11ae52929e6" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31506774 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/ Frame	0 0	8ms 8ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://bestnewshere.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Fri, 03 Dec 2021 16:32:11 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 136 B	91ms 91ms	XHR text/plain	54.164.123.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.123.106 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-123-106.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://bestnewshere.com date Fri, 03 Dec 2021 16:32:12 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H2	200	track atrack.avplayer.com/	0 70 B	101ms 100ms	Image text/plain	34.239.242.184 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1638549132322&cid=614af84d5fb982486400cf4d&VERSION=4.102.1&AV_PAGE_LOAD_UID=9a0f8432-d849-4621-90c7-e626d0e44795&AV_CDIM4=9a0f8432-d849-4621-90c7-e626d0e44795&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-239-242-184.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:12 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H3	200	/ c.mgid.com/vs/	43 B 399 B	54ms 54ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.mgid.com/vs/?tid=604&iid=1059382&e=load&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%7D&t=0&c=11&h=zPm5bMwuzewumFYoB0r_kKLG-0qkS11AQDfKwaEL4PefnIed7iSR2RbMckHxvjky Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Fri, 03 Dec 2021 16:32:12 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6b7e308d0b6b5cb0-FRA p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST H2	200	track Show response track1.aniview.com/	0 94 B	305ms 102ms	XHR text/plain	34.195.16.202 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://track1.aniview.com/track?r=bestnewshere.com&sn=&cd4=9a0f8432-d849-4621-90c7-e626d0e44795&cd5=default&cd6=100&cd7=main&ic=0&tgt=0&app=&wi=680&he=383&test=&d36=6.1.2.90&apppkg=&fv=3&proto=https Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-16-202.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Fri, 03 Dec 2021 16:32:12 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
POST H/1.1	200 OK	cors Show response data.ad-score.com/data/	1 B 272 B	121ms 121ms	XHR text/plain	130.211.115.4 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data.ad-score.com/data/cors?pm_st=DrqXElyrQJnLtjxoQNGSAjttMwjyiZiV-FE7fPshldVrkKD8a3HLOFE3JPg==-E0zCNMhkY1HkNA==&pm_ct=7cf4a1b12de1dd223a6a5748&pm_pl=1638549126541&pm_td=6630&pid=1000177&en=1.1&callback=__pm_glbl_nVjovaDBhHzVRUOQZ3krjuAr._gc4&tt=opt&v=8f13b2e Requested by Host: js.ad-score.com URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 4.115.211.130.bc.googleusercontent.com Software / Resource Hash 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://bestnewshere.com Date Fri, 03 Dec 2021 16:32:13 GMT Access-Control-Allow-Credentials true Connection keep-alive Content-Length 1 Access-Control-Allow-Methods POST Content-Type text/plain; charset=utf-8
POST H/1.1	200 OK	cors Show response data.ad-score.com/data/	1 B 272 B	120ms 120ms	XHR text/plain	130.211.115.4 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data.ad-score.com/data/cors?pm_st=DrqXElyrQJnLtjxoQNGSAjttMwjyiZiV-FE7fPshldVrkKD8a3HLOFE3JPg==-E0zCNMhkY1HkNA==&pm_ct=7cf4a1b12de1dd223a6a5748&pm_pl=1638549126541&pm_td=6930&pid=1000177&en=1.1&callback=__pm_glbl_nVjovaDBhHzVRUOQZ3krjuAr._gc5&tt=opt&v=8f13b2e Requested by Host: js.ad-score.com URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 4.115.211.130.bc.googleusercontent.com Software / Resource Hash 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://bestnewshere.com Date Fri, 03 Dec 2021 16:32:13 GMT Access-Control-Allow-Credentials true Connection keep-alive Content-Length 1 Access-Control-Allow-Methods POST Content-Type text/plain; charset=utf-8
GET H/1.1	206 Partial Content	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/	124 KB 125 KB	8ms 7ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash f54c2ea55203c4c8951ba738b515e83c88c220524820b57a24fad00fcefa4590 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Range bytes=1234972-1362059 Response headers Date Fri, 03 Dec 2021 16:32:15 GMT Content-Range bytes 1234972-1362059/1697640 Connection keep-alive Content-Length 127088 X-Served-By cache-wdc5569-WDC Last-Modified Fri, 03 Dec 2021 02:23:19 GMT Server cloudinary X-Timer S1638498280.912588,VS0,VE65 ETag "b4caa9fabb852bed722cc11ae52929e6" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31506770 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/ Frame	0 0	7ms 7ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1638498192/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1638498108428.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://bestnewshere.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Fri, 03 Dec 2021 16:32:15 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H2	200	track atrack.avplayer.com/	0 70 B	101ms 101ms	Image text/plain	34.239.242.184 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M18&cb=1638549137333&cid=614af84d5fb982486400cf4d&VERSION=4.102.1&AV_PAGE_LOAD_UID=9a0f8432-d849-4621-90c7-e626d0e44795&AV_CDIM4=9a0f8432-d849-4621-90c7-e626d0e44795&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-239-242-184.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bestnewshere.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 03 Dec 2021 16:32:17 GMT cache-control max-age=0, no-cache, no-store content-length 0
POST H2	200	track Show response track1.aniview.com/	0 93 B	102ms 101ms	XHR text/plain	34.195.16.202 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=bestnewshere.com&rs=bestnewshere.com&sid=86812&t=1638549127&cip=91.199.118.78&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1638549127732-954207814583-005728-000-006000&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.90&cb=77129127876&cd1=4.102.1&cd4=9a0f8432-d849-4621-90c7-e626d0e44795&cd5=default&cd6=100&cd7=main&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-16-202.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bestnewshere.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Fri, 03 Dec 2021 16:32:18 GMT cache-control max-age=0, no-cache, no-store content-length 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

bestnewshere

URL

https://bestnewshere/

Domain

sync.adtelligent.com

URL

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Domain

sync.adotmob.com

URL

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1