breaking-news.ca Open in urlscan Pro
104.225.217.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Submission: On May 06 via manual (May 6th 2021, 6:41:27 pm UTC) from CA

Summary HTTP 252 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 41 IPs in 8 countries across 43 domains to perform 252 HTTP transactions. The main IP is 104.225.217.48, located in Seattle, United States and belongs to HVC-AS, US. The main domain is breaking-news.ca.
TLS certificate: Issued by R3 on March 15th 2021. Valid for: 3 months.

This is the only time breaking-news.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	104.225.217.48 104.225.217.48	29802 (HVC-AS) (HVC-AS)
11	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
8	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
24	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
9	139.45.196.206 139.45.196.206	9002 (RETN-AS) (RETN-AS)
16	104.22.3.144 104.22.3.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700::68... 2606:4700::6810:9e11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::681a:723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.59.220.194 185.59.220.194	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
3	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	173.208.201.170 173.208.201.170	32097 (WII) (WII)
20	2a00:f48:2000... 2a00:f48:2000:1023::3	47447 (TTM) (TTM)
1	208.100.17.182 208.100.17.182	32748 (STEADFAST) (STEADFAST)
2 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
4 4	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 5	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 5	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
2 3	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	34.251.124.7 34.251.124.7	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	52.28.254.214 52.28.254.214	16509 (AMAZON-02) (AMAZON-02)
1	38.27.122.101 38.27.122.101	174 (COGENT-174) (COGENT-174)
2 2	216.52.2.30 216.52.2.30	() ()
1 1	193.0.160.129 193.0.160.129	() ()
1	208.100.17.172 208.100.17.172	32748 (STEADFAST) (STEADFAST)
1 2	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
1	173.231.181.122 173.231.181.122	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	66.155.71.150 66.155.71.150	() ()
1 2	35.170.231.210 35.170.231.210	14618 (AMAZON-AES) (AMAZON-AES)
7	52.38.14.212 52.38.14.212	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f008:1:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
15	185.66.201.34 185.66.201.34	201702 (SKHOSTING-EU) (SKHOSTING-EU)
12	185.66.200.127 185.66.200.127	201702 (SKHOSTING-EU) (SKHOSTING-EU)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	185.66.200.41 185.66.200.41	201702 (SKHOSTING-EU) (SKHOSTING-EU)
27	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE)
252	41

25 104.225.217.48 (Seattle, United States) 1 redirects

ASN29802 (HVC-AS, US)

breaking-news.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.breaking-news.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 185.66.200.220 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)

uprimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.196.206 (United Kingdom)

ASN9002 (RETN-AS, GB)

dibsemey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.22.3.144 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9e11 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:723 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.208.201.170 (United States)

ASN32097 (WII, US)

seed126.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)

load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.182 (United States)

ASN32748 (STEADFAST, US)
PTR: ip182.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.79 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.91 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.124.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.254.214 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-214.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.101 (United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.172 (United States)

ASN32748 (STEADFAST, US)
PTR: ip172.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.206.140 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom) 1 redirects

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.170.231.210 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.38.14.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients6.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f008:1:face:b00c:0:1 (Milan, Italy)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.66.201.34 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: at-public.skhosting.eu

namel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.66.200.127 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)

ylx-i.advertica-cdn2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.66.200.41 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.41.skhosting.eu

vidtrends.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	ytimg.com i.ytimg.com	485 KB
27	sumo.com load.sumo.com sumo.com	667 KB
25	breaking-news.ca 1 redirects breaking-news.ca www.breaking-news.ca	143 KB
24	uprimp.com uprimp.com	27 KB
16	infolinks.com resources.infolinks.com router.infolinks.com	275 KB
15	namel.net namel.net	34 KB
15	googleapis.com fonts.googleapis.com translate.googleapis.com ajax.googleapis.com	199 KB
15	wp.com c0.wp.com i1.wp.com i0.wp.com stats.wp.com pixel.wp.com	238 KB
12	advertica-cdn2.com ylx-i.advertica-cdn2.com	165 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	383 KB
9	bitchute.com www.bitchute.com static-3.bitchute.com seed126.bitchute.com	613 KB
9	dibsemey.com dibsemey.com	47 KB
7	pubmatic.com 7 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	4 KB
7	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	8 KB
5	adnxs.com 4 redirects ib.adnxs.com	4 KB
5	doubleclick.net 5 redirects cm.g.doubleclick.net	992 B
5	bootstrapcdn.com maxcdn.bootstrapcdn.com	138 KB
3	vidtrends.net vidtrends.net	18 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com	3 KB
3	cloudflare.com cdnjs.cloudflare.com	58 KB
2	facebook.com graph.facebook.com api.facebook.com	1 KB
2	eqads.com 1 redirects um2.eqads.com	563 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	961 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	677 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	polyfill.io cdn.polyfill.io	2 KB
2	4dsply.com cdn.engine.4dsply.com engine.4dsply.com	66 KB
2	google.com translate.google.com clients6.google.com	4 KB
1	sitescout.com 1 redirects pixel-sync.sitescout.com	299 B
1	adgrx.com cm.adgrx.com	408 B
1	33across.com ssc-cms.33across.com	89 B
1	rfihub.com 1 redirects p.rfihub.com	759 B
1	bnmla.com match.bnmla.com	114 B
1	adkernel.com dsp.adkernel.com	233 B
1	cpx.to s.cpx.to	945 B
1	sonobi.com sync.go.sonobi.com	478 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	475 B
1	onetag-sys.com onetag-sys.com	818 B
1	tynt.com de.tynt.com	289 B
1	jsdelivr.net cdn.jsdelivr.net	27 KB
252	43

	Domain	Requested by
27	i.ytimg.com	namel.net vidtrends.net
24	uprimp.com	breaking-news.ca uprimp.com
24	breaking-news.ca	1 redirects breaking-news.ca c0.wp.com
20	load.sumo.com	breaking-news.ca load.sumo.com
15	namel.net	uprimp.com namel.net
13	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
12	ylx-i.advertica-cdn2.com	uprimp.com
11	c0.wp.com	breaking-news.ca
9	dibsemey.com	breaking-news.ca dibsemey.com
8	fonts.googleapis.com	breaking-news.ca namel.net
7	sumo.com	load.sumo.com
7	fonts.gstatic.com	fonts.googleapis.com
5	ib.adnxs.com	4 redirects ssum-sec.casalemedia.com
5	cm.g.doubleclick.net	5 redirects
5	www.bitchute.com	breaking-news.ca www.bitchute.com cdnjs.cloudflare.com
5	maxcdn.bootstrapcdn.com	breaking-news.ca maxcdn.bootstrapcdn.com namel.net
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com um2.eqads.com
4	image8.pubmatic.com	4 redirects
4	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc
3	vidtrends.net	namel.net
3	ajax.googleapis.com	namel.net
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	www.gstatic.com	breaking-news.ca translate.googleapis.com
3	seed126.bitchute.com	www.bitchute.com
3	cdnjs.cloudflare.com	www.bitchute.com
3	resources.infolinks.com	breaking-news.ca resources.infolinks.com
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ap.lijit.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync.1rx.io	2 redirects
2	image4.pubmatic.com	2 redirects
2	cdn.polyfill.io	www.bitchute.com
1	api.facebook.com	load.sumo.com
1	graph.facebook.com	load.sumo.com
1	clients6.google.com	load.sumo.com
1	pixel-sync.sitescout.com	1 redirects
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	ssc-cms.33across.com	router.infolinks.com
1	p.rfihub.com	1 redirects
1	match.bnmla.com	router.infolinks.com
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	router.infolinks.com
1	b1sync.zemanta.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	de.tynt.com	router.infolinks.com
1	pixel.wp.com	breaking-news.ca
1	cdn.jsdelivr.net	www.bitchute.com
1	static-3.bitchute.com	www.bitchute.com
1	engine.4dsply.com	cdn.engine.4dsply.com
1	cdn.engine.4dsply.com	breaking-news.ca
1	stats.wp.com	breaking-news.ca
1	translate.google.com	breaking-news.ca
1	www.breaking-news.ca	breaking-news.ca
1	i0.wp.com	breaking-news.ca
1	i1.wp.com	breaking-news.ca
252	61

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
corona-ausschuss.de
www.securewhistleblower.com
translate.google.com
www.paypal.com
themeegg.com

Subject Issuer	Validity	Valid
www.breaking-news.ca R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
uprimp.com R3	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
dibsemey.com R3	`2021-04-05` - `2021-07-04`	3 months	crt.sh
4dsply.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
static-3.bitchute.com R3	`2021-04-12` - `2021-07-11`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-03` - `2022-03-26`	a year	crt.sh
*.bitchute.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-01` - `2022-03-01`	2 years	crt.sh
*.sumo.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-04` - `2022-05-04`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-09`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
um3.eqads.com Amazon	`2020-07-24` - `2021-08-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
namel.net R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
ylx-i.advertica-cdn2.com R3	`2021-04-10` - `2021-07-09`	3 months	crt.sh
vidtrends.net R3	`2021-04-15` - `2021-07-14`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Frame ID: 25263AFEAF289451EECF2E39744B38A8
Requests: 93 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646232108&xtt=8595630
Frame ID: 01DA7E0C5F03A87F2D9AC35B87AC3E53
Requests: 1 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646295406&xtt=7307262
Frame ID: 296A75A67F2A82B6075940441EB932E5
Requests: 1 HTTP requests in this frame

Frame: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed
Frame ID: 168BD2BC02F92B85FB062D8D4BFD3C69
Requests: 30 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646270786&xtt=5688549
Frame ID: 8D62C96B6ED44682E51C7F2DE6EDF51A
Requests: 1 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646288475&xtt=7222464
Frame ID: A4FDD2E0C2B45EC75E3A1665E0AB335F
Requests: 1 HTTP requests in this frame

Frame: https://breaking-news.ca/second-nuremberg-tribunal-is-prepared/embed/
Frame ID: 4CD2A1F5704DB5077B09FD5B40118654
Requests: 10 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646228400&xtt=3486054
Frame ID: 49B523EB82BFA33CB703F23D4D9A17A5
Requests: 1 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646290379&xtt=3249155
Frame ID: 973E2322E95CB67BF56C5AA3F0F62671
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Frame ID: E1CF5056CF60D8E9C461051AD2837F62
Requests: 16 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: A0AA5710A041BD3E968EE037DF1906D2
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: D508368D3BFE251211FBDC64BE1AB2FB
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: F8CD11D335732E75AED0433FB1CAED2C
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 576EA6BAE86D83853D6D82C6C1980CD3
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 754F6BAAFDB8DC8A4206A8B376E0FEA3
Requests: 2 HTTP requests in this frame

Frame: https://uprimp.com/show.php?u8561620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=a16952ce88b9d9f0b6c46ad7db7b4ade&cc=PL&https=1&useAf=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Frame ID: F16EB99588A1D5E21333B19C1F7A7F36
Requests: 5 HTTP requests in this frame

Frame: https://uprimp.com/show.php?u12611620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=912bf6666b2b3acbe014751811285c03&cc=PL&https=1&useAf=loaded_string_783369f631efd6381b04dcfd533f57ded11ed_2431076_1620326463.0222_45744&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Frame ID: CC0C613E10FDE84ED03CB39EE30D3A10
Requests: 5 HTTP requests in this frame

Frame: https://uprimp.com/show.php?u1601620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=97681c8a1ee697bea59c484f8154f868&cc=PL&https=1&useAf=loaded_string_437039f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.4909_13371&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Frame ID: 72FA6C738C12C486085710FAABCA392A
Requests: 5 HTTP requests in this frame

Frame: https://uprimp.com/show.php?u11951620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=c0476ad8554c018d427c80f45adf921e&cc=PL&https=1&useAf=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Frame ID: 12F243DE6B81288790531BBE63FCB0D9
Requests: 5 HTTP requests in this frame

Frame: https://uprimp.com/show.php?u44291620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=551e18751045681b63de626765389f77&cc=PL&https=1&useAf=loaded_string_371529f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.7212_56442&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Frame ID: D6499183735F9CC1D764906A4E728BAB
Requests: 5 HTTP requests in this frame

Frame: https://uprimp.com/show.php?u66761620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=ce7f1b7c10708b24cfea4a6a6a72758f&cc=PL&https=1&useAf=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Frame ID: 774A41F5D6081EA262F8D812E9260594
Requests: 5 HTTP requests in this frame

Frame: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_53510&adApiR=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=592643491817&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Frame ID: C1AFC486CBE0E466F205EFE88C6AA529
Requests: 19 HTTP requests in this frame

Frame: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Frame ID: E22F3C0E1E708C27543DA749B8C2DF45
Requests: 19 HTTP requests in this frame

Frame: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_89878&adApiR=loaded_string_783369f631efd6381b04dcfd533f57ded11ed_2431076_1620326463.0222_45744&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1626442833291&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Frame ID: B52BCE1EA780AEF0CB3F6DF4BB67F9A4
Requests: 1 HTTP requests in this frame

Frame: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_44383&adApiR=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1052388035583&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Frame ID: 37079F49F54AEFDA5E7803710DAC74E4
Requests: 19 HTTP requests in this frame

Frame: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_49672&adApiR=loaded_string_371529f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.7212_56442&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1481491813972&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Frame ID: 91F861D571C0103EDC1F95DE375A903B
Requests: 1 HTTP requests in this frame

Frame: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_77489&adApiR=loaded_string_437039f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.4909_13371&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=969322091600&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Frame ID: AE7B3EF96EDD4837448A30510365092A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info HTTP 301
https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

252
Requests

95 %
HTTPS

27 %
IPv6

43
Domains

61
Subdomains

41
IPs

8
Countries

3600 kB
Transfer

9229 kB
Size

4
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/breakingnewsca

Search URL Search Domain Scan URL

URL: https://twitter.com/Breaking_NewsCA

Search URL Search Domain Scan URL

URL: https://corona-ausschuss.de/
Title: https://corona-ausschuss.de/

Search URL Search Domain Scan URL

URL: https://www.securewhistleblower.com/
Title: https://www.securewhistleblower.com/

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

URL: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=JUNVJX2JYHRUS&source=url
Title: PLEASE SUPPORT A FREE AND INDEPENDENT PRESS!

Search URL Search Domain Scan URL

URL: http://themeegg.com/
Title: Theme Egg

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info HTTP 301
https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Request Chain 111

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTVFMkQ0MjItRkE0NS00MEExLTkyMjEtNTE0NjJGMUE0Qjk4&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTVFMkQ0MjItRkE0NS00MEExLTkyMjEtNTE0NjJGMUE0Qjk4&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DA5E2D422-FA45-40A1-9221-51462F1A4B98 HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=A5E2D422-FA45-40A1-9221-51462F1A4B98

Request Chain 112

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=6044636736543208424

Request Chain 113

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-JfXPluxE2uEagt.WxSk70ufpXK0kkCvgyJ9Eqhk-~A

Request Chain 114

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8109364428 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8109364428 HTTP 302
https://sync.1rx.io/usersync/tradedesk/76ecb32d-cbc9-48ba-acd9-38eeefefd4d4 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-a20e5cbf-99ef-457d-b8eb-ab8473022921-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-a20e5cbf-99ef-457d-b8eb-ab8473022921-003 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-a20e5cbf-99ef-457d-b8eb-ab8473022921-003

Request Chain 115

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 117

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fbreaking-news.ca%252F&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fbreaking-news.ca%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fbreaking-news.ca%2F&pid=12306&adnxs_uid=4387380736984424194

Request Chain 119

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9c5d5166-ae9a-11eb-b7d2-02714fb60396 HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-rTt384hE2uGtS54S5o8sLwrqzUgN7cJM~A~UP9c5d5166-ae9a-11eb-b7d2-02714fb60396

Request Chain 121

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=d75dc99af1fca43eb15e9df1

Request Chain 122

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DA5E2D422-FA45-40A1-9221-51462F1A4B98 HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=A5E2D422-FA45-40A1-9221-51462F1A4B98

Request Chain 124

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=1875819619574484825

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJQ4PzSTisQBAbjXz-ObUgAABKUAAAAB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YJQ4PzSTisQBAbjXz-ObUgAABKUAAAAB&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEELNtdKyPyW8vON4jEFCkPE&google_cver=1

Request Chain 130

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJQ4PzSTisQBAbjXz-ObUgAABKUAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJQ4PzSTisQBAbjXz-ObUgAABKUAAAAB&dcc=t

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJQ4PzSTisQBAbjXz.ObUgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDW6mlkj_2UqmXSVmuD9IWY&google_cver=1&gdpr=1&google_hm=2

Request Chain 135

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622918463

Request Chain 137

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

252 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Redirect Chain

https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info
https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

208 KB
31 KB

282ms
282ms

Document
text/html

104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

456ded6a1ce4338c6d4f24a993f23a7278752274694ef98450b74435acc8e9d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Host: breaking-news.ca
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: quick_chat_alias=Guest_941
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.20.0
Date: Thu, 06 May 2021 18:41:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Cache: HIT from Backend
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip

Redirect headers

Server: nginx/1.20.0
Date: Thu, 06 May 2021 18:41:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Redirect-By: WordPress
Set-Cookie: quick_chat_alias=Guest_941; path=/
Location: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
X-Cache: HIT from Backend
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK diyyi.css
breaking-news.ca/wp-content/cache/wpfc-minified/lbfv2wzc/ 882 B
821 B 412ms
216ms Stylesheet
text/css 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/cache/wpfc-minified/lbfv2wzc/diyyi.css

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

a999f24434be7cf28883979673975a1dc6fadf5647ede64d50fa6f3bf3c52f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Cookie: quick_chat_alias=Guest_941
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 12 Apr 2020 19:34:22 GMT
Server: nginx/1.20.0
ETag: W/"5e936d3e-372"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/ 57 KB
8 KB 123ms
41ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 06 May 2021 18:41:01 GMT
content-encoding: br
last-modified: Tue, 06 Apr 2021 23:50:28 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 06 May 2022 18:41:01 GMT

GET
H/1.1 200
OK diyyi.css
breaking-news.ca/wp-content/cache/wpfc-minified/k14uzaa8/ 32 KB
8 KB 632ms
220ms Stylesheet
text/css 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/cache/wpfc-minified/k14uzaa8/diyyi.css

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

8a1fba0bc61582359a73f773bd3818214fccf0a15e4ed902c1da73b91813bef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Cookie: quick_chat_alias=Guest_941
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 12 Apr 2020 19:34:22 GMT
Server: nginx/1.20.0
ETag: W/"5e936d3e-806a"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 1003 B
887 B 36ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins&ver=425b5ef9252f761737c95d940f8bd65e

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83b2db06e4e840f5c818b986001e24ed7added38a25e036e6e12607025d14f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://breaking-news.ca
Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 May 2021 18:20:06 GMT
server: ESF
date: Thu, 06 May 2021 18:41:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 May 2021 18:41:01 GMT

GET
H/1.1 200
OK 2hk3a.css
breaking-news.ca/wp-content/cache/wpfc-minified/ftz7mwiz/ 83 KB
15 KB 832ms
407ms Stylesheet
text/css 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/cache/wpfc-minified/ftz7mwiz/2hk3a.css

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

eef56063d57947ea3ceaea0bcb9fb39e9b11802f4d55a317b4583c499f2b2585

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Cookie: quick_chat_alias=Guest_941
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 09 Jan 2021 03:23:32 GMT
Server: nginx/1.20.0
ETag: W/"5ff921b4-14b40"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 35ms
20ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=425b5ef9252f761737c95d940f8bd65e

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://breaking-news.ca
Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617, 617, 617
age: 1020537
cdn-cachedat: 2021-04-25 01:11:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e494c7ec00004e98008de000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 1edd210b85f2199ed41ac5a73b2813a2
cf-ray: 64b4571fd8ad4e98-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/9.7/css/ 76 KB
13 KB 138ms
58ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.7/css/jetpack.css

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 06 May 2021 18:41:01 GMT
content-encoding: br
last-modified: Tue, 27 Apr 2021 15:29:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 06 May 2022 18:41:01 GMT

GET
H/1.1 200
OK diyyi.css
breaking-news.ca/wp-content/cache/wpfc-minified/ffazcrlt/ 7 KB
2 KB 662ms
236ms Stylesheet
text/css 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/cache/wpfc-minified/ffazcrlt/diyyi.css

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

cfa5a8fa97862eeaceefeaa32645101531006817044da885a13255c9a12c8b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Cookie: quick_chat_alias=Guest_941
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 12 Apr 2020 19:34:22 GMT
Server: nginx/1.20.0
ETag: W/"5e936d3e-1cb6"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/jquery/ 87 KB
30 KB 142ms
62ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 06 May 2021 18:41:01 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 06 May 2022 18:41:01 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/jquery/ 11 KB
4 KB 141ms
62ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 06 May 2021 18:41:01 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 06 May 2022 18:41:01 GMT

GET
H2 200 related-posts.min.js Show response
c0.wp.com/p/jetpack/9.7/_inc/build/related-posts/ 6 KB
2 KB 141ms
62ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.7/_inc/build/related-posts/related-posts.min.js

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fc2e4fd761c3a7833d11973c14ace3a38828e52a56f1be8c5ba3ab7fe0376bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 06 May 2021 18:41:01 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 16:08:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 06 May 2022 18:41:01 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
breaking-news.ca/wp-includes/js/ 14 KB
5 KB 262ms
247ms Script
application/javascript 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-includes/js/wp-emoji-release.min.js?ver=425b5ef9252f761737c95d940f8bd65e

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Feb 2021 07:39:10 GMT
Server: nginx/1.20.0
ETag: W/"601ba49e-3795"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cropped-canadian-pageheader.jpg
i1.wp.com/breaking-news.ca/wp-content/uploads/2019/02/ 19 KB
19 KB 125ms
46ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/breaking-news.ca/wp-content/uploads/2019/02/cropped-canadian-pageheader.jpg?w=1000&ssl=1

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

4c9b03017994f6ffa4bf0dd72e560acd95af64b9a5a6d7e95ae40b841fdf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Thu, 06 May 2021 18:41:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Mar 2021 19:31:37 GMT
server: nginx
etag: "6389f8148047fa02"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://breaking-news.ca/wp-content/uploads/2019/02/cropped-canadian-pageheader.jpg>; rel="canonical"
content-length: 19118
expires: Mon, 06 Mar 2023 07:31:37 GMT

GET
H2 200 xnuremberg4.png.pagespeed.ic.ciS5YF_4XN.png
i0.wp.com/unitynewsnetwork.co.uk/wp-content/uploads/2021/03/ 110 KB
111 KB 161ms
67ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/unitynewsnetwork.co.uk/wp-content/uploads/2021/03/xnuremberg4.png.pagespeed.ic.ciS5YF_4XN.png?w=640&ssl=1

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

1053e00d3ce98040b8c9beb17478cbf719757ade8da749f5651b1edb8deaea03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Thu, 06 May 2021 18:41:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 10:05:49 GMT
server: nginx
etag: "46a0d9b8183fa396"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://unitynewsnetwork.co.uk/wp-content/uploads/2021/03/xnuremberg4.png.pagespeed.ic.ciS5YF_4XN.png>; rel="canonical"
content-length: 112758
expires: Wed, 03 May 2023 22:05:49 GMT

GET
H2 200 bnr.php Show response
uprimp.com/ 379 B
632 B 311ms
104ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=General&pub=167612&format=300x250&ga=g&bg=1
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 1a10a9e63951fa1f21c74dba9983aee13f964a835ede597e2975fd578faba5a8

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:02 GMT
last-modified: Thu, 06 May 2021 18:41:02 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Thu, 06 May 2021 18:41:02 GMT

GET
H2 200 bnr.php Show response
uprimp.com/ 374 B
628 B 136ms
103ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=General&pub=167612&format=300x250&ga=g
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: d9d22ca8f7506377e896ba0d23bba8e8c1dcb349b5a04d29b13eb2806efb8b54

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:02 GMT
last-modified: Thu, 06 May 2021 18:41:02 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Thu, 06 May 2021 18:41:02 GMT

GET
H/1.1 200
OK blank.png
www.breaking-news.ca/wp-content/plugins/gtranslate/ 95 B
534 B 659ms
214ms Image
image/png 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.breaking-news.ca/wp-content/plugins/gtranslate/blank.png

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 05 May 2021 19:00:47 GMT
Server: nginx/1.20.0
ETag: "6092eb5f-5f"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 95
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 11 KB
4 KB 45ms
17ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

ea21f654449b5bcbd3c3ad0c9344fd3441441447955341d0d949e7db633c4a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4011
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
dibsemey.com/pfe/current/ 14 KB
6 KB 175ms
55ms Script
application/javascript 139.45.196.206
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dibsemey.com/pfe/current/tag.min.js?z=2447761
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.206 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f02bfe55a72394ee99d25957267002980613a1b3f8966b3c491ee27133d5f014

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 May 2021 18:40:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 May 2021 12:38:49 GMT
Server: nginx
ETag: W/"609291d9-380a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 202ms
70ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0099381a07c695e5af4b91cfed8c8ecf97fc7e923b65e503e2241d5a357be0f7

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 64b457261fce4c32-AMS
date: Thu, 06 May 2021 18:41:02 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 06 May 2021 08:38:57 GMT
server: cloudflare
age: 7315
etag: W/"c3c-5c1a53dfb3588"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
cf-request-id: 09e494cbd000004c32cd1ca000000001
expires: Thu, 06 May 2021 17:39:07 GMT

GET
H/1.1 200
OK diyyi.css
breaking-news.ca/wp-content/cache/wpfc-minified/q5gtyhs6/ 5 KB
2 KB 217ms
211ms Stylesheet
text/css 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/cache/wpfc-minified/q5gtyhs6/diyyi.css

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

d577d577f41a9ea4156c5beb1e88e3bfef293de8a44b2589450c3c23a1aa20ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 12 Apr 2020 19:34:22 GMT
Server: nginx/1.20.0
ETag: W/"5e936d3e-1303"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/9.7/_inc/build/photon/ 758 B
471 B 43ms
37ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.7/_inc/build/photon/photon.min.js

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 06 May 2022 18:41:02 GMT

GET
H/1.1 200
OK jquery.c00kie.js Show response
breaking-news.ca/wp-content/plugins/quick-chat/js/ 977 B
1 KB 237ms
232ms Script
application/javascript 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/plugins/quick-chat/js/jquery.c00kie.js?ver=4.14

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

3abb81ee81a5b8595e66873d8c64d509976fa0f3e48e28ebd06eb5b4bf03deb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Mar 2020 09:25:08 GMT
Server: nginx/1.20.0
ETag: W/"5e733a74-3d1"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK quick-chat-load.js Show response
breaking-news.ca/wp-content/plugins/quick-chat/js/ 791 B
924 B 221ms
215ms Script
application/javascript 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/plugins/quick-chat/js/quick-chat-load.js?ver=4.14

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

984700d554c403bdeeb313eca67dff9dca7875f1df11760e3793d2d07c51485a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Mar 2020 09:25:08 GMT
Server: nginx/1.20.0
ETag: W/"5e733a74-317"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.bxslider.min.js Show response
breaking-news.ca/wp-content/themes/eggnews/assets/lib/bxslider/ 23 KB
7 KB 242ms
237ms Script
application/javascript 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/themes/eggnews/assets/lib/bxslider/jquery.bxslider.min.js?ver=4.2.12

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

1f6f63ba8383b3ec0894fd72f7b8a8e55bd04510b236bc95cbce82607a6781d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Mar 2020 09:27:03 GMT
Server: nginx/1.20.0
ETag: W/"5e733ae7-5c9c"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.sticky.js Show response
breaking-news.ca/wp-content/themes/eggnews/assets/lib/sticky/ 7 KB
2 KB 258ms
253ms Script
application/javascript 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/themes/eggnews/assets/lib/sticky/jquery.sticky.js?ver=20150416

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

c9dc8ec104c88f02b7247bceccae2023a665855ce57e2a3f714d1dfa62cb2262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Mar 2020 09:27:03 GMT
Server: nginx/1.20.0
ETag: W/"5e733ae7-1c03"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sticky-setting.js Show response
breaking-news.ca/wp-content/themes/eggnews/assets/lib/sticky/ 293 B
747 B 386ms
213ms Script
application/javascript 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/themes/eggnews/assets/lib/sticky/sticky-setting.js?ver=20150309

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

6c50b9728278c1198628d81ae407a1d1e2a3def46b284a920a4ab13c54f90513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Mar 2020 09:27:03 GMT
Server: nginx/1.20.0
ETag: "5e733ae7-125"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 293
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK custom-script.js Show response
breaking-news.ca/wp-content/themes/eggnews/assets/js/ 3 KB
2 KB 221ms
217ms Script
application/javascript 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/themes/eggnews/assets/js/custom-script.js?ver=1.4.18

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

825a94169552a5f8e5b045811f058106172a2a540a3072f7483915f162f50a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Mar 2020 09:26:36 GMT
Server: nginx/1.20.0
ETag: W/"5e733acc-d63"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK cff-scripts.js Show response
breaking-news.ca/wp-content/plugins/custom-facebook-feed/assets/js/ 52 KB
16 KB 445ms
429ms Script
application/javascript 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/plugins/custom-facebook-feed/assets/js/cff-scripts.js?ver=2.19.1

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

33fffa1119c384b3f07d243151247c3c65a07a1111acfed0b4beac6806ffb55c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 21 Mar 2021 01:32:07 GMT
Server: nginx/1.20.0
ETag: W/"6056a217-cf2f"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/ 1 KB
719 B 38ms
37ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/wp-embed.min.js

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 06 May 2022 18:41:02 GMT

GET
H2 200 responsive-videos.min.js Show response
c0.wp.com/p/jetpack/9.7/modules/theme-tools/responsive-videos/ 777 B
398 B 39ms
39ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.7/modules/theme-tools/responsive-videos/responsive-videos.min.js

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3e3aeb6a6be4f7615a2a32aeda64db2c9f6776a89d361cbd7446952827bd55be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: br
last-modified: Tue, 25 Apr 2017 04:46:39 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 06 May 2022 18:41:02 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
breaking-news.ca/wp-content/themes/eggnews/assets/lib/owl/ 42 KB
11 KB 245ms
237ms Script
application/javascript 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/themes/eggnews/assets/lib/owl/owl.carousel.min.js?ver=1.4.18

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

7ddc424649b256e50ebbde6522b13a627359b25c299b3ffa32a2896866e277c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Mar 2020 09:27:03 GMT
Server: nginx/1.20.0
ETag: W/"5e733ae7-a8e5"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e-202118.js Show response
stats.wp.com/ 9 KB
3 KB 122ms
40ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202118.js
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 24 Apr 2022 21:30:40 GMT

GET
H2 200 infinity.js.aspx Show response
cdn.engine.4dsply.com/Scripts/ 179 KB
63 KB 53ms
24ms Script
application/x-javascript 2606:4700::6810:9e11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=758a8b21-5b5c-44ba-a24d-01505dfcf0b7
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0526a26f08fd7829e77d64be7ce7fb85946e99e0d5e3691a9e6efd09c13b4529

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: gzip
cf-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
age: 56
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: public, no-transform, max-age=900
cf-ray: 64b457269deb4eaa-FRA
content-type: application/x-javascript; charset=utf-8
cf-request-id: 09e494cc2500004eaa8f809000000001

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 34ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&ver=425b5ef9252f761737c95d940f8bd65e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://breaking-news.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 15:43:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
age: 10638
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
expires: Fri, 06 May 2022 15:43:44 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 79ms
78ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=425b5ef9252f761737c95d940f8bd65e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://breaking-news.ca
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=425b5ef9252f761737c95d940f8bd65e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617, 617, 617, 617
age: 372582
cdn-cachedat: 2021-05-02 13:06:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 09e494cb6000004e98ed01b000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 82a8876655b03ecc2c0fb93f893dd576
accept-ranges: bytes
cf-ray: 64b457253a974e98-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bnr_xload.php Show response
uprimp.com/ Frame 01DA 1 KB
2 KB 6761ms
6760ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646232108&xtt=8595630
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=167612&format=300x250&ga=g&bg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: acc49d822e6463b2fab47ae7a1fe6a2a02fcc3823478777667b39dd98aa71bea

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646232108&xtt=8595630
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://breaking-news.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://breaking-news.ca/

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 06 May 2021 18:41:02 GMT
last-modified: Thu, 06 May 2021 18:41:02 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2316997=1; expires=Fri, 07-May-2021 04:00:00 GMT; Max-Age=33531; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Fri, 07-May-2021 04:00:00 GMT; Max-Age=33531; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None cpa_673873=300x250_935756789_0; expires=Sat, 05-Jun-2021 18:41:09 GMT; Max-Age=2592000; path=/; domain=uprimp.com; secure; SameSite=None

GET
H2 200 bnr_xload.php Show response
uprimp.com/ Frame 296A 1 KB
2 KB 6804ms
6804ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646295406&xtt=7307262
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=167612&format=300x250&ga=g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: f7835179dc43f7f01a2350b4f88d695ce78d814f44e0a801aeabaf2e017042ad

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646295406&xtt=7307262
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://breaking-news.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://breaking-news.ca/

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 06 May 2021 18:41:02 GMT
last-modified: Thu, 06 May 2021 18:41:02 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2431076=1; expires=Fri, 07-May-2021 04:00:00 GMT; Max-Age=33531; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Fri, 07-May-2021 04:00:00 GMT; Max-Age=33531; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None cpa_673873=300x250_935756789_0; expires=Sat, 05-Jun-2021 18:41:09 GMT; Max-Age=2592000; path=/; domain=uprimp.com; secure; SameSite=None

GET
H2 200 / Show response
www.bitchute.com/embed/wQc9BA35QEpu/ Frame 168B 3 KB
2 KB 146ms
125ms Document
text/html 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ada779e6a3f649a72fe87805adb015a8822c9d0a909cec576e916c6065e31e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.bitchute.com
:scheme: https
:path: /embed/wQc9BA35QEpu/?feature=oembed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://breaking-news.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://breaking-news.ca/

Response headers

date: Thu, 06 May 2021 18:41:02 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=df028edd1f3be99f321dd7b19d4d655231620326462; expires=Sat, 05-Jun-21 18:41:02 GMT; path=/; domain=.bitchute.com; HttpOnly; SameSite=Lax; Secure
vary: Cookie,Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 09e494cbd70000646dbb858000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FzulmzBvBNK%2Bb3KHcSmmosBWYvIxmoSNnP8yhlonZIxKf5t3eKMfUzSE4ABUEurljMEczJDMU8s4WTHbtXQQG%2FnuN4QcEbXLhlv2UeHOPnx2njP70HL3dqnffYEx"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64b457262a78646d-FRA
content-encoding: br

GET
H2 200 bnr.php Show response
uprimp.com/ 379 B
632 B 99ms
98ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=General&pub=167612&format=300x250&ga=g&bg=1
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 18dcd5728bf375d951be982a12c20252e16ea05c8970733899ce36037c2c7fb3

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:02 GMT
last-modified: Thu, 06 May 2021 18:41:02 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Thu, 06 May 2021 18:41:02 GMT

GET
H2 200 bnr_xload.php Show response
uprimp.com/ Frame 8D62 1 KB
2 KB 6823ms
6822ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646270786&xtt=5688549
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=167612&format=300x250&ga=g&bg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: abb7d1ade37d6232c88594c1a66af366edb2bb2eacc740d21aa5ea281ddd712e

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646270786&xtt=5688549
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://breaking-news.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://breaking-news.ca/

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 06 May 2021 18:41:02 GMT
last-modified: Thu, 06 May 2021 18:41:02 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2316997=1; expires=Fri, 07-May-2021 04:00:00 GMT; Max-Age=33531; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Fri, 07-May-2021 04:00:00 GMT; Max-Age=33531; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None cpa_673873=300x250_935756789_0; expires=Sat, 05-Jun-2021 18:41:09 GMT; Max-Age=2592000; path=/; domain=uprimp.com; secure; SameSite=None

GET
H2 200 bnr.php Show response
uprimp.com/ 374 B
627 B 101ms
100ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=General&pub=167612&format=300x250&ga=g
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 1af6c8d6186372ebc31cc1384ea186576913f9e61e30819c56957380e35f41df

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:02 GMT
last-modified: Thu, 06 May 2021 18:41:02 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Thu, 06 May 2021 18:41:02 GMT

GET
H2 200 Tag.engine Show response
engine.4dsply.com/ 2 KB
2 KB 372ms
371ms Script
application/json 2606:4700::6810:9e11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.4dsply.com/Tag.engine?time=-120&id=758a8b21-5b5c-44ba-a24d-01505dfcf0b7&rand=23047&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=60&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fbreaking-news.ca%2Fthe-new-nuremberg-trials-2021-please-share-this-info%2F&kw=
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=758a8b21-5b5c-44ba-a24d-01505dfcf0b7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bc7e3ef0ea9f9c34e9eec4ca02e390de42fa45cc7787fdfa1374e007abf0ad1a

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 64b45726ef064eaa-FRA
date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-adscore-status: null
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: private, no-transform
content-type: application/json; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e494cc5200004eaa0795b000000001

GET
H2 200 plyr.css
cdnjs.cloudflare.com/ajax/libs/plyr/3.4.8/ Frame 168B 24 KB
4 KB 37ms
22ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.4.8/plyr.css

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11b7448c22b34dae17fdace8778630f6e9bab3e826c1a1ca960284359ab453b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 73932
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3554
cf-request-id: 09e494cc790000176653806000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa4-5edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cDdoJIuHpOC8JXoyVQCOjFy7jOC2au%2B%2F%2BtybnC7UzN1dw6ZEP7%2Bte2y7FVj5X3%2BR%2BOiPo7QG1b0LZrS4tC8DiXsqtgLa0f5%2FVrJEtMjY4d%2BgUtkBhCcOIo4kUU41PvAE3g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64b457272d911766-FRA
expires: Tue, 26 Apr 2022 18:41:02 GMT

GET
H2 200 embed.css
www.bitchute.com/static/v130/css/ Frame 168B 2 KB
1 KB 30ms
29ms Stylesheet
text/css 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v130/css/embed.css
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3d4cfc28d453d02fd8f5a8a833116f383c11438c132137e9b23c25643f60c01

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4584
cf-polished: origSize=3094
cf-request-id: 09e494cc6c0000646dd113c000000001
last-modified: Thu, 04 Feb 2021 15:50:09 GMT
server: cloudflare
etag: W/"c16-5ba84a88f2533-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Dxxf28%2Fal%2FqkUNatF86OgSmgKa1YXqbEtlpGlGPQyV48hKee8cxgqSDXKb7LfKbSG9PbHDGYSBCxUZmEVCpPlAVTtcEsT7L%2FXE0hNUprJ4BOTJrj9DDoi2Jq2vcH"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=86400
cf-ray: 64b457271b28646d-FRA
cf-bgj: minify

GET
H2 200 wQc9BA35QEpu_640x360.jpg
static-3.bitchute.com/live/cover_images/GNHuZcPXpfIn/ Frame 168B 32 KB
32 KB 159ms
64ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/GNHuZcPXpfIn/wQc9BA35QEpu_640x360.jpg

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-713 /

Resource Hash

c55b29ae10355fd7e494fdda341b705f58d5968f1878b9327801fb81c4aa9284

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:02 GMT
cdn-edgestorageid: 565
x-amz-request-id: tx0000000000000459f96f1-00606aaf19-43ba6e0-nyc3a
cdn-cachedat: 2021-04-05 08:32:58
cdn-pullzone: 89010
content-length: 32260
last-modified: Wed, 17 Mar 2021 02:24:03 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 64a19bcb299e3e77d4ee8f90e3e9004a
accept-ranges: bytes
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 168B 95 KB
30 KB 29ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 79518
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30360
cf-request-id: 09e494cc790000176646adb000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lr4utC4iMBLhH3yR2X0%2ByI1c%2BZEAq8h1KXznjW0mWZfEwTZ2QS5IJ6PibKVCFv%2BKk6uPPEw5Zc%2FuxIB0FMb%2FxgaMlBRy3vzJ6hYD92TwfH0wxMZ0yzcmaKSzAolR59rszw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64b457272d941766-FRA
expires: Tue, 26 Apr 2022 18:41:02 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ Frame 168B 4 KB
1 KB 24ms
7ms Script
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=es6,Array.prototype.includes,CustomEvent,Object.entries,Object.values,URL

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8af73fa4560eec175777bb3599db76a417328e8b6a2efecb9f6c1629c7dc67b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 5494079
detected-user-agent: Chrome/89.0.4389
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 926
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Mar 2021 11:28:06 GMT
date: Thu, 06 May 2021 18:41:02 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 plyr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/plyr/3.4.8/ Frame 168B 96 KB
24 KB 33ms
21ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.4.8/plyr.min.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71e321cc2e604ec1fbbe76c0470d616f1e8bcc9a25e27ab8d7b0f07efa54f2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 81486
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23866
cf-request-id: 09e494cc7b00001766acb83000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa4-17f39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zUT%2Fl0vmRNE9YKbArHRjEJHDOw1CgTANctcyamkso02dzcLggVvbgImlGd%2F5BhxGEm15x5iVmdi%2BTKDPCXw%2Bt0ty8GoQcfG9b%2FwkiHhkkxVQytd3OZbbJG5zt%2BgHm9CZJA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64b457272d931766-FRA
expires: Tue, 26 Apr 2022 18:41:02 GMT

GET
H2 200 rangetouch.js Show response
www.bitchute.com/static/v130/js/third-party/ Frame 168B 2 KB
1 KB 54ms
53ms Script
application/javascript 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v130/js/third-party/rangetouch.js
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 955adfc31846d7a5f3b397b90a83e22de43a5e68dfa15dbb93069462256920b6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6399
cf-polished: origSize=3126
cf-request-id: 09e494cc730000646dbb86a000000001
last-modified: Thu, 04 Feb 2021 16:01:51 GMT
server: cloudflare
etag: W/"c36-5ba84d266cfe0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wqMjnPYODXaGy7zYOqYiW5Q0zZubKyBU3JKYYfH7FeeZKFgJGi%2Bbqs%2Bn0erfHZyuzYkNeL9sr%2BfB9hmBzKU%2B11zWKGAL8joMyoe2ZsqNVO0TVmACNUwS3OnEKeLW"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 64b457271b36646d-FRA
cf-bgj: minify

GET
H2 200 html-ratio-component.js Show response
www.bitchute.com/static/v130/js/third-party/ Frame 168B 1 KB
790 B 123ms
122ms Script
application/javascript 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v130/js/third-party/html-ratio-component.js
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f401eb40ec1fa797bc8afbac7c18519fa46894d8cd6927be908486988ce47da6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6399
cf-polished: origSize=1882
cf-request-id: 09e494cc740000646dbe1f0000000001
last-modified: Thu, 04 Feb 2021 16:02:11 GMT
server: cloudflare
etag: W/"75a-5ba84d3914203-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JId%2F8%2FEIhKzQZQGvpZbNHVpLdOeYJiJT%2FMAH4b2wZAM%2FMOdn348HIG8t%2FiYHVb5qM0iZR7IJDBNnxsEpppZTM7YlfvMJdIfSDHObo2AaSQ8p54nb69WTyZxYkU84"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 64b457271b38646d-FRA
cf-bgj: minify

GET
H2 200 embed.js Show response
www.bitchute.com/static/v130/js/ Frame 168B 247 B
530 B 29ms
28ms Script
application/javascript 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v130/js/embed.js
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fef471c03efd044f419bec563ccab7f14415713b12d0d7a0ce711b8699b8f14f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4584
cf-polished: origSize=375
cf-request-id: 09e494cc740000646dd113d000000001
last-modified: Thu, 04 Feb 2021 16:00:57 GMT
server: cloudflare
etag: W/"177-5ba84cf20860a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UfLzCoHpZOa1f2SizTs9h0XiSXtgFlvOyZjUfvPRGT%2FkuQzfZa8%2B33DBBlODhkTH1jFJpfkLyC4rqYucruPvajjfZQs1SCbXCtTOMLz2A3%2FRlM6A6TE35YqhG6s5"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 64b457271b39646d-FRA
cf-bgj: minify

GET
H2 200 gun.js Show response
cdn.jsdelivr.net/npm/gun/ Frame 168B 86 KB
27 KB 77ms
13ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/gun/gun.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25f50d841c7dd81a7b0c4309672e7d56898c6d4a06d9b1b5d18cb05098a85655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 21974
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 27348
etag: W/"159a2-uv4Gced6Cam24gZeg/7TiV6ukw4"
x-served-by: cache-fra19122-FRA
date: Thu, 06 May 2021 18:41:02 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bnr_xload.php Show response
uprimp.com/ Frame A4FD 1 KB
2 KB 6670ms
6669ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646288475&xtt=7222464
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=167612&format=300x250&ga=g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: bf87392ab6c24aac4c96c39c7c937111f495de4852f705efe575f599267fb8b2

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646288475&xtt=7222464
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://breaking-news.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://breaking-news.ca/

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 06 May 2021 18:41:02 GMT
last-modified: Thu, 06 May 2021 18:41:02 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2431076=1; expires=Fri, 07-May-2021 04:00:00 GMT; Max-Age=33531; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Fri, 07-May-2021 04:00:00 GMT; Max-Age=33531; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None cpa_673873=300x250_935756789_0; expires=Sat, 05-Jun-2021 18:41:09 GMT; Max-Age=2592000; path=/; domain=uprimp.com; secure; SameSite=None

GET
H/1.1 200
OK / Show response
breaking-news.ca/second-nuremberg-tribunal-is-prepared/embed/ Frame 4CD2 20 KB
6 KB 318ms
277ms Document
text/html 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/second-nuremberg-tribunal-is-prepared/embed/

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

1d37d0861a3cc38c515b2b285080a8be48aef8498864a52e7dd80a08e584db0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Host: breaking-news.ca
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Response headers

Server: nginx/1.20.0
Date: Thu, 06 May 2021 18:41:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Cache: HIT from Backend
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H/1.1 200
OK 16.png
breaking-news.ca/wp-content/plugins/gtranslate/ 21 KB
18 KB 267ms
226ms Image
image/png 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://breaking-news.ca/wp-content/plugins/gtranslate/16.png

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/wp-content/cache/wpfc-minified/lbfv2wzc/diyyi.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

a5ceaa3b13d00891359440a0835ef348ec0ebbf01c27886a60753168cc3a8898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://breaking-news.ca/wp-content/cache/wpfc-minified/lbfv2wzc/diyyi.css
Connection: keep-alive
Referer: https://breaking-news.ca/wp-content/cache/wpfc-minified/lbfv2wzc/diyyi.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 05 May 2021 19:00:47 GMT
Server: nginx/1.20.0
ETag: W/"6092eb5f-525a"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 168B 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 168B 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
3 KB 29ms
6ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:26:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 882
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 06 May 2021 19:26:20 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 884
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1673
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 22:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 06 May 2021 19:26:18 GMT

GET
H2 200 bnr.php Show response
uprimp.com/ 379 B
632 B 102ms
101ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=General&pub=167612&format=300x250&ga=g&bg=1
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: f5a9c95f55b3f2aa2e7b279e18d1f31768097b55268f29300136fcf2e0a497bd

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:02 GMT
last-modified: Thu, 06 May 2021 18:41:02 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Thu, 06 May 2021 18:41:02 GMT

GET
H/1.1 206
Partial Content wQc9BA35QEpu.mp4
seed126.bitchute.com/GNHuZcPXpfIn/ Frame 168B 31 KB
0 639ms
304ms Media
video/mp4 173.208.201.170
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://seed126.bitchute.com/GNHuZcPXpfIn/wQc9BA35QEpu.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.208.201.170 , United States, ASN32097 (WII, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 06 May 2021 18:41:03 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD, GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 0-24837185/24837186
Access-Control-Allow_Credentials: true, true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 24837186

GET
H2 200 polyfill.min.js
cdn.polyfill.io/v2/ Frame 168B 4 KB
969 B 10ms
10ms Other
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=es6,Array.prototype.includes,CustomEvent,Object.entries,Object.values,URL

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8af73fa4560eec175777bb3599db76a417328e8b6a2efecb9f6c1629c7dc67b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 5494079
detected-user-agent: Chrome/89.0.4389
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 926
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Mar 2021 11:28:06 GMT
date: Thu, 06 May 2021 18:41:02 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 168B 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 168B 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET plyr-20180117.svg
www.bitchute.com/static/v130/images/ Frame 168B 0
0

GET
H/1.1 206
Partial Content wQc9BA35QEpu.mp4
seed126.bitchute.com/GNHuZcPXpfIn/ Frame 168B 63 KB
0 637ms
301ms Media
video/mp4 173.208.201.170
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://seed126.bitchute.com/GNHuZcPXpfIn/wQc9BA35QEpu.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.208.201.170 , United States, ASN32097 (WII, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 06 May 2021 18:41:03 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD, GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 0-24837185/24837186
Access-Control-Allow_Credentials: true, true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 24837186

GET
H3-29 200 element_main.js Show response
translate.googleapis.com/element/TE_20210224_00/e/js/element/ 250 KB
89 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 17:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4484
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91310
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 18:08:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 May 2022 17:26:18 GMT

GET
H2 200 bnr_xload.php Show response
uprimp.com/ Frame 49B5 1 KB
2 KB 6450ms
6450ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646228400&xtt=3486054
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=167612&format=300x250&ga=g&bg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: e11af69b78eb872c716113d4ec5a38286c7dd208a9d21254b33cbbcfe6422fa8

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646228400&xtt=3486054
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://breaking-news.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://breaking-news.ca/

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 06 May 2021 18:41:02 GMT
last-modified: Thu, 06 May 2021 18:41:02 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2316997=1; expires=Fri, 07-May-2021 04:00:00 GMT; Max-Age=33531; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Fri, 07-May-2021 04:00:00 GMT; Max-Age=33531; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None cpa_673873=300x250_935756789_0; expires=Sat, 05-Jun-2021 18:41:09 GMT; Max-Age=2592000; path=/; domain=uprimp.com; secure; SameSite=None

GET
H2 200 bnr.php Show response
uprimp.com/ 374 B
627 B 106ms
105ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=General&pub=167612&format=300x250&ga=g
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: aa97eb1d7712c67d443d2bdfe89645ec93c25aaa9afe1dc240b479657f0451ca

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:02 GMT
last-modified: Thu, 06 May 2021 18:41:02 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Thu, 06 May 2021 18:41:02 GMT

GET
H2 200 bnr_xload.php Show response
uprimp.com/ Frame 973E 1 KB
2 KB 6249ms
6249ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646290379&xtt=3249155
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=167612&format=300x250&ga=g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: dddbaec995a218d44ca4b029949b02b5e0b1d2b1186d22613a151cccdcd224be

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646290379&xtt=3249155
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://breaking-news.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://breaking-news.ca/

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 06 May 2021 18:41:02 GMT
last-modified: Thu, 06 May 2021 18:41:02 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2431076=1; expires=Fri, 07-May-2021 04:00:00 GMT; Max-Age=33531; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Fri, 07-May-2021 04:00:00 GMT; Max-Age=33531; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None cpa_673873=300x250_935756789_0; expires=Sat, 05-Jun-2021 18:41:09 GMT; Max-Age=2592000; path=/; domain=uprimp.com; secure; SameSite=None

GET
H2 200 / Show response
load.sumo.com/ 2 KB
2 KB 34ms
9ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 0c30678ce61936db0d9405256fc6d328eb49d38614d1650a3678a32ebb3b943c

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:02 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 7DKZHJ07SJCGS4A6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 16:27:12
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: INifribST4y/fX7s/ch2fi9s+xYZWorwY190OPBfwIKY+7mNpkmsgYtWDdSnODcpP8NCXEhThI0=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:11:26 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=600
cdn-requestid: 7bf773e20a3e91997fbd319f15fff015
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1745.002-3.012/ 588 KB
188 KB 67ms
67ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1745.002-3.012/ice.js
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27077d36b6dc6e75dcff223709a767433517d0444b80e4e2f489994cf6fd47ad

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 64b45729a8514c32-AMS
date: Thu, 06 May 2021 18:41:02 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 21 Apr 2021 16:33:05 GMT
server: cloudflare
age: 4126
etag: W/"92fe7-5c07e1e007b42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
cf-request-id: 09e494ce0400004c32f1164000000001
expires: Sat, 05 Jun 2021 17:32:16 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 39ms
38ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.7&blog=186825746&post=22380&tz=0&srv=breaking-news.ca&host=breaking-news.ca&ref=&fcp=2021&rand=0.4789871870464797
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:03 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H/1.1 200
OK Cookie set / Show response
breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/ 3 KB
2 KB 351ms
350ms XHR
application/json 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/?relatedposts=1

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/9.7/_inc/build/related-posts/related-posts.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

2d225555695064c8de2906b8f519076093edc4aeab86e34a13d7417956f2242b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
x-requested-with: XMLHttpRequest
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-requested-with: XMLHttpRequest

Response headers

Date: Thu, 06 May 2021 18:41:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Server: nginx/1.20.0
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Set-Cookie: quick_chat_alias=Guest_862; path=/
Vary: Accept-Encoding
Keep-Alive: timeout=60

GET
H/1.1 200
OK zone Show response
dibsemey.com/ 685 B
1 KB 53ms
53ms Fetch
application/json 139.45.196.206
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dibsemey.com/zone?pub=0&zone_id=2447761&is_mobile=false&domain=breaking-news.ca&var=&ymid=&var_3=

Requested by

Host: dibsemey.com
URL: https://dibsemey.com/pfe/current/tag.min.js?z=2447761

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.206 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3f85b69ab5d27dee6e42300b5bc62b510fa0a85028b017da7fb4c8662807e71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id: 235ca7b499741c1c41712548b550cc24
Date: Thu, 06 May 2021 18:40:55 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://breaking-news.ca
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 685

GET
H/1.1 200
OK universal.min.js Show response
dibsemey.com/pfe/current/ 107 KB
38 KB 202ms
79ms Fetch
application/javascript 139.45.196.206
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dibsemey.com/pfe/current/universal.min.js?v=3.1.293
Requested by: Host: dibsemey.com
URL: https://dibsemey.com/pfe/current/tag.min.js?z=2447761
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.206 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 308c11f11c4190742d17016b1f498aaccb8807540eab270142a382d4787064c8

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 May 2021 18:40:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 May 2021 12:38:49 GMT
Server: nginx
ETag: W/"609291d9-1ab55"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://breaking-news.ca
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 72.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 131 KB
43 KB 16ms
16ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/72.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:03 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: M2V4ABCBRXAKMETJ
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 18:28:37
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: frKzZ4J0+z+5CVzL9do9p5j21P7gxBaGvvnsAgKt9RNZMWyctBI9/YD4EmGoy+ANXI97bXpGumM=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:11:05 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 4b0a9734c0409425d58a1e06fb23a70e
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 73.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 289 KB
99 KB 8ms
8ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:03 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: PY5QCHFR9GPYYTP6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 18:22:37
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: xq9haDHlOS43KvpB4EeX27s+Qe+zgZ5m6ftY493+bzL2UzdS/QatJu6UNFzlreLrNdaKVM5u6N0=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:11:05 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: d310a84ae46498b70cf25e6a2470bf70
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/jquery/ Frame 4CD2 87 KB
30 KB 205ms
67ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/second-nuremberg-tribunal-is-prepared/embed/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 06 May 2021 18:41:03 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 06 May 2022 18:41:03 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/jquery/ Frame 4CD2 11 KB
4 KB 205ms
67ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/second-nuremberg-tribunal-is-prepared/embed/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 06 May 2021 18:41:03 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 06 May 2022 18:41:03 GMT

GET
H/1.1 200
OK diyyi.css
breaking-news.ca/wp-content/cache/wpfc-minified/lbfv2wzc/ Frame 4CD2 882 B
821 B 233ms
232ms Stylesheet
text/css 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/cache/wpfc-minified/lbfv2wzc/diyyi.css

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/second-nuremberg-tribunal-is-prepared/embed/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

a999f24434be7cf28883979673975a1dc6fadf5647ede64d50fa6f3bf3c52f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 12 Apr 2020 19:34:22 GMT
Server: nginx/1.20.0
ETag: W/"5e936d3e-372"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/9.7/css/ Frame 4CD2 76 KB
13 KB 195ms
58ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.7/css/jetpack.css

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/second-nuremberg-tribunal-is-prepared/embed/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 06 May 2021 18:41:03 GMT
content-encoding: br
last-modified: Tue, 27 Apr 2021 15:29:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 06 May 2022 18:41:03 GMT

GET
H/1.1 200
OK diyyi.css
breaking-news.ca/wp-content/cache/wpfc-minified/ffazcrlt/ Frame 4CD2 7 KB
2 KB 229ms
228ms Stylesheet
text/css 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-content/cache/wpfc-minified/ffazcrlt/diyyi.css

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/second-nuremberg-tribunal-is-prepared/embed/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

cfa5a8fa97862eeaceefeaa32645101531006817044da885a13255c9a12c8b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 12 Apr 2020 19:34:22 GMT
Server: nginx/1.20.0
ETag: W/"5e936d3e-1cb6"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK w-logo-blue.png
breaking-news.ca/wp-includes/images/ Frame 4CD2 3 KB
3 KB 214ms
213ms Image
image/png 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://breaking-news.ca/wp-includes/images/w-logo-blue.png

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/second-nuremberg-tribunal-is-prepared/embed/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

a8c9355719e180f67753c823b87c29f40e21df91c20b44eb92d4cb36ef575d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Mar 2020 08:20:03 GMT
Server: nginx/1.20.0
ETag: W/"5e732b33-c29"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
breaking-news.ca/wp-includes/js/ Frame 4CD2 14 KB
5 KB 219ms
217ms Script
application/javascript 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/wp-includes/js/wp-emoji-release.min.js?ver=425b5ef9252f761737c95d940f8bd65e

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/second-nuremberg-tribunal-is-prepared/embed/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Feb 2021 07:39:10 GMT
Server: nginx/1.20.0
ETag: W/"601ba49e-3795"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pbice.js Show response
resources.infolinks.com/js/pbice/3.012/ 253 KB
80 KB 71ms
70ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/3.012/pbice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1745.002-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef22755bc9501f967f1cb92530ea9a24c98432e12dfa2b35a71482b3e5579b21

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 64b4572aeb644c32-AMS
date: Thu, 06 May 2021 18:41:03 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 25 Feb 2021 13:31:34 GMT
server: cloudflare
age: 4389
etag: W/"3f394-5bc292b988e82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
cf-request-id: 09e494cecf00004c32921c3000000001
expires: Sat, 05 Jun 2021 17:27:54 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame E1CF 8 KB
2 KB 204ms
197ms Document
text/html 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1745.002-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c907d2288075c470f1404dbd031776014c384f97490872ac1d1800f0e8417b4

Request headers

:method: GET
:authority: router.infolinks.com
:scheme: https
:path: /usync/manage?pid=1970714&wsid=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://breaking-news.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://breaking-news.ca/

Response headers

date: Thu, 06 May 2021 18:41:03 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=d62b626e9bd1f85db2069f86400fb358e1620326463; expires=Sat, 05-Jun-21 18:41:03 GMT; path=/; domain=.infolinks.com; HttpOnly; SameSite=Lax
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09e494cef800004c329b802000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64b4572b2c0d4c32-AMS
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
78 B 187ms
184ms Script
text/plain 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=1970714&wsid=0
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1745.002-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 64b4572b2c0f4c32-AMS
content-length: 0
cf-request-id: 09e494cef800004c328d23a000000001

OPTIONS
H/1.1 200
OK custom
dibsemey.com/ Frame 0
0 48ms
48ms Preflight
text/plain 139.45.196.206
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dibsemey.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.206 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://breaking-news.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 06 May 2021 18:40:55 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://breaking-news.ca
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
dibsemey.com/ 39 B
491 B 55ms
55ms Fetch
application/json 139.45.196.206
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dibsemey.com/custom

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.206 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 12a889d07f4332b404009696b3560c33
Date: Thu, 06 May 2021 18:40:55 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://breaking-news.ca
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK sw.js Show response
breaking-news.ca/ 3 KB
2 KB 217ms
217ms Fetch
application/javascript 104.225.217.48
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://breaking-news.ca/sw.js

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.225.217.48 Seattle, United States, ASN29802 (HVC-AS, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

9112c670bbb72565dbffb7455dba17b3e1d6cb36c3c27e8c673241962d631cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: breaking-news.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Connection: keep-alive
Referer: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 May 2021 18:32:20 GMT
Server: nginx/1.20.0
ETag: W/"60943634-aab"
Strict-Transport-Security: max-age=31536000
X-Cache: HIT from Backend
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
1 KB 30ms
8ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:40:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 45
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Fri, 06 May 2022 18:40:18 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
999 B 31ms
9ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 21:36:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 594255
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
expires: Fri, 29 Apr 2022 21:36:48 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 30ms
8ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:36:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 261
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Fri, 06 May 2022 18:36:42 GMT

GET
DATA 200
OK truncated
/ Frame 4CD2 213 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ Frame 4CD2 397 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3-29 200 l Show response
translate.googleapis.com/translate_a/ Frame A0AA 3 KB
962 B 17ms
16ms Script
application/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-hS8zWR1jXNAn3LBLQ0rbaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-hS8zWR1jXNAn3LBLQ0rbaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
date: Thu, 06 May 2021 18:41:03 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
de.tynt.com/deb/ Frame D508 75 B
289 B 444ms
144ms Document
text/html 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

cache-control: max-age=86400
expires: Fri, 07 May 2021 18:41:03 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Thu, 06 May 2021 18:41:03 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame F8CD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

2 KB
3 KB

76ms
76ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 63cf96c058d6f571a1f73d3c48ae7c9e11efbc9c35284cd1b7ec6a3c3750ae8c

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YJQ4PzSTisQBAbjXz.ObUgAA; CMPS=5127
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|45|39|41|40|190|64
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1687
Expires: Thu, 06 May 2021 18:41:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 06 May 2021 18:41:03 GMT
Connection: keep-alive
Set-Cookie: CMID=YJQ4PzSTisQBAbjXz.ObUgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 May 2022 18:41:03 GMT CMPS=5127;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 Aug 2021 18:41:03 GMT CMPRO=1189;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 Aug 2021 18:41:03 GMT CMST=YJQ4P2CUOD8A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 07 May 2021 18:41:03 GMT CMRUM3=286094383f05a00&406094383f05a0&e66094383f27600&296094383f05a00&be6094383f05a0&2d6094383f05a0&276094383f0b40&f16094383f05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 May 2022 18:41:03 GMT

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 06 May 2021 18:41:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 06 May 2021 18:41:03 GMT
Connection: keep-alive
Set-Cookie: CMID=YJQ4PzSTisQBAbjXz.ObUgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 May 2022 18:41:03 GMT CMPS=5127;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 Aug 2021 18:41:03 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 576E 2 KB
818 B 122ms
39ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=598ce3ddaee8c90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame E1CF
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTVFMkQ0MjItRkE0NS00MEExLTkyMjEtNTE0NjJGMUE0Qjk4&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTVFMkQ0MjItRkE0NS00MEExLTkyMjEtNTE0NjJGMUE0Qjk4&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DA5E2D422-FA45-40A1-9221-51462F1A4B98
https://router.infolinks.com/dyn/pbm-usync?uid=A5E2D422-FA45-40A1-9221-51462F1A4B98

0
244 B

260ms
259ms

Image
text/html

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=A5E2D422-FA45-40A1-9221-51462F1A4B98
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 64b457326ca84c32-AMS
content-length: 0
cf-request-id: 09e494d38000004c32d69da000000001
expires: Wed, 06 May 2020 18:41:04 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/pbm-usync?uid=A5E2D422-FA45-40A1-9221-51462F1A4B98
Date: Thu, 06 May 2021 18:41:02 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame E1CF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=6044636736543208424

35 B
214 B

200ms
199ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=6044636736543208424
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 64b4572e6b904c32-AMS
content-length: 35
cf-request-id: 09e494d10500004c328d26a000000001
expires: Wed, 06 May 2020 18:41:03 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 May 2021 18:41:03 GMT
X-Proxy-Origin: 37.120.156.220; 37.120.156.220; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.48:80
AN-X-Request-Uuid: d89f4397-b0d9-4f42-893a-3ede5cdaff83
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=6044636736543208424
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame E1CF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
https://router.infolinks.com/dyn/VR-usync?uid=y-JfXPluxE2uEagt.WxSk70ufpXK0kkCvgyJ9Eqhk-~A

35 B
411 B

168ms
168ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-JfXPluxE2uEagt.WxSk70ufpXK0kkCvgyJ9Eqhk-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 64b4572e4b294c32-AMS
content-length: 35
cf-request-id: 09e494d0f100004c32cd24a000000001
expires: Wed, 06 May 2020 18:41:03 GMT

Redirect headers

Date: Thu, 06 May 2021 18:41:03 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/VR-usync?uid=y-JfXPluxE2uEagt.WxSk70ufpXK0kkCvgyJ9Eqhk-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame E1CF
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8109364428
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8109364428
https://sync.1rx.io/usersync/tradedesk/76ecb32d-cbc9-48ba-acd9-38eeefefd4d4
https://sync.targeting.unrulymedia.com/csync/RX-a20e5cbf-99ef-457d-b8eb-ab8473022921-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-a20e5cbf-99ef-457d-b8eb-ab8473022921-003
https://router.infolinks.com/dyn/r1-usync?uid=RX-a20e5cbf-99ef-457d-b8eb-ab8473022921-003

35 B
231 B

177ms
167ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-a20e5cbf-99ef-457d-b8eb-ab8473022921-003
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 64b45730d93c4c32-AMS
content-length: 35
cf-request-id: 09e494d28900004c32f11d5000000001
expires: Wed, 06 May 2020 18:41:04 GMT

Redirect headers

location: https://router.infolinks.com/dyn/r1-usync?uid=RX-a20e5cbf-99ef-457d-b8eb-ab8473022921-003
date: Thu, 06 May 2021 18:41:04 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXa20e5cbf99ef457db8ebab8473022921003
content-type: text/html

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame E1CF
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
221 B

242ms
242ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 64b4573098974c32-AMS
content-length: 35
cf-request-id: 09e494d25c00004c32cd272000000001
expires: Wed, 06 May 2020 18:41:04 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Thu, 06 May 2021 18:41:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame E1CF 0
478 B 217ms
52ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 May 2021 18:41:03 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame E1CF
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fbreaking-news.ca%252F&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fbreaking-news.ca%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fbreaking-news.ca%2F&pid=12306&adnxs_uid=4387380736984424194

95 B
945 B

256ms
63ms

Image
image/png

34.251.124.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=https%3A%2F%2Fbreaking-news.ca%2F&pid=12306&adnxs_uid=4387380736984424194

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.251.124.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 06 May 2021 18:41:03 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Thu, 06 May 2021 18:41:03 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 May 2021 18:41:03 GMT
X-Proxy-Origin: 37.120.156.220; 37.120.156.220; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.164:80
AN-X-Request-Uuid: 23452480-66a7-4537-8152-fa1111370dc2
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fbreaking-news.ca%2F&pid=12306&adnxs_uid=4387380736984424194
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame E1CF 42 B
233 B 371ms
123ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 May 2021 18:41:03 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame E1CF
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9c5d5166-ae9a-11eb-b7d2-02714fb60396
https://router.infolinks.com/dyn/outh-usync?uid=y-rTt384hE2uGtS54S5o8sLwrqzUgN7cJM~A~UP9c5d5166-ae9a-11eb-b7d2-02714fb60396

35 B
260 B

170ms
169ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-rTt384hE2uGtS54S5o8sLwrqzUgN7cJM~A~UP9c5d5166-ae9a-11eb-b7d2-02714fb60396
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 64b4572ebc494c32-AMS
content-length: 35
cf-request-id: 09e494d13200004c32f9281000000001
expires: Wed, 06 May 2020 18:41:03 GMT

Redirect headers

Date: Thu, 06 May 2021 18:41:03 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/outh-usync?uid=y-rTt384hE2uGtS54S5o8sLwrqzUgN7cJM~A~UP9c5d5166-ae9a-11eb-b7d2-02714fb60396
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usersync
match.bnmla.com/ Frame E1CF 0
114 B 401ms
130ms Image
text/plain 38.27.122.101
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.101 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 18:41:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame E1CF
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=d75dc99af1fca43eb15e9df1

35 B
350 B

181ms
179ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=d75dc99af1fca43eb15e9df1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 64b4573068444c32-AMS
content-length: 35
cf-request-id: 09e494d24500004c32c62c6000000001
expires: Wed, 06 May 2020 18:41:04 GMT

Redirect headers

Date: Thu, 06 May 2021 18:41:03 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=d75dc99af1fca43eb15e9df1
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame E1CF
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DA5E2D422-FA45-40A1-9221-51462F1A4B98
https://router.infolinks.com/dyn/usersync?pmuservalue=A5E2D422-FA45-40A1-9221-51462F1A4B98

0
218 B

199ms
198ms

Image
text/plain

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=A5E2D422-FA45-40A1-9221-51462F1A4B98
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 64b45730f9804c32-AMS
content-length: 0
cf-request-id: 09e494d29e00004c32e82f0000000001

Redirect headers

Location: https://router.infolinks.com/dyn/usersync?pmuservalue=A5E2D422-FA45-40A1-9221-51462F1A4B98
Date: Thu, 06 May 2021 18:41:03 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 410
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame E1CF 0
279 B 297ms
296ms Image
text/plain 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 64b4572f8e454c32-AMS
content-length: 0
cf-request-id: 09e494d1b900004c32b9382000000001

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame E1CF
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=1875819619574484825

35 B
214 B

165ms
164ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=1875819619574484825
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 64b45730e94d4c32-AMS
content-length: 35
cf-request-id: 09e494d28d00004c32c71bb000000001
expires: Wed, 06 May 2020 18:41:04 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=1875819619574484825
Date: Thu, 06 May 2021 18:41:04 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame E1CF 0
89 B 478ms
160ms Image
text/plain 208.100.17.172
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=1970714&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.172 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip172.208-100-17.static.steadfastdns.net
Software: 33XP004 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-33x-status: 200000000000000002000208
date: Thu, 06 May 2021 18:41:03 GMT
server: 33XP004

OPTIONS
H/1.1 200
OK custom
dibsemey.com/ Frame 0
0 48ms
47ms Preflight
text/plain 139.45.196.206
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dibsemey.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.206 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://breaking-news.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 06 May 2021 18:40:56 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://breaking-news.ca
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
dibsemey.com/ 39 B
491 B 52ms
52ms Fetch
application/json 139.45.196.206
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dibsemey.com/custom

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.206 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 888aa4e1d515527a3b6a47c5f729d662
Date: Thu, 06 May 2021 18:40:56 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://breaking-news.ca
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 206
Partial Content wQc9BA35QEpu.mp4
seed126.bitchute.com/GNHuZcPXpfIn/ Frame 168B 575 KB
576 KB 615ms
296ms Media
video/mp4 173.208.201.170
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://seed126.bitchute.com/GNHuZcPXpfIn/wQc9BA35QEpu.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wQc9BA35QEpu/?feature=oembed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.208.201.170 , United States, ASN32097 (WII, US),
Reverse DNS
Software: /
Resource Hash: 8942352302153559a30da7742dd6e37049a3a0ef3f7b12751b28b1c5b109a264

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=24248320-

Response headers

Date: Thu, 06 May 2021 18:41:03 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD, GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 24248320-24837185/24837186
Access-Control-Allow_Credentials: true, true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 588866

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame F8CD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJQ4PzSTisQBAbjXz-ObUgAABKUAAAAB
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YJQ4PzSTisQBAbjXz-ObUgAABKUAAAAB&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEELNtdKyPyW8vON4jEFCkPE&google_cver=1

43 B
315 B

51ms
50ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEELNtdKyPyW8vON4jEFCkPE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 May 2021 18:41:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 06 May 2021 18:41:04 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEELNtdKyPyW8vON4jEFCkPE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F8CD
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJQ4PzSTisQBAbjXz-ObUgAABKUAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJQ4PzSTisQBAbjXz-ObUgAABKUAAAAB&dcc=t

43 B
433 B

133ms
132ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJQ4PzSTisQBAbjXz-ObUgAABKUAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 May 2021 18:41:04 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 May 2021 18:41:04 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJQ4PzSTisQBAbjXz-ObUgAABKUAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F8CD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJQ4PzSTisQBAbjXz.ObUgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDW6mlkj_2UqmXSVmuD9IWY&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

144ms
61ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDW6mlkj_2UqmXSVmuD9IWY&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 May 2021 18:41:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 06 May 2021 18:41:04 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDW6mlkj_2UqmXSVmuD9IWY&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F8CD 70 B
264 B 59ms
57ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YJQ4PzSTisQBAbjXz.ObUgAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame F8CD 43 B
408 B 224ms
69ms Image
image/gif 173.231.181.122
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 May 2021 18:41:03 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-3
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame F8CD 0
0 52ms
51ms Image
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F8CD
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622918463

43 B
1 KB

127ms
122ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622918463
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 May 2021 18:41:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 06 May 2021 18:41:04 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:03 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622918463
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame F8CD 35 B
331 B 185ms
184ms Image
image/gif 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YJQ4PzSTisQBAbjXz.ObUgAA%261189
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 64b4572eecaf4c32-AMS
content-length: 35
cf-request-id: 09e494d15200004c32bc88b000000001
expires: Wed, 06 May 2020 18:41:03 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 754F
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

128ms
126ms

Document
text/html

35.170.231.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.231.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 9fce8695c151daf4b2f8ed35e526641009dc9bf93cb8508756ffa02f9062b0c0

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EQUser=UID=4a44fad7-793e-4455-abda-6d9170722d40
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Thu, 06 May 2021 18:41:04 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Thu, 06 May 2021 18:41:04 GMT
pragma: no-cache

Redirect headers

date: Thu, 06 May 2021 18:41:04 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=4a44fad7-793e-4455-abda-6d9170722d40; Path=/; Domain=eqads.com; Expires=Fri, 06 Aug 2021 18:41:04 GMT; Secure; SameSite=None

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame 754F 43 B
1 KB 107ms
107ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=4a44fad7-793e-4455-abda-6d9170722d40&expiration=1628275264
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 May 2021 18:41:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 06 May 2021 18:41:04 GMT

POST
H2 200 / Show response
sumo.com/api/load/ 849 B
1 KB 639ms
211ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.14.1 /

Resource Hash

a94c49b3e1aa2fa4558678001eb7c89e1ad875b54b8262ead41f409de604f40c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 06 May 2021 18:41:06 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://breaking-news.ca
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 849

OPTIONS
H2 204 services
sumo.com/ Frame 0
0 216ms
216ms Preflight 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/services
Protocol: H2
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sumo-auth
Origin: https://breaking-news.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.14.1
date: Thu, 06 May 2021 18:41:07 GMT
access-control-allow-origin: https://breaking-news.ca
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

POST
H2 200 services Show response
sumo.com/ 28 KB
4 KB 229ms
229ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.14.1 /

Resource Hash

fb9874bd1b966a2d41114c8bb37de4b78df77fa4de9df5b7c8860d80abc34f83

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-Sumo-Auth: A5RmH7S7pPSiScMJZGhHj08A
Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://breaking-news.ca
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

GET
H2 200 7.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 97 KB
33 KB 20ms
19ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/7.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: FMW8KZQYKHEZFN3Q
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 18:36:57
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 3AJLJPMf9WcrOllLr7JhxIYnhZoiYa7tCwZ3yWu8RGhlkBmXoa0GQ+aOIrQ6+ytRKMNo9dpTpXk=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:11:02 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 631231abb6d3f3e952d70e9bce94b288
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 4.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
3 KB 9ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/4.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 9KS6XFHF0EH75B86
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 16:09:11
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: S/4Vn3/fZtMHlhQ6mKPfKQXLYs2hqQKSSi3ti7biAImTbvSomQBzWx9PVBGHNHRBDHnNKPIhTe0=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:10:41 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 0b08a34303daa674888b0e2504df6b19
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 2.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 3 KB
2 KB 10ms
8ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/2.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: X4WJZHWP04J3HE5T
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 18:24:37
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: hTLQADeIa4Wns9LzSUQA7SKNdgJLUqgednIGmNT1mLXWQzETgnBIi+7cLDcMM7UqqNdFcEZ1uSE=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:10:26 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 104c894e6ab9654f8e67e3f51a8ed176
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 10.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 11 KB
5 KB 11ms
10ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/10.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: XS81XSEM20RGWF3F
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 17:47:21
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: GP+Alc0ibBB/YVHRTg10FHjCIRYG/Ni/WQf3Awd3PsWwCHpHxw39f8mugW1koBhCT0OjVtH4UO4=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:10:14 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 739fae7c6cf933223428675e751b96b9
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 22.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 92 KB
24 KB 20ms
19ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/22.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 6TWSVK2G4GKNE99S
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 17:45:04
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 0sAzfpsFHGPMZLkPtF462bMbFvRfbcuYMSQXsNt5kbLJc14K2yyD0wVHNTBp6uL3yrHRtT7DNZA=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:10:28 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 9edf4ac2cdb45fe9a78edd834bf85745
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 23.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 329 KB
93 KB 8ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/23.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: MNCQXNPNVZRDRR8F
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 18:03:01
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: JSglOd22k51fhu0ypqJ/YueelqIaUBIdUEA+dr1b9/m2uwdiGgKFBFkQqzqdjnVqhyI3PREr+Ec=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:10:28 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: e061b7ad53543f516aa361227a9993c5
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 21.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 179 KB
51 KB 39ms
35ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/21.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: AMF80NZFWTSSTQSM
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 18:34:39
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: b5t/TFB+dZ2GKMvLmIW9kEXAsoBB4D6DL8LjREjulWu4YgHpxqJLgN4HiSShB0G7d/3BBFQ6KyQ=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:10:27 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 2a9ec77219c098c05937acf332d2fb6e
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 64.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 KB
1 KB 8ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/64.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: QK6N1QZAMHA5PRYF
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 17:38:57
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: POkLbp6U6mnj+dGrDDOJ4lr8jYRNBCEHAum2P17DZt5tOMeG1vzOXS+8LIqOpJBbaH+bpFei8PU=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:10:59 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 714768ec89ce5f84c0ac63fee2a3c517
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 0.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
3 KB 11ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/0.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 3EPF5D42A1Q2JN9V
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 17:32:35
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 5LzLbZ9jbbotuk4eozBRtrvlI286CKIgwOFzaMf5ofNMa1h2P2xP194wn/a8kSpKj3UvhzuaVCU=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:10:13 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 6a44775b510747b644cd0457627f59fd
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 1.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 KB
2 KB 11ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/1.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: FA8HCX16NBGY1GMC
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 16:33:59
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: tdpnDmfOxYd5S0dLOGgIxA0U+DTlX/XJzdtgV/yCUHlZF0xorF2/gs1whk7twc5ZveQ2oQW3/zE=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:10:13 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 35d88c1db390dd5cc1dfd4527ae23efa
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 3.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
2 KB 10ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/3.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: XPVKJWRPN9418D3W
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 17:43:25
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: qogY+KCmyBYJgHn2NI8i8dl7Qpr97i85D5Iz0FtQ3zG4YfobKoFDvrPHEUmRdfdMTralb49lOPo=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:10:33 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: d04cc3a4a89f21bb816bb005cd2201a3
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 11.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 438 KB
128 KB 9ms
8ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: NZA45XJD8WAB9AJB
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 09:03:27
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: jaC+zItSjxl/2Cf0EoGN0vnLn5nk8PocljbaWbo+HwvRN4GieK7EySosmMpITEUKHrKcS35+Kxc=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:10:20 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 72518d4aed216cd7faf91bed60e0fb93
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 15.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 711 KB
52 KB 25ms
24ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: M74SS5NRVYCWYV07
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 13:28:21
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: MOg2Bbm7tQwqZMQ/Adf4dD6HSDy45ztbhl6YlBFrkwDh5rF/J4+cwS30ox/GGmVoi7EhAQYm4qU=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:10:23 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: e4593cd2e45bb9c11e2857293b57de5c
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 96.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 MB
77 KB 12ms
11ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/96.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 63ZTG2FRYNYR7J6N
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 18:25:17
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: VZpTFRvdss7LQgd5HlcgczXNafFpf3paem0c+O9hK6/YSIEHkwP7P8IdcvBdEN24F4IrMkWU4NQ=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:11:22 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: e4125f95869d307c067737107143b61c
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 97.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 221 B
917 B 56ms
56ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/97.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: T3P20JTR2JSSEYM2
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 17:31:55
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: MfBc5rovYpSLnukiQ6xr5OLZk3mYcQvbM7pWgUX0l+1YrKsYRMPzYub0u6wwjOmNMc9vvYXR6F8=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:11:22 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 52b95bb2c886cde5d3551fbea3b8df49
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e0d7c507cf900775df1d347c362c6ab870162905b31ca3b2b4afd5f73fad98f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 May 2021 16:47:17 GMT
server: ESF
date: Thu, 06 May 2021 18:41:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 May 2021 18:41:07 GMT

OPTIONS
H2 404 rpc
clients6.google.com/ Frame 0
0 26ms
6ms Preflight
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ
Protocol: H2
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://breaking-news.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

GET
H2 200 / Show response
graph.facebook.com/ 252 B
649 B 111ms
66ms Script
text/javascript 2a03:2880:f008:1:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fbreaking-news.ca%2Fthe-new-nuremberg-trials-2021-please-share-this-info%2F&callback=jQuery1102014603898044649943_1620326463240&_=1620326463241

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f008:1:face:b00c:0:1 Milan, Italy, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d1ed7a46eb35824c1d946d3e692a9b508661a973ae7a57db778b62687335de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1003746439
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 192
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: XerUbsQ6gLzw6peQhRWoasXsL2iOC9DCaRLBc0vrK6u1CPd3PWDEM7cvZjzitee1dq9+WvY9PBn9Uv2dIroI5w==
x-fb-trace-id: EJG3keJjVqi
date: Thu, 06 May 2021 18:41:07 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AVbXBtMfvYCGEuCRB320ghz
cache-control: no-store
facebook-api-version: v3.3
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 links.getStats Show response
api.facebook.com/method/ 445 B
635 B 97ms
53ms Script
text/javascript 2a03:2880:f008:1:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://api.facebook.com/method/links.getStats?urls=https%3A%2F%2Fbreaking-news.ca%2Fthe-new-nuremberg-trials-2021-please-share-this-info%2F&format=json&callback=jQuery1102014603898044649943_1620326463242&_=1620326463243

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f008:1:face:b00c:0:1 Milan, Italy, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c19f1e6f97824220058e0ec118dcf09efb197db4bd7379a77967e99d4845973f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: u+tCumO907dRMGtrhKWIbtTUYDRT2Ghu5qKlfcv4ZU8nziEdyhUNH7i+aRIBVN65GnwAQlFkUmoCzQykcojXRw==
content-encoding: br
vary: Accept-Encoding
x-fb-trace-id: CRdorBaUS9d
date: Thu, 06 May 2021 18:41:07 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-fb-request-id: ADSDRbKUYKjtlV9xCA62Y_l
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rev: 1003746439
facebook-api-version: v3.3
content-length: 272
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST rpc
clients6.google.com/ 0
0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53c0a264444053b235b6d81b4da620684ddce50d6326798a1a536f9e269d5f52

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb44a5e28b65adaa17b5db1f931e4681ae8103a5f194b8c0704ecc5611a83bb3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 googleplus-white-60.png
load.sumo.com/_/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/ 20 KB
21 KB 7ms
6ms Image
image/png 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load.sumo.com/_/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/googleplus-white-60.png
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 568c290163b0a0957dc9a588116a279f2b47ce42ecc08a9033162c594a7413c6

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
cdn-edgestorageid: 481
x-amz-request-id: 56ZW6GKJDJ7TDMM8
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 09:00:42
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 20477
x-amz-id-2: F2CabqQWFKdzzo5pwH1qG0rqA1mxo3BWlZKpWDzrakFV5d9r+cxSGkQDfNKHjOUGzX1m30jdx7Q=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:11:24 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
content-type: image/png
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: da437f2d01fdec30bb7c4371f134e021
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sumome-white-60.png
load.sumo.com/_/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/ 16 KB
16 KB 7ms
7ms Image
image/png 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load.sumo.com/_/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/sumome-white-60.png
Requested by: Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 8ed77676d10661c0467f600237ee68475d3d4e58993e200cd953ae54132a0e24

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:07 GMT
cdn-edgestorageid: 481
x-amz-request-id: THAN7W4K3MJ5QNCG
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-06 16:06:50
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 16033
x-amz-id-2: 3IGcBaSvYlbRKmMytCszA6v6/lPOV9a5T0tzc3f0PzdvMMzJRj8MTop99F0kKPsNOcoO2r0xhJE=
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 19:11:24 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
content-type: image/png
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 954b3ecae693774a8ec98a1643c7e2f9
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

OPTIONS
H2 204 features
sumo.com/api/site/842f3b18619e0fa2f3b9aac8c35094d975447d578139aca6e64b76ca3372ba3e/ Frame 0
0 208ms
208ms Preflight 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/842f3b18619e0fa2f3b9aac8c35094d975447d578139aca6e64b76ca3372ba3e/features?site_id=842f3b18619e0fa2f3b9aac8c35094d975447d578139aca6e64b76ca3372ba3e
Protocol: H2
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sumo-auth
Origin: https://breaking-news.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.14.1
date: Thu, 06 May 2021 18:41:07 GMT
access-control-allow-origin: https://breaking-news.ca
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

GET
H2 200 features Show response
sumo.com/api/site/842f3b18619e0fa2f3b9aac8c35094d975447d578139aca6e64b76ca3372ba3e/ 3 KB
1 KB 217ms
217ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/842f3b18619e0fa2f3b9aac8c35094d975447d578139aca6e64b76ca3372ba3e/features?site_id=842f3b18619e0fa2f3b9aac8c35094d975447d578139aca6e64b76ca3372ba3e

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.14.1 /

Resource Hash

058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Sumo-Auth: undefined

Response headers

date: Thu, 06 May 2021 18:41:08 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
etag: "-362431178"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://breaking-news.ca
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

GET
H2 200 features Show response
sumo.com/api/site/842f3b18619e0fa2f3b9aac8c35094d975447d578139aca6e64b76ca3372ba3e/ 3 KB
1 KB 218ms
217ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/842f3b18619e0fa2f3b9aac8c35094d975447d578139aca6e64b76ca3372ba3e/features?site_id=842f3b18619e0fa2f3b9aac8c35094d975447d578139aca6e64b76ca3372ba3e

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.14.1 /

Resource Hash

058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Sumo-Auth: undefined

Response headers

date: Thu, 06 May 2021 18:41:08 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
etag: "-362431178"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://breaking-news.ca
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

OPTIONS
H2 204 features
sumo.com/api/site/842f3b18619e0fa2f3b9aac8c35094d975447d578139aca6e64b76ca3372ba3e/ Frame 0
0 208ms
208ms Preflight 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/842f3b18619e0fa2f3b9aac8c35094d975447d578139aca6e64b76ca3372ba3e/features?site_id=842f3b18619e0fa2f3b9aac8c35094d975447d578139aca6e64b76ca3372ba3e
Protocol: H2
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sumo-auth
Origin: https://breaking-news.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.14.1
date: Thu, 06 May 2021 18:41:07 GMT
access-control-allow-origin: https://breaking-news.ca
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

GET
H2 200 show.php Show response
uprimp.com/ Frame F16E 2 KB
2 KB 107ms
107ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/show.php?u8561620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=a16952ce88b9d9f0b6c46ad7db7b4ade&cc=PL&https=1&useAf=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646232108&xtt=8595630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 715c2623125e30d3084b218ac3999771b25d21cecc7edb8b7fc52ef9110add98

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /show.php?u8561620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=a16952ce88b9d9f0b6c46ad7db7b4ade&cc=PL&https=1&useAf=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646232108&xtt=8595630
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: used_ad2316997=1; total_impressions=1; cpa_673873=300x250_935756789_0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646232108&xtt=8595630

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 06 May 2021 18:41:09 GMT
last-modified: Thu, 06 May 2021 18:41:09 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 show.php Show response
uprimp.com/ Frame CC0C 2 KB
2 KB 106ms
106ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/show.php?u12611620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=912bf6666b2b3acbe014751811285c03&cc=PL&https=1&useAf=loaded_string_783369f631efd6381b04dcfd533f57ded11ed_2431076_1620326463.0222_45744&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646290379&xtt=3249155
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: bff23d27c85ae58b6970cf16ec5e5da7b58e174f40a37c1a4263feefca116569

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /show.php?u12611620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=912bf6666b2b3acbe014751811285c03&cc=PL&https=1&useAf=loaded_string_783369f631efd6381b04dcfd533f57ded11ed_2431076_1620326463.0222_45744&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646290379&xtt=3249155
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: used_ad2316997=1; total_impressions=1; cpa_673873=300x250_935756789_0; used_ad2431076=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646290379&xtt=3249155

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 06 May 2021 18:41:09 GMT
last-modified: Thu, 06 May 2021 18:41:09 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 show.php Show response
uprimp.com/ Frame 72FA 2 KB
2 KB 105ms
105ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/show.php?u1601620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=97681c8a1ee697bea59c484f8154f868&cc=PL&https=1&useAf=loaded_string_437039f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.4909_13371&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646295406&xtt=7307262
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 21a09f863ea57a5da7336b7580db8ed4efa098a24eba58240b298a0a80eb0a52

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /show.php?u1601620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=97681c8a1ee697bea59c484f8154f868&cc=PL&https=1&useAf=loaded_string_437039f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.4909_13371&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646295406&xtt=7307262
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: used_ad2316997=1; total_impressions=1; cpa_673873=300x250_935756789_0; used_ad2431076=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646295406&xtt=7307262

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 06 May 2021 18:41:09 GMT
last-modified: Thu, 06 May 2021 18:41:09 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 / Show response
namel.net/148bcf03fc/bb6bac9292/ Frame F16E 1 KB
902 B 305ms
104ms Script
application/javascript 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_44383&adApiR=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u8561620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=a16952ce88b9d9f0b6c46ad7db7b4ade&cc=PL&https=1&useAf=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: 0298fddafba73b61bae8f24ad823dafea3d3f22917e126e4f013b8fa2683005b

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_s9c2nm.png
ylx-i.advertica-cdn2.com/aff/ Frame F16E 26 KB
26 KB 346ms
159ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_s9c2nm.png?1480419364
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u8561620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=a16952ce88b9d9f0b6c46ad7db7b4ade&cc=PL&https=1&useAf=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 516c1cd728e7fbf78593b5cee126e73b10ba08f946c8a2c6c12a1c880f8d2dfb

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:04 GMT
server: nginx
etag: W/"583d6824-68a8"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sat, 05 Jun 2021 18:41:09 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame F16E 2 KB
1 KB 353ms
166ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u8561620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=a16952ce88b9d9f0b6c46ad7db7b4ade&cc=PL&https=1&useAf=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sat, 05 Jun 2021 18:41:09 GMT

GET
H2 200 /
uprimp.com/trk/ Frame F16E 43 B
268 B 122ms
121ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uprimp.com/trk/?a16952ce88b9d9f0b6c46ad7db7b4ade
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u8561620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=a16952ce88b9d9f0b6c46ad7db7b4ade&cc=PL&https=1&useAf=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://uprimp.com/show.php?u8561620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=a16952ce88b9d9f0b6c46ad7db7b4ade&cc=PL&https=1&useAf=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
last-modified: Thu, 06 May 2021 18:41:09 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 200 show.php Show response
uprimp.com/ Frame 12F2 2 KB
2 KB 107ms
102ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/show.php?u11951620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=c0476ad8554c018d427c80f45adf921e&cc=PL&https=1&useAf=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646228400&xtt=3486054
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 6a8a5f81599e5c001d7f92b4eeb786752adcf64dbbf53a48c251d67d7b2f9d14

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /show.php?u11951620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=c0476ad8554c018d427c80f45adf921e&cc=PL&https=1&useAf=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646228400&xtt=3486054
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: used_ad2316997=1; total_impressions=1; cpa_673873=300x250_935756789_0; used_ad2431076=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646228400&xtt=3486054

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 06 May 2021 18:41:09 GMT
last-modified: Thu, 06 May 2021 18:41:09 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 / Show response
namel.net/148bcf03fc/bb6bac9292/ Frame CC0C 1 KB
903 B 270ms
102ms Script
application/javascript 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_89878&adApiR=loaded_string_783369f631efd6381b04dcfd533f57ded11ed_2431076_1620326463.0222_45744&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u12611620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=912bf6666b2b3acbe014751811285c03&cc=PL&https=1&useAf=loaded_string_783369f631efd6381b04dcfd533f57ded11ed_2431076_1620326463.0222_45744&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: 0ca7ec873a3dda301467c9a31f9486254b486bfe1046908913b4ab8b5e7b19b3

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_s9c2nm.png
ylx-i.advertica-cdn2.com/aff/ Frame CC0C 26 KB
26 KB 382ms
229ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_s9c2nm.png?1480419364
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u12611620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=912bf6666b2b3acbe014751811285c03&cc=PL&https=1&useAf=loaded_string_783369f631efd6381b04dcfd533f57ded11ed_2431076_1620326463.0222_45744&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 516c1cd728e7fbf78593b5cee126e73b10ba08f946c8a2c6c12a1c880f8d2dfb

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:04 GMT
server: nginx
etag: W/"583d6824-68a8"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sat, 05 Jun 2021 18:41:09 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame CC0C 2 KB
1 KB 399ms
246ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u12611620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=912bf6666b2b3acbe014751811285c03&cc=PL&https=1&useAf=loaded_string_783369f631efd6381b04dcfd533f57ded11ed_2431076_1620326463.0222_45744&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sat, 05 Jun 2021 18:41:09 GMT

GET
H2 200 /
uprimp.com/trk/ Frame CC0C 43 B
268 B 116ms
116ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uprimp.com/trk/?912bf6666b2b3acbe014751811285c03
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u12611620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=912bf6666b2b3acbe014751811285c03&cc=PL&https=1&useAf=loaded_string_783369f631efd6381b04dcfd533f57ded11ed_2431076_1620326463.0222_45744&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://uprimp.com/show.php?u12611620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=912bf6666b2b3acbe014751811285c03&cc=PL&https=1&useAf=loaded_string_783369f631efd6381b04dcfd533f57ded11ed_2431076_1620326463.0222_45744&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
last-modified: Thu, 06 May 2021 18:41:09 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 200 / Show response
namel.net/148bcf03fc/bb6bac9292/ Frame 72FA 1 KB
900 B 264ms
103ms Script
application/javascript 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_77489&adApiR=loaded_string_437039f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.4909_13371&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u1601620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=97681c8a1ee697bea59c484f8154f868&cc=PL&https=1&useAf=loaded_string_437039f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.4909_13371&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: 12ac362a9b35e535f3e49fe0df7aaa14e6201a4c663731625dd7441de1c3cfbb

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_s9c2nm.png
ylx-i.advertica-cdn2.com/aff/ Frame 72FA 26 KB
26 KB 386ms
240ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_s9c2nm.png?1480419364
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u1601620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=97681c8a1ee697bea59c484f8154f868&cc=PL&https=1&useAf=loaded_string_437039f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.4909_13371&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 516c1cd728e7fbf78593b5cee126e73b10ba08f946c8a2c6c12a1c880f8d2dfb

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:04 GMT
server: nginx
etag: W/"583d6824-68a8"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sat, 05 Jun 2021 18:41:09 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame 72FA 2 KB
1 KB 379ms
233ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u1601620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=97681c8a1ee697bea59c484f8154f868&cc=PL&https=1&useAf=loaded_string_437039f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.4909_13371&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sat, 05 Jun 2021 18:41:09 GMT

GET
H2 200 /
uprimp.com/trk/ Frame 72FA 43 B
268 B 109ms
109ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uprimp.com/trk/?97681c8a1ee697bea59c484f8154f868
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u1601620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=97681c8a1ee697bea59c484f8154f868&cc=PL&https=1&useAf=loaded_string_437039f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.4909_13371&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://uprimp.com/show.php?u1601620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=97681c8a1ee697bea59c484f8154f868&cc=PL&https=1&useAf=loaded_string_437039f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.4909_13371&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
last-modified: Thu, 06 May 2021 18:41:09 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 200 show.php Show response
uprimp.com/ Frame D649 2 KB
2 KB 107ms
107ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/show.php?u44291620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=551e18751045681b63de626765389f77&cc=PL&https=1&useAf=loaded_string_371529f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.7212_56442&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646288475&xtt=7222464
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 6140ee5cac18f5d80c29337a12c8ccb07dab97fa1825bda4dfba0751b52841e1

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /show.php?u44291620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=551e18751045681b63de626765389f77&cc=PL&https=1&useAf=loaded_string_371529f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.7212_56442&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646288475&xtt=7222464
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: used_ad2316997=1; total_impressions=1; cpa_673873=300x250_935756789_0; used_ad2431076=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&xt=162032646288475&xtt=7222464

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 06 May 2021 18:41:09 GMT
last-modified: Thu, 06 May 2021 18:41:09 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 show.php Show response
uprimp.com/ Frame 774A 2 KB
2 KB 103ms
103ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/show.php?u66761620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=ce7f1b7c10708b24cfea4a6a6a72758f&cc=PL&https=1&useAf=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646270786&xtt=5688549
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: a7fe8ae5b46b4fc09c2dfae9ec67512c8304d12df3d72f94948d87348407437f

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /show.php?u66761620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=ce7f1b7c10708b24cfea4a6a6a72758f&cc=PL&https=1&useAf=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646270786&xtt=5688549
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: used_ad2316997=1; total_impressions=1; cpa_673873=300x250_935756789_0; used_ad2431076=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://uprimp.com/bnr_xload.php?section=General&pub=167612&format=300x250&ga=g&bg=1&xt=162032646270786&xtt=5688549

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 06 May 2021 18:41:09 GMT
last-modified: Thu, 06 May 2021 18:41:09 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 / Show response
namel.net/148bcf03fc/bb6bac9292/ Frame 12F2 1 KB
907 B 190ms
102ms Script
application/javascript 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u11951620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=c0476ad8554c018d427c80f45adf921e&cc=PL&https=1&useAf=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: 80f90aa4e2669fa8ef7446b1293e7c7228e7fe026aa88a3af90db19b164f90c8

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_s9c2nm.png
ylx-i.advertica-cdn2.com/aff/ Frame 12F2 26 KB
26 KB 320ms
246ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_s9c2nm.png?1480419364
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u11951620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=c0476ad8554c018d427c80f45adf921e&cc=PL&https=1&useAf=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 516c1cd728e7fbf78593b5cee126e73b10ba08f946c8a2c6c12a1c880f8d2dfb

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:04 GMT
server: nginx
etag: W/"583d6824-68a8"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sat, 05 Jun 2021 18:41:09 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame 12F2 2 KB
1 KB 240ms
167ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u11951620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=c0476ad8554c018d427c80f45adf921e&cc=PL&https=1&useAf=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sat, 05 Jun 2021 18:41:09 GMT

GET
H2 200 /
uprimp.com/trk/ Frame 12F2 43 B
268 B 108ms
108ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uprimp.com/trk/?c0476ad8554c018d427c80f45adf921e
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u11951620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=c0476ad8554c018d427c80f45adf921e&cc=PL&https=1&useAf=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://uprimp.com/show.php?u11951620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=c0476ad8554c018d427c80f45adf921e&cc=PL&https=1&useAf=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
last-modified: Thu, 06 May 2021 18:41:09 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 200 / Show response
namel.net/148bcf03fc/bb6bac9292/ Frame D649 1 KB
901 B 146ms
103ms Script
application/javascript 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_49672&adApiR=loaded_string_371529f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.7212_56442&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u44291620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=551e18751045681b63de626765389f77&cc=PL&https=1&useAf=loaded_string_371529f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.7212_56442&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: 3e235048310052564284d63329ab641bdf6d32763697812ab560372163b89f21

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_s9c2nm.png
ylx-i.advertica-cdn2.com/aff/ Frame D649 26 KB
26 KB 274ms
245ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_s9c2nm.png?1480419364
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u44291620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=551e18751045681b63de626765389f77&cc=PL&https=1&useAf=loaded_string_371529f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.7212_56442&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 516c1cd728e7fbf78593b5cee126e73b10ba08f946c8a2c6c12a1c880f8d2dfb

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:04 GMT
server: nginx
etag: W/"583d6824-68a8"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sat, 05 Jun 2021 18:41:09 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame D649 2 KB
1 KB 274ms
246ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u44291620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=551e18751045681b63de626765389f77&cc=PL&https=1&useAf=loaded_string_371529f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.7212_56442&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sat, 05 Jun 2021 18:41:09 GMT

GET
H2 200 /
uprimp.com/trk/ Frame D649 43 B
268 B 103ms
103ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uprimp.com/trk/?551e18751045681b63de626765389f77
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u44291620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=551e18751045681b63de626765389f77&cc=PL&https=1&useAf=loaded_string_371529f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.7212_56442&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://uprimp.com/show.php?u44291620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=551e18751045681b63de626765389f77&cc=PL&https=1&useAf=loaded_string_371529f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.7212_56442&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
last-modified: Thu, 06 May 2021 18:41:09 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 200 / Show response
namel.net/148bcf03fc/bb6bac9292/ Frame 774A 1 KB
902 B 138ms
102ms Script
application/javascript 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_53510&adApiR=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u66761620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=ce7f1b7c10708b24cfea4a6a6a72758f&cc=PL&https=1&useAf=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: e97799e36f38b3d8696b99973e0be900ef693ae9e98ab5585988fd4e23d6fe4a

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_s9c2nm.png
ylx-i.advertica-cdn2.com/aff/ Frame 774A 26 KB
26 KB 268ms
246ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_s9c2nm.png?1480419364
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u66761620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=ce7f1b7c10708b24cfea4a6a6a72758f&cc=PL&https=1&useAf=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 516c1cd728e7fbf78593b5cee126e73b10ba08f946c8a2c6c12a1c880f8d2dfb

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:04 GMT
server: nginx
etag: W/"583d6824-68a8"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sat, 05 Jun 2021 18:41:09 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame 774A 2 KB
1 KB 268ms
246ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u66761620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=ce7f1b7c10708b24cfea4a6a6a72758f&cc=PL&https=1&useAf=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sat, 05 Jun 2021 18:41:09 GMT

GET
H2 200 /
uprimp.com/trk/ Frame 774A 43 B
268 B 103ms
102ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uprimp.com/trk/?ce7f1b7c10708b24cfea4a6a6a72758f
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u66761620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=ce7f1b7c10708b24cfea4a6a6a72758f&cc=PL&https=1&useAf=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://uprimp.com/show.php?u66761620326469=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDI1ODBkZTNiNTNkODkwN2YzODZiMzcyNzRkMzQ2MmQ=&u=167612&si=935756789&di=39348637&ci=16&h=ce7f1b7c10708b24cfea4a6a6a72758f&cc=PL&https=1&useAf=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&ar=aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
last-modified: Thu, 06 May 2021 18:41:09 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 200 / Show response
namel.net/148bcf03fc/bb6bac9292/ Frame C1AF 12 KB
5 KB 107ms
107ms Document
text/html 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_53510&adApiR=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=592643491817&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Requested by: Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_53510&adApiR=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: f5117b5d034d982061099fee3ecbdfdb37ba61bf14d655bb8ae6aa7df90c6dc5

Request headers

:method: GET
:authority: namel.net
:scheme: https
:path: /148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_53510&adApiR=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=592643491817&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uprimp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://uprimp.com/

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2316997=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br

GET
H2 200 / Show response
namel.net/148bcf03fc/bb6bac9292/ Frame E22F 12 KB
5 KB 108ms
108ms Document
text/html 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Requested by: Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: 1586f5799c0af70fb1b93bba1b43815b370caed19c05b5d176427af149b1c331

Request headers

:method: GET
:authority: namel.net
:scheme: https
:path: /148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uprimp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://uprimp.com/

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2316997=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br

GET
H2 200 / Show response
namel.net/148bcf03fc/bb6bac9292/ Frame B52B 20 KB
3 KB 108ms
108ms Document
text/html 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_89878&adApiR=loaded_string_783369f631efd6381b04dcfd533f57ded11ed_2431076_1620326463.0222_45744&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1626442833291&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Requested by: Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_89878&adApiR=loaded_string_783369f631efd6381b04dcfd533f57ded11ed_2431076_1620326463.0222_45744&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: 620bfe701afd270878d7251d200acaa764bc7b2192ded4f890c2981c1de52b4c

Request headers

:method: GET
:authority: namel.net
:scheme: https
:path: /148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_89878&adApiR=loaded_string_783369f631efd6381b04dcfd533f57ded11ed_2431076_1620326463.0222_45744&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1626442833291&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uprimp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://uprimp.com/

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2431076=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br

GET
H2 200 / Show response
namel.net/148bcf03fc/bb6bac9292/ Frame 3707 12 KB
5 KB 108ms
108ms Document
text/html 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_44383&adApiR=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1052388035583&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Requested by: Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_44383&adApiR=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: fe0e0bf53152838d5558049de2c1c27ed5edec73c443d3dd62b18595c857a1e1

Request headers

:method: GET
:authority: namel.net
:scheme: https
:path: /148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_44383&adApiR=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1052388035583&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uprimp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://uprimp.com/

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2316997=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br

GET
H2 200 / Show response
namel.net/148bcf03fc/bb6bac9292/ Frame 91F8 25 KB
4 KB 107ms
107ms Document
text/html 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_49672&adApiR=loaded_string_371529f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.7212_56442&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1481491813972&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Requested by: Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_49672&adApiR=loaded_string_371529f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.7212_56442&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: 21bbe0d1bce698e01827f9133968c889e05566d3b17ef2db38ad5b4f62c995b9

Request headers

:method: GET
:authority: namel.net
:scheme: https
:path: /148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_49672&adApiR=loaded_string_371529f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.7212_56442&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1481491813972&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uprimp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://uprimp.com/

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2431076=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br

GET
H2 200 / Show response
namel.net/148bcf03fc/bb6bac9292/ Frame AE7B 20 KB
3 KB 162ms
161ms Document
text/html 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_77489&adApiR=loaded_string_437039f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.4909_13371&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=969322091600&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Requested by: Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_77489&adApiR=loaded_string_437039f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.4909_13371&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: 813d4ee3ba69532b6ecb9b73c7dd5f8c3b6aa81e0790277bf40b2bc600245047

Request headers

:method: GET
:authority: namel.net
:scheme: https
:path: /148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_77489&adApiR=loaded_string_437039f631efd6381b04dcfd533f57ded11ed_2431076_1620326462.4909_13371&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=969322091600&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uprimp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://uprimp.com/

Response headers

server: nginx
date: Thu, 06 May 2021 18:41:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2431076=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br

GET
H3-29 200 css
fonts.googleapis.com/ Frame C1AF 2 KB
554 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Vollkorn:900&display=swap

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_53510&adApiR=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=592643491817&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63f2875205d7cac62db77d2776770a0bc0350d3dd531672435c2dea2da23b46e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 May 2021 18:20:21 GMT
server: ESF
date: Thu, 06 May 2021 18:41:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 May 2021 18:41:09 GMT

GET
H3-29 200 icon
fonts.googleapis.com/ Frame C1AF 568 B
365 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

011f65213dcc2dc9464f07a61c75125c3ef8061f37ca3921c4b6771421b4235b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 May 2021 18:41:09 GMT
server: ESF
date: Thu, 06 May 2021 18:41:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 May 2021 18:41:09 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ Frame C1AF 141 KB
18 KB 27ms
24ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://namel.net
Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 1338845
cdn-cachedat: 2021-04-21 07:51:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e494e84600004e98f8b2b000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 27bf8d1ce333bced5f7891e91a22555a
cf-ray: 64b45753ad124e98-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame C1AF 94 KB
33 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 11:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110772
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 May 2022 11:54:57 GMT

GET
H2 200 / Show response
vidtrends.net/api/bannerVideo/article/db/box/ Frame C1AF 6 KB
6 KB 348ms
160ms Script
text/javascript 185.66.200.41
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://vidtrends.net/api/bannerVideo/article/db/box/
Requested by: Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_53510&adApiR=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=592643491817&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.41 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.41.skhosting.eu
Software: nginx/1.18.0 /
Resource Hash: d8871eea8ab27838e7adbb42389c627bccc78653f5c69c326c0709b3261d2cdd

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
server: nginx/1.18.0
content-type: text/javascript;charset=UTF-8

GET
H3-29 200 css
fonts.googleapis.com/ Frame E22F 2 KB
554 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Vollkorn:900&display=swap

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63f2875205d7cac62db77d2776770a0bc0350d3dd531672435c2dea2da23b46e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 May 2021 18:41:09 GMT
server: ESF
date: Thu, 06 May 2021 18:41:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 May 2021 18:41:09 GMT

GET
H3-29 200 icon
fonts.googleapis.com/ Frame E22F 568 B
365 B 20ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

011f65213dcc2dc9464f07a61c75125c3ef8061f37ca3921c4b6771421b4235b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 May 2021 18:41:09 GMT
server: ESF
date: Thu, 06 May 2021 18:41:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 May 2021 18:41:09 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ Frame E22F 141 KB
18 KB 19ms
17ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://namel.net
Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 1338845
cdn-cachedat: 2021-04-21 07:51:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e494e84b00004e98371c2000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 27bf8d1ce333bced5f7891e91a22555a
cf-ray: 64b45753ad2a4e98-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame E22F 94 KB
33 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 11:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110772
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 May 2022 11:54:57 GMT

GET
H2 200 / Show response
vidtrends.net/api/bannerVideo/article/db/box/ Frame E22F 6 KB
6 KB 279ms
97ms Script
text/javascript 185.66.200.41
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://vidtrends.net/api/bannerVideo/article/db/box/
Requested by: Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.41 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.41.skhosting.eu
Software: nginx/1.18.0 /
Resource Hash: 8d6666ba395abfe65d7bbe080167303c860b76ff179103c2dc8295721123d5a2

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
server: nginx/1.18.0
content-type: text/javascript;charset=UTF-8

GET
H3-29 200 css
fonts.googleapis.com/ Frame 3707 2 KB
554 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Vollkorn:900&display=swap

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_44383&adApiR=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1052388035583&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63f2875205d7cac62db77d2776770a0bc0350d3dd531672435c2dea2da23b46e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 May 2021 18:41:09 GMT
server: ESF
date: Thu, 06 May 2021 18:41:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 May 2021 18:41:09 GMT

GET
H3-29 200 icon
fonts.googleapis.com/ Frame 3707 568 B
365 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_44383&adApiR=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1052388035583&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

011f65213dcc2dc9464f07a61c75125c3ef8061f37ca3921c4b6771421b4235b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 May 2021 18:41:09 GMT
server: ESF
date: Thu, 06 May 2021 18:41:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 May 2021 18:41:09 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ Frame 3707 141 KB
18 KB 21ms
20ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_44383&adApiR=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1052388035583&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://namel.net
Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 1338845
cdn-cachedat: 2021-04-21 07:51:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e494e85600004e98d78f6000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 27bf8d1ce333bced5f7891e91a22555a
cf-ray: 64b45753bd634e98-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame 3707 94 KB
33 KB 25ms
19ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_44383&adApiR=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1052388035583&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 11:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110772
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 May 2022 11:54:57 GMT

GET
H2 200 / Show response
vidtrends.net/api/bannerVideo/article/db/box/ Frame 3707 6 KB
6 KB 337ms
165ms Script
text/javascript 185.66.200.41
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://vidtrends.net/api/bannerVideo/article/db/box/
Requested by: Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_44383&adApiR=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1052388035583&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.41 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.41.skhosting.eu
Software: nginx/1.18.0 /
Resource Hash: 7bf3fa46dbc796813536555cdd9f6967014235d64d8d5ee1568da07b19b23331

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:09 GMT
server: nginx/1.18.0
content-type: text/javascript;charset=UTF-8

GET
H2 200 bg.jpg
namel.net/148bcf03fc/bb6bac9292/ Frame C1AF 2 KB
2 KB 102ms
102ms Image
application/javascript 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://namel.net/148bcf03fc/bb6bac9292/bg.jpg
Requested by: Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_53510&adApiR=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=592643491817&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_53510&adApiR=loaded_string_430699f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.5815_51677&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=592643491817&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C1AF 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60c8466c03966918947345e6baf8fc7cd2b152c0bd0107ef2158f63dad2e845b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 0ybgGDoxxrvAnPhYGzMlQLzuMasz6Df2mXaeHmmc.woff2
fonts.gstatic.com/s/vollkorn/v13/ Frame C1AF 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v13/0ybgGDoxxrvAnPhYGzMlQLzuMasz6Df2mXaeHmmc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8b83eae8299661d83d0956e93aa25f1e653a6c145079bb5017e60d7832b765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://namel.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:07:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 21:07:40 GMT
server: sffe
age: 405229
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23680
x-xss-protection: 0
expires: Mon, 02 May 2022 02:07:20 GMT

GET
H2 200 bg.jpg
namel.net/148bcf03fc/bb6bac9292/ Frame E22F 2 KB
2 KB 113ms
113ms Image
application/javascript 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://namel.net/148bcf03fc/bb6bac9292/bg.jpg
Requested by: Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E22F 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60c8466c03966918947345e6baf8fc7cd2b152c0bd0107ef2158f63dad2e845b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 0ybgGDoxxrvAnPhYGzMlQLzuMasz6Df2mXaeHmmc.woff2
fonts.gstatic.com/s/vollkorn/v13/ Frame E22F 23 KB
23 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v13/0ybgGDoxxrvAnPhYGzMlQLzuMasz6Df2mXaeHmmc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:900&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8b83eae8299661d83d0956e93aa25f1e653a6c145079bb5017e60d7832b765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://namel.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:07:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 21:07:40 GMT
server: sffe
age: 405229
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23680
x-xss-protection: 0
expires: Mon, 02 May 2022 02:07:20 GMT

GET
H2 200 bg.jpg
namel.net/148bcf03fc/bb6bac9292/ Frame 3707 2 KB
2 KB 103ms
103ms Image
application/javascript 185.66.201.34
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://namel.net/148bcf03fc/bb6bac9292/bg.jpg
Requested by: Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_44383&adApiR=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1052388035583&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: at-public.skhosting.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_44383&adApiR=loaded_string_887739f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.4928_55267&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1052388035583&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 18:41:09 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3707 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60c8466c03966918947345e6baf8fc7cd2b152c0bd0107ef2158f63dad2e845b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 0ybgGDoxxrvAnPhYGzMlQLzuMasz6Df2mXaeHmmc.woff2
fonts.gstatic.com/s/vollkorn/v13/ Frame 3707 23 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v13/0ybgGDoxxrvAnPhYGzMlQLzuMasz6Df2mXaeHmmc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:900&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8b83eae8299661d83d0956e93aa25f1e653a6c145079bb5017e60d7832b765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://namel.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:07:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 21:07:40 GMT
server: sffe
age: 405229
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23680
x-xss-protection: 0
expires: Mon, 02 May 2022 02:07:20 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/dxy9vfyXkGk/ Frame E22F 16 KB
16 KB 29ms
7ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/dxy9vfyXkGk/mqdefault.jpg

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fef5828a082a7e8455a5d94215bc88356c216a5077d7cf57fee20bcca8aaa44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:24:33 GMT
x-content-type-options: nosniff
server: sffe
age: 997
etag: "1500614572"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16422
x-xss-protection: 0
expires: Thu, 06 May 2021 20:24:33 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/DgljZozCgQg/ Frame E22F 14 KB
14 KB 42ms
20ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/DgljZozCgQg/mqdefault.jpg

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cfeb7fd0db448cbf70d94ed001c56d92d745a756be2e76a065502e86f535005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:10 GMT
x-content-type-options: nosniff
server: sffe
etag: "1607279582"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14462
x-xss-protection: 0
expires: Thu, 06 May 2021 20:41:10 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/OagTXWfaXEo/ Frame E22F 16 KB
16 KB 34ms
12ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/OagTXWfaXEo/mqdefault.jpg

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575d601b25a0dc437efc3461dfb3d9f254b5c440c38a9b990f89b4584e7073a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:12:19 GMT
x-content-type-options: nosniff
server: sffe
age: 1731
etag: "1508303131"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16625
x-xss-protection: 0
expires: Thu, 06 May 2021 20:12:19 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/Upbe6OqmZFs/ Frame E22F 17 KB
17 KB 35ms
14ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Upbe6OqmZFs/mqdefault.jpg

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4682c469052a24dec21bc77e140588ddadcb6d2753dada01e153207e0074e828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 17:53:48 GMT
x-content-type-options: nosniff
server: sffe
age: 2842
etag: "1606757661"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17630
x-xss-protection: 0
expires: Thu, 06 May 2021 19:53:48 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/srfN6wSN2t8/ Frame E22F 12 KB
12 KB 40ms
19ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/srfN6wSN2t8/mqdefault.jpg

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

827298eab0679993bc338a61c618c43c4db311e4f697e302ca0624e9f13fe700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 16:53:52 GMT
x-content-type-options: nosniff
server: sffe
age: 6438
etag: "1518046491"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12590
x-xss-protection: 0
expires: Thu, 06 May 2021 18:53:52 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/O1nKiUyaqxA/ Frame E22F 22 KB
22 KB 39ms
18ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/O1nKiUyaqxA/mqdefault.jpg

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64e97e614f8b08120752f08c7bc4acfd61e38d0a63b4ea9bc07f80c5a2a42d9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:31:46 GMT
x-content-type-options: nosniff
server: sffe
age: 564
etag: "1576740027"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22519
x-xss-protection: 0
expires: Thu, 06 May 2021 20:31:46 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/9lzg_6BFgpI/ Frame E22F 16 KB
16 KB 25ms
10ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/9lzg_6BFgpI/mqdefault.jpg

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

625acf8e86c50bce6fadff745b616066738ad0dc72886e25bb0cdc6b2f0ea0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:28:58 GMT
x-content-type-options: nosniff
server: sffe
age: 732
etag: "1602519601"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16651
x-xss-protection: 0
expires: Thu, 06 May 2021 20:28:58 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/d6t_wE6yMbg/ Frame E22F 29 KB
29 KB 27ms
12ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/d6t_wE6yMbg/mqdefault.jpg

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a7b0dea622a306b7a25848cb60e48146feb8f07b87e15bd233236de1f365630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 16:56:12 GMT
x-content-type-options: nosniff
server: sffe
age: 6298
etag: "1532289593"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30048
x-xss-protection: 0
expires: Thu, 06 May 2021 18:56:12 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/fLXC_-UWiI0/ Frame E22F 18 KB
18 KB 21ms
7ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/fLXC_-UWiI0/mqdefault.jpg

Requested by

Host: namel.net
URL: https://namel.net/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrGdCkiAGAdGjkCikAAGjCxCiGNrZxNrAdNZZxCrCZZZCCrixCjkCrCrGCxCkikrZrGGCCr_61795&adApiR=loaded_string_972779f631efd6381b04dcfd533f57ded11ed_2316997_1620326462.8937_60703&refferer=410165085_aHR0cHM6Ly9icmVha2luZy1uZXdzLmNhLw==&width=300&height=250&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1310300776870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4e222b67e2bd9c68793bccacc0b48ac2bbd716e80f4198a56f9c87b9c9a2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:10:54 GMT
x-content-type-options: nosniff
server: sffe
age: 1816
etag: "1609083097"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Thu, 06 May 2021 20:10:54 GMT

GET
H3-29 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v85/ Frame E22F 100 KB
100 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v85/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ee528fae3270a18f9ef02e08baa054b2a428d449190346a68afefeb047fa6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://namel.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 22:06:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 23:28:06 GMT
server: sffe
age: 592496
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102728
x-xss-protection: 0
expires: Fri, 29 Apr 2022 22:06:13 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/DgljZozCgQg/ Frame C1AF 14 KB
14 KB 16ms
9ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/DgljZozCgQg/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cfeb7fd0db448cbf70d94ed001c56d92d745a756be2e76a065502e86f535005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:10 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1607279582"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14462
x-xss-protection: 0
expires: Thu, 06 May 2021 20:41:10 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/9lzg_6BFgpI/ Frame C1AF 16 KB
16 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/9lzg_6BFgpI/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

625acf8e86c50bce6fadff745b616066738ad0dc72886e25bb0cdc6b2f0ea0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:28:58 GMT
x-content-type-options: nosniff
server: sffe
age: 732
etag: "1602519601"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16651
x-xss-protection: 0
expires: Thu, 06 May 2021 20:28:58 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/srfN6wSN2t8/ Frame C1AF 12 KB
12 KB 17ms
12ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/srfN6wSN2t8/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

827298eab0679993bc338a61c618c43c4db311e4f697e302ca0624e9f13fe700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 16:53:52 GMT
x-content-type-options: nosniff
server: sffe
age: 6438
etag: "1518046491"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12590
x-xss-protection: 0
expires: Thu, 06 May 2021 18:53:52 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/O1nKiUyaqxA/ Frame C1AF 22 KB
22 KB 16ms
11ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/O1nKiUyaqxA/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64e97e614f8b08120752f08c7bc4acfd61e38d0a63b4ea9bc07f80c5a2a42d9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:31:46 GMT
x-content-type-options: nosniff
server: sffe
age: 564
etag: "1576740027"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22519
x-xss-protection: 0
expires: Thu, 06 May 2021 20:31:46 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/dxy9vfyXkGk/ Frame C1AF 16 KB
16 KB 14ms
9ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/dxy9vfyXkGk/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fef5828a082a7e8455a5d94215bc88356c216a5077d7cf57fee20bcca8aaa44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:24:33 GMT
x-content-type-options: nosniff
server: sffe
age: 997
etag: "1500614572"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16422
x-xss-protection: 0
expires: Thu, 06 May 2021 20:24:33 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/Upbe6OqmZFs/ Frame C1AF 17 KB
17 KB 19ms
14ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Upbe6OqmZFs/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4682c469052a24dec21bc77e140588ddadcb6d2753dada01e153207e0074e828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 17:53:48 GMT
x-content-type-options: nosniff
server: sffe
age: 2842
etag: "1606757661"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17630
x-xss-protection: 0
expires: Thu, 06 May 2021 19:53:48 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/d6t_wE6yMbg/ Frame C1AF 29 KB
29 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/d6t_wE6yMbg/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a7b0dea622a306b7a25848cb60e48146feb8f07b87e15bd233236de1f365630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 16:56:12 GMT
x-content-type-options: nosniff
server: sffe
age: 6298
etag: "1532289593"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30048
x-xss-protection: 0
expires: Thu, 06 May 2021 18:56:12 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/fLXC_-UWiI0/ Frame C1AF 18 KB
18 KB 12ms
8ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/fLXC_-UWiI0/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4e222b67e2bd9c68793bccacc0b48ac2bbd716e80f4198a56f9c87b9c9a2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:10:54 GMT
x-content-type-options: nosniff
server: sffe
age: 1816
etag: "1609083097"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Thu, 06 May 2021 20:10:54 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/OagTXWfaXEo/ Frame C1AF 16 KB
16 KB 15ms
11ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/OagTXWfaXEo/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575d601b25a0dc437efc3461dfb3d9f254b5c440c38a9b990f89b4584e7073a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:12:19 GMT
x-content-type-options: nosniff
server: sffe
age: 1731
etag: "1508303131"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16625
x-xss-protection: 0
expires: Thu, 06 May 2021 20:12:19 GMT

GET
H3-29 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v85/ Frame C1AF 100 KB
100 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v85/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ee528fae3270a18f9ef02e08baa054b2a428d449190346a68afefeb047fa6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://namel.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 22:06:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 23:28:06 GMT
server: sffe
age: 592497
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102728
x-xss-protection: 0
expires: Fri, 29 Apr 2022 22:06:13 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/OagTXWfaXEo/ Frame 3707 16 KB
16 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/OagTXWfaXEo/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575d601b25a0dc437efc3461dfb3d9f254b5c440c38a9b990f89b4584e7073a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:12:19 GMT
x-content-type-options: nosniff
server: sffe
age: 1731
etag: "1508303131"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16625
x-xss-protection: 0
expires: Thu, 06 May 2021 20:12:19 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/dxy9vfyXkGk/ Frame 3707 16 KB
16 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/dxy9vfyXkGk/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fef5828a082a7e8455a5d94215bc88356c216a5077d7cf57fee20bcca8aaa44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:24:33 GMT
x-content-type-options: nosniff
server: sffe
age: 997
etag: "1500614572"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16422
x-xss-protection: 0
expires: Thu, 06 May 2021 20:24:33 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/9lzg_6BFgpI/ Frame 3707 16 KB
16 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/9lzg_6BFgpI/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

625acf8e86c50bce6fadff745b616066738ad0dc72886e25bb0cdc6b2f0ea0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:28:58 GMT
x-content-type-options: nosniff
server: sffe
age: 732
etag: "1602519601"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16651
x-xss-protection: 0
expires: Thu, 06 May 2021 20:28:58 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/DgljZozCgQg/ Frame 3707 14 KB
14 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/DgljZozCgQg/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cfeb7fd0db448cbf70d94ed001c56d92d745a756be2e76a065502e86f535005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:41:10 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1607279582"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14462
x-xss-protection: 0
expires: Thu, 06 May 2021 20:41:10 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/d6t_wE6yMbg/ Frame 3707 29 KB
29 KB 12ms
9ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/d6t_wE6yMbg/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a7b0dea622a306b7a25848cb60e48146feb8f07b87e15bd233236de1f365630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 16:56:12 GMT
x-content-type-options: nosniff
server: sffe
age: 6298
etag: "1532289593"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30048
x-xss-protection: 0
expires: Thu, 06 May 2021 18:56:12 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/srfN6wSN2t8/ Frame 3707 12 KB
12 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/srfN6wSN2t8/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

827298eab0679993bc338a61c618c43c4db311e4f697e302ca0624e9f13fe700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 16:53:52 GMT
x-content-type-options: nosniff
server: sffe
age: 6438
etag: "1518046491"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12590
x-xss-protection: 0
expires: Thu, 06 May 2021 18:53:52 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/fLXC_-UWiI0/ Frame 3707 18 KB
18 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/fLXC_-UWiI0/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4e222b67e2bd9c68793bccacc0b48ac2bbd716e80f4198a56f9c87b9c9a2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:10:54 GMT
x-content-type-options: nosniff
server: sffe
age: 1816
etag: "1609083097"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Thu, 06 May 2021 20:10:54 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/O1nKiUyaqxA/ Frame 3707 22 KB
22 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/O1nKiUyaqxA/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64e97e614f8b08120752f08c7bc4acfd61e38d0a63b4ea9bc07f80c5a2a42d9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:31:46 GMT
x-content-type-options: nosniff
server: sffe
age: 564
etag: "1576740027"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22519
x-xss-protection: 0
expires: Thu, 06 May 2021 20:31:46 GMT

GET
H3-29 200 mqdefault.jpg
i.ytimg.com/vi/Upbe6OqmZFs/ Frame 3707 17 KB
17 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Upbe6OqmZFs/mqdefault.jpg

Requested by

Host: vidtrends.net
URL: https://vidtrends.net/api/bannerVideo/article/db/box/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4682c469052a24dec21bc77e140588ddadcb6d2753dada01e153207e0074e828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://namel.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 17:53:48 GMT
x-content-type-options: nosniff
server: sffe
age: 2842
etag: "1606757661"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17630
x-xss-protection: 0
expires: Thu, 06 May 2021 19:53:48 GMT

GET
H3-29 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v85/ Frame 3707 100 KB
100 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v85/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ee528fae3270a18f9ef02e08baa054b2a428d449190346a68afefeb047fa6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://namel.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 22:06:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 23:28:06 GMT
server: sffe
age: 592497
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102728
x-xss-protection: 0
expires: Fri, 29 Apr 2022 22:06:13 GMT

OPTIONS
H/1.1 200
OK custom
dibsemey.com/ Frame 0
0 145ms
48ms Preflight
text/plain 139.45.196.206
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dibsemey.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.206 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://breaking-news.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 06 May 2021 18:41:02 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://breaking-news.ca
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
dibsemey.com/ 39 B
491 B 169ms
58ms Fetch
application/json 139.45.196.206
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dibsemey.com/custom

Requested by

Host: breaking-news.ca
URL: https://breaking-news.ca/the-new-nuremberg-trials-2021-please-share-this-info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.206 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://breaking-news.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 4da6eed394d6964bb6012cd52c92ee70
Date: Thu, 06 May 2021 18:41:02 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://breaking-news.ca
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bitchute.com
URL: https://www.bitchute.com/static/v130/images/plyr-20180117.svg

Domain: www.bitchute.com
URL: https://www.bitchute.com/static/v130/images/plyr-20180117.svg

Domain: www.bitchute.com
URL: https://www.bitchute.com/static/v130/images/plyr-20180117.svg

Domain: www.bitchute.com
URL: https://www.bitchute.com/static/v130/images/plyr-20180117.svg

Domain: www.bitchute.com
URL: https://www.bitchute.com/static/v130/images/plyr-20180117.svg

Domain: www.bitchute.com
URL: https://www.bitchute.com/static/v130/images/plyr-20180117.svg

Domain: www.bitchute.com
URL: https://www.bitchute.com/static/v130/images/plyr-20180117.svg

Domain: www.bitchute.com
URL: https://www.bitchute.com/static/v130/images/plyr-20180117.svg

Domain: www.bitchute.com
URL: https://www.bitchute.com/static/v130/images/plyr-20180117.svg

Domain: www.bitchute.com
URL: https://www.bitchute.com/static/v130/images/plyr-20180117.svg

Domain: www.bitchute.com
URL: https://www.bitchute.com/static/v130/images/plyr-20180117.svg

Domain: clients6.google.com
URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uprimp.com/	1970-01-19 18:06:00	Name: total_impressions Value: 1
.uprimp.com/	1970-01-19 18:06:00	Name: used_ad2431076 Value: 1
.uprimp.com/	1970-01-19 18:48:38	Name: cpa_673873 Value: 300x250_935756789_0
.uprimp.com/	1970-01-19 18:06:00	Name: used_ad2316997 Value: 1

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://cdn.jsdelivr.net/npm/gun/gun.js(Line 986) Message: Hello wonderful person! :) Thanks for using GUN, please ask for help on http://chat.gun.eco if anything takes you longer than 5min to figure out!
console-api	log	URL: https://cdn.jsdelivr.net/npm/gun/gun.js(Line 986) Message: Warning: No localStorage exists to persist data to!
console-api	log	URL: https://resources.infolinks.com/js/1745.002-3.012/ice.js(Line 1) Message: [object Object]
console-api	log	URL: https://resources.infolinks.com/js/1745.002-3.012/ice.js(Line 1) Message: Failed to log to loggly because of this exception: TypeError: Converting circular structure to JSON --> starting at object with constructor 'Window' --- property 'window' closes the circle
console-api	log	URL: https://resources.infolinks.com/js/1745.002-3.012/ice.js(Line 1) Message: Failed log data: [object Object]
console-api	log	(Line 1) Message: service worker path (u): /sw.js event domain: https://dibsemey.com
console-api	log	URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 26) Message: Query variable %s not found sumotoken
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: install sumo badge...
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 26) Message: Query variable %s not found sumopath
console-api	info	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: CREATING SANDBOX FOR services/index/#services/index
console-api	info	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: CREATING SANDBOX FOR 156085c5-0017-4150-b225-a731ad248f38/service/#156085c5-0017-4150-b225-a731ad248f38/service
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: rendering share...
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: rendering for desktop...
console-api	log	URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js(Line 1) Message: style buffer update...
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: buffer
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: facebook
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: facebooklike
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: googleplus
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: pinterest
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: reddit
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: yummly
console-api	log	URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js(Line 1) Message: undefined
console-api	log	URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js(Line 1) Message: style buffer load resize orientationchange...
console-api	log	URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js(Line 1) Message: style buffer update...

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ap.lijit.com
api.facebook.com
b1sync.zemanta.com
breaking-news.ca
c0.wp.com
cdn.engine.4dsply.com
cdn.jsdelivr.net
cdn.polyfill.io
cdnjs.cloudflare.com
clients6.google.com
cm.adgrx.com
cm.g.doubleclick.net
de.tynt.com
dibsemey.com
dsp.adkernel.com
dsum-sec.casalemedia.com
engine.4dsply.com
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
i.ytimg.com
i0.wp.com
i1.wp.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
load.sumo.com
match.adsrvr.org
match.bnmla.com
maxcdn.bootstrapcdn.com
namel.net
onetag-sys.com
p.rfihub.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.wp.com
resources.infolinks.com
router.infolinks.com
s.amazon-adsystem.com
s.cpx.to
seed126.bitchute.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static-3.bitchute.com
stats.wp.com
sumo.com
sync.1rx.io
sync.go.sonobi.com
sync.targeting.unrulymedia.com
translate.google.com
translate.googleapis.com
um2.eqads.com
uprimp.com
ups.analytics.yahoo.com
vidtrends.net
www.bitchute.com
www.breaking-news.ca
www.gstatic.com
ylx-i.advertica-cdn2.com
clients6.google.com
www.bitchute.com
104.22.3.144
104.225.217.48
139.45.196.206
142.250.185.226
173.208.201.170
173.231.181.122
174.137.133.49
178.162.133.149
18.156.0.31
185.33.221.91
185.59.220.194
185.64.189.114
185.64.190.79
185.64.190.80
185.66.200.127
185.66.200.220
185.66.200.41
185.66.201.34
192.0.76.3
192.0.77.2
192.0.77.37
193.0.160.129
2.18.234.21
208.100.17.172
208.100.17.182
213.19.147.45
216.52.2.30
2606:4700:20::681a:723
2606:4700::6810:135e
2606:4700::6810:9e11
2606:4700::6812:acf
2a00:1450:4001:808::2016
2a00:1450:4001:811::200a
2a00:1450:4001:828::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:f48:2000:1023::3
2a03:2880:f008:1:face:b00c:0:1
2a04:4e42:3::621
34.251.124.7
35.170.231.210
38.27.122.101
51.38.120.206
52.28.254.214
52.38.14.212
64.202.112.159
66.155.71.150
72.21.206.140
76.223.111.131
0099381a07c695e5af4b91cfed8c8ecf97fc7e923b65e503e2241d5a357be0f7
011f65213dcc2dc9464f07a61c75125c3ef8061f37ca3921c4b6771421b4235b
0298fddafba73b61bae8f24ad823dafea3d3f22917e126e4f013b8fa2683005b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0526a26f08fd7829e77d64be7ce7fb85946e99e0d5e3691a9e6efd09c13b4529
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
0c30678ce61936db0d9405256fc6d328eb49d38614d1650a3678a32ebb3b943c
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ca7ec873a3dda301467c9a31f9486254b486bfe1046908913b4ab8b5e7b19b3
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
1053e00d3ce98040b8c9beb17478cbf719757ade8da749f5651b1edb8deaea03
11b7448c22b34dae17fdace8778630f6e9bab3e826c1a1ca960284359ab453b0
12ac362a9b35e535f3e49fe0df7aaa14e6201a4c663731625dd7441de1c3cfbb
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43
1586f5799c0af70fb1b93bba1b43815b370caed19c05b5d176427af149b1c331
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6
18dcd5728bf375d951be982a12c20252e16ea05c8970733899ce36037c2c7fb3
1a10a9e63951fa1f21c74dba9983aee13f964a835ede597e2975fd578faba5a8
1af6c8d6186372ebc31cc1384ea186576913f9e61e30819c56957380e35f41df
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1d37d0861a3cc38c515b2b285080a8be48aef8498864a52e7dd80a08e584db0a
1f6f63ba8383b3ec0894fd72f7b8a8e55bd04510b236bc95cbce82607a6781d2
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147
21a09f863ea57a5da7336b7580db8ed4efa098a24eba58240b298a0a80eb0a52
21bbe0d1bce698e01827f9133968c889e05566d3b17ef2db38ad5b4f62c995b9
25f50d841c7dd81a7b0c4309672e7d56898c6d4a06d9b1b5d18cb05098a85655
27077d36b6dc6e75dcff223709a767433517d0444b80e4e2f489994cf6fd47ad
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d225555695064c8de2906b8f519076093edc4aeab86e34a13d7417956f2242b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
308c11f11c4190742d17016b1f498aaccb8807540eab270142a382d4787064c8
33fffa1119c384b3f07d243151247c3c65a07a1111acfed0b4beac6806ffb55c
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3abb81ee81a5b8595e66873d8c64d509976fa0f3e48e28ebd06eb5b4bf03deb3
3e235048310052564284d63329ab641bdf6d32763697812ab560372163b89f21
3e3aeb6a6be4f7615a2a32aeda64db2c9f6776a89d361cbd7446952827bd55be
3e4e222b67e2bd9c68793bccacc0b48ac2bbd716e80f4198a56f9c87b9c9a2ad
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
3f85b69ab5d27dee6e42300b5bc62b510fa0a85028b017da7fb4c8662807e71e
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
456ded6a1ce4338c6d4f24a993f23a7278752274694ef98450b74435acc8e9d4
4682c469052a24dec21bc77e140588ddadcb6d2753dada01e153207e0074e828
4a7b0dea622a306b7a25848cb60e48146feb8f07b87e15bd233236de1f365630
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
4c9b03017994f6ffa4bf0dd72e560acd95af64b9a5a6d7e95ae40b841fdf6105
4cfeb7fd0db448cbf70d94ed001c56d92d745a756be2e76a065502e86f535005
516c1cd728e7fbf78593b5cee126e73b10ba08f946c8a2c6c12a1c880f8d2dfb
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
53c0a264444053b235b6d81b4da620684ddce50d6326798a1a536f9e269d5f52
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
568c290163b0a0957dc9a588116a279f2b47ce42ecc08a9033162c594a7413c6
575d601b25a0dc437efc3461dfb3d9f254b5c440c38a9b990f89b4584e7073a0
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
5e0d7c507cf900775df1d347c362c6ab870162905b31ca3b2b4afd5f73fad98f
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60c8466c03966918947345e6baf8fc7cd2b152c0bd0107ef2158f63dad2e845b
6140ee5cac18f5d80c29337a12c8ccb07dab97fa1825bda4dfba0751b52841e1
620bfe701afd270878d7251d200acaa764bc7b2192ded4f890c2981c1de52b4c
625acf8e86c50bce6fadff745b616066738ad0dc72886e25bb0cdc6b2f0ea0ec
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
63cf96c058d6f571a1f73d3c48ae7c9e11efbc9c35284cd1b7ec6a3c3750ae8c
63f2875205d7cac62db77d2776770a0bc0350d3dd531672435c2dea2da23b46e
64e97e614f8b08120752f08c7bc4acfd61e38d0a63b4ea9bc07f80c5a2a42d9d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a8a5f81599e5c001d7f92b4eeb786752adcf64dbbf53a48c251d67d7b2f9d14
6c50b9728278c1198628d81ae407a1d1e2a3def46b284a920a4ab13c54f90513
6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f
6fef5828a082a7e8455a5d94215bc88356c216a5077d7cf57fee20bcca8aaa44
715c2623125e30d3084b218ac3999771b25d21cecc7edb8b7fc52ef9110add98
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
71e321cc2e604ec1fbbe76c0470d616f1e8bcc9a25e27ab8d7b0f07efa54f2e8
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bf3fa46dbc796813536555cdd9f6967014235d64d8d5ee1568da07b19b23331
7ddc424649b256e50ebbde6522b13a627359b25c299b3ffa32a2896866e277c1
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
80f90aa4e2669fa8ef7446b1293e7c7228e7fe026aa88a3af90db19b164f90c8
813d4ee3ba69532b6ecb9b73c7dd5f8c3b6aa81e0790277bf40b2bc600245047
825a94169552a5f8e5b045811f058106172a2a540a3072f7483915f162f50a62
827298eab0679993bc338a61c618c43c4db311e4f697e302ca0624e9f13fe700
83b2db06e4e840f5c818b986001e24ed7added38a25e036e6e12607025d14f0e
8942352302153559a30da7742dd6e37049a3a0ef3f7b12751b28b1c5b109a264
8a1fba0bc61582359a73f773bd3818214fccf0a15e4ed902c1da73b91813bef0
8d6666ba395abfe65d7bbe080167303c860b76ff179103c2dc8295721123d5a2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ed77676d10661c0467f600237ee68475d3d4e58993e200cd953ae54132a0e24
9112c670bbb72565dbffb7455dba17b3e1d6cb36c3c27e8c673241962d631cbc
955adfc31846d7a5f3b397b90a83e22de43a5e68dfa15dbb93069462256920b6
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
984700d554c403bdeeb313eca67dff9dca7875f1df11760e3793d2d07c51485a
9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830
9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642
9c907d2288075c470f1404dbd031776014c384f97490872ac1d1800f0e8417b4
9d1ed7a46eb35824c1d946d3e692a9b508661a973ae7a57db778b62687335de8
9ee528fae3270a18f9ef02e08baa054b2a428d449190346a68afefeb047fa6a6
9fce8695c151daf4b2f8ed35e526641009dc9bf93cb8508756ffa02f9062b0c0
a5ceaa3b13d00891359440a0835ef348ec0ebbf01c27886a60753168cc3a8898
a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a
a7fe8ae5b46b4fc09c2dfae9ec67512c8304d12df3d72f94948d87348407437f
a8c9355719e180f67753c823b87c29f40e21df91c20b44eb92d4cb36ef575d09
a94c49b3e1aa2fa4558678001eb7c89e1ad875b54b8262ead41f409de604f40c
a999f24434be7cf28883979673975a1dc6fadf5647ede64d50fa6f3bf3c52f41
aa97eb1d7712c67d443d2bdfe89645ec93c25aaa9afe1dc240b479657f0451ca
abb7d1ade37d6232c88594c1a66af366edb2bb2eacc740d21aa5ea281ddd712e
acc49d822e6463b2fab47ae7a1fe6a2a02fcc3823478777667b39dd98aa71bea
ada779e6a3f649a72fe87805adb015a8822c9d0a909cec576e916c6065e31e5c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563
bc7e3ef0ea9f9c34e9eec4ca02e390de42fa45cc7787fdfa1374e007abf0ad1a
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf87392ab6c24aac4c96c39c7c937111f495de4852f705efe575f599267fb8b2
bff23d27c85ae58b6970cf16ec5e5da7b58e174f40a37c1a4263feefca116569
c19f1e6f97824220058e0ec118dcf09efb197db4bd7379a77967e99d4845973f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1
c55b29ae10355fd7e494fdda341b705f58d5968f1878b9327801fb81c4aa9284
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c9dc8ec104c88f02b7247bceccae2023a665855ce57e2a3f714d1dfa62cb2262
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
cb8b83eae8299661d83d0956e93aa25f1e653a6c145079bb5017e60d7832b765
cfa5a8fa97862eeaceefeaa32645101531006817044da885a13255c9a12c8b1d
d3d4cfc28d453d02fd8f5a8a833116f383c11438c132137e9b23c25643f60c01
d577d577f41a9ea4156c5beb1e88e3bfef293de8a44b2589450c3c23a1aa20ae
d8871eea8ab27838e7adbb42389c627bccc78653f5c69c326c0709b3261d2cdd
d9d22ca8f7506377e896ba0d23bba8e8c1dcb349b5a04d29b13eb2806efb8b54
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
dddbaec995a218d44ca4b029949b02b5e0b1d2b1186d22613a151cccdcd224be
e11af69b78eb872c716113d4ec5a38286c7dd208a9d21254b33cbbcfe6422fa8
e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8af73fa4560eec175777bb3599db76a417328e8b6a2efecb9f6c1629c7dc67b
e97799e36f38b3d8696b99973e0be900ef693ae9e98ab5585988fd4e23d6fe4a
ea21f654449b5bcbd3c3ad0c9344fd3441441447955341d0d949e7db633c4a39
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb44a5e28b65adaa17b5db1f931e4681ae8103a5f194b8c0704ecc5611a83bb3
eef56063d57947ea3ceaea0bcb9fb39e9b11802f4d55a317b4583c499f2b2585
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef22755bc9501f967f1cb92530ea9a24c98432e12dfa2b35a71482b3e5579b21
f02bfe55a72394ee99d25957267002980613a1b3f8966b3c491ee27133d5f014
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f401eb40ec1fa797bc8afbac7c18519fa46894d8cd6927be908486988ce47da6
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f5117b5d034d982061099fee3ecbdfdb37ba61bf14d655bb8ae6aa7df90c6dc5
f5a9c95f55b3f2aa2e7b279e18d1f31768097b55268f29300136fcf2e0a497bd
f7835179dc43f7f01a2350b4f88d695ce78d814f44e0a801aeabaf2e017042ad
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01
fb9874bd1b966a2d41114c8bb37de4b78df77fa4de9df5b7c8860d80abc34f83
fc2e4fd761c3a7833d11973c14ace3a38828e52a56f1be8c5ba3ab7fe0376bcc
fe0e0bf53152838d5558049de2c1c27ed5edec73c443d3dd62b18595c857a1e1
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2
fef471c03efd044f419bec563ccab7f14415713b12d0d7a0ce711b8699b8f14f
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

breaking-news.ca Open in urlscan Pro 104.225.217.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

252 Requests

95 %HTTPS

27 %IPv6

43 Domains

61 Subdomains

41 IPs

8 Countries

3600 kBTransfer

9229 kBSize

4 Cookies

7 Outgoing links

Page URL History

Redirected requests

252 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

breaking-news.ca Open in urlscan Pro
104.225.217.48 Public Scan

Screenshot
Live screenshot

Full Image

252
Requests

95 %
HTTPS

27 %
IPv6

43
Domains

61
Subdomains

41
IPs

8
Countries

3600 kB
Transfer

9229 kB
Size

4
Cookies

252 HTTP transactions
14 data transactions