beforeitsnews.com Open in urlscan Pro
104.22.74.138 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://beforeitsnews.com/
Submission: On January 31 via api (January 31st 2023, 3:36:43 am UTC) from NZ — Scanned from NZ

Summary HTTP 399 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 89 IPs in 11 countries across 93 domains to perform 399 HTTP transactions. The main IP is 104.22.74.138, located in and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com. The Cisco Umbrella rank of the primary domain is 141345.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2022. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	104.22.74.138 104.22.74.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.12.95 142.251.12.95	15169 (GOOGLE) (GOOGLE)
1	13.224.250.27 13.224.250.27	16509 (AMAZON-02) (AMAZON-02)
4	142.251.10.119 142.251.10.119	15169 (GOOGLE) (GOOGLE)
31	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.178.15 172.67.178.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	74.125.24.97 74.125.24.97	15169 (GOOGLE) (GOOGLE)
9	142.251.12.94 142.251.12.94	15169 (GOOGLE) (GOOGLE)
15	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
10	104.18.255.14 104.18.255.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	138.199.46.75 138.199.46.75	60068 (CDN77 ^_^) (CDN77 ^_^)
2	104.21.14.185 104.21.14.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	74.125.68.139 74.125.68.139	15169 (GOOGLE) (GOOGLE)
1	104.21.235.70 104.21.235.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.24.156 74.125.24.156	15169 (GOOGLE) (GOOGLE)
2	172.67.138.44 172.67.138.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.241.30.109 162.241.30.109	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	172.67.14.110 172.67.14.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.250.55 13.224.250.55	16509 (AMAZON-02) (AMAZON-02)
28	13.33.33.47 13.33.33.47	16509 (AMAZON-02) (AMAZON-02)
9	172.253.118.113 172.253.118.113	15169 (GOOGLE) (GOOGLE)
2	35.190.30.115 35.190.30.115	15169 (GOOGLE) (GOOGLE)
1	13.33.33.107 13.33.33.107	16509 (AMAZON-02) (AMAZON-02)
22	13.35.8.4 13.35.8.4	16509 (AMAZON-02) (AMAZON-02)
4	64.233.170.157 64.233.170.157	15169 (GOOGLE) (GOOGLE)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.65.228.208 104.65.228.208	16625 (AKAMAI-AS) (AKAMAI-AS)
3	142.250.4.155 142.250.4.155	15169 (GOOGLE) (GOOGLE)
2	209.58.165.102 209.58.165.102	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
11 13	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
6 6	103.229.205.243 103.229.205.243	30419 (MEDIAMATH...) (MEDIAMATH-INC)
17 22	172.217.194.155 172.217.194.155	15169 (GOOGLE) (GOOGLE)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 17	103.231.98.197 103.231.98.197	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 4	185.84.60.29 185.84.60.29	198622 (ADFORM) (ADFORM)
11 17	103.231.98.194 103.231.98.194	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	35.75.149.219 35.75.149.219	16509 (AMAZON-02) (AMAZON-02)
8 14	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
2 2	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	23.106.127.39 23.106.127.39	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
3 3	3.1.117.253 3.1.117.253	16509 (AMAZON-02) (AMAZON-02)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
11 11	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	18.136.168.53 18.136.168.53	16509 (AMAZON-02) (AMAZON-02)
1	80.77.87.161 80.77.87.161	46636 (NATCOWEB) (NATCOWEB)
3	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
3	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
5	142.251.12.103 142.251.12.103	15169 (GOOGLE) (GOOGLE)
4 15	51.79.234.101 51.79.234.101	16276 (OVH) (OVH)
1	64.120.110.136 64.120.110.136	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	23.227.152.10 23.227.152.10	55081 (24SHELLS) (24SHELLS)
1 1	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
2 2	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
2 15	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
2 2	209.191.163.152 209.191.163.152	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
8 8	104.254.148.252 104.254.148.252	29990 (ASN-APPNEX) (ASN-APPNEX)
1	89.187.162.137 89.187.162.137	60068 (CDN77 ^_^) (CDN77 ^_^)
3 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	103.231.98.196 103.231.98.196	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	23.106.127.52 23.106.127.52	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
4 6	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 5	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 3	52.74.162.2 52.74.162.2	16509 (AMAZON-02) (AMAZON-02)
1	13.227.254.35 13.227.254.35	16509 (AMAZON-02) (AMAZON-02)
1	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	103.229.10.171 103.229.10.171	16509 (AMAZON-02) (AMAZON-02)
3 5	67.199.150.86 67.199.150.86	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	119.9.108.191 119.9.108.191	45187 (RACKSPACE...) (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong)
2 2	35.213.93.179 35.213.93.179	15169 (GOOGLE) (GOOGLE)
1 2	34.142.175.23 34.142.175.23	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	54.179.181.113 54.179.181.113	16509 (AMAZON-02) (AMAZON-02)
1 4	103.231.98.195 103.231.98.195	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	23.9.185.218 23.9.185.218	16625 (AKAMAI-AS) (AKAMAI-AS)
6 6	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
7	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
6	34.117.239.71 34.117.239.71	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
3 4	52.220.170.179 52.220.170.179	16509 (AMAZON-02) (AMAZON-02)
3 4	107.178.244.193 107.178.244.193	15169 (GOOGLE) (GOOGLE)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.94.223.37 52.94.223.37	16509 (AMAZON-02) (AMAZON-02)
2	220.150.223.50 220.150.223.50	() ()
2 2	50.116.239.135 50.116.239.135	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	124.146.215.47 124.146.215.47	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	13.227.254.26 13.227.254.26	16509 (AMAZON-02) (AMAZON-02)
1 1	139.162.23.100 139.162.23.100	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1 1	18.138.18.111 18.138.18.111	16509 (AMAZON-02) (AMAZON-02)
1	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 1	44.205.120.122 44.205.120.122	14618 (AMAZON-AES) (AMAZON-AES)
1	13.114.237.69 13.114.237.69	16509 (AMAZON-02) (AMAZON-02)
1 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	13.213.182.200 13.213.182.200	16509 (AMAZON-02) (AMAZON-02)
4 4	74.118.186.45 74.118.186.45	26120 (RHYTHMONE) (RHYTHMONE)
1 1	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
1	13.250.207.233 13.250.207.233	16509 (AMAZON-02) (AMAZON-02)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1 2	104.18.25.173 104.18.25.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
2 2	89.207.22.108 89.207.22.108	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	104.254.151.36 104.254.151.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1	74.125.24.113 74.125.24.113	() ()
4	104.18.226.52 104.18.226.52	() ()
3	74.125.24.95 74.125.24.95	() ()
1	104.18.225.52 104.18.225.52	() ()
3	172.98.57.100 172.98.57.100	() ()
14	74.125.24.93 74.125.24.93	() ()
6	64.233.170.94 64.233.170.94	() ()
2	74.125.68.149 74.125.68.149	() ()
7	172.217.194.95 172.217.194.95	() ()
2	74.125.24.132 74.125.24.132	() ()
399	89

45 104.22.74.138 (None, )

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.95 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.250.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-27.sin52.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.10.119 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f119.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.178.15 (United States)

ASN13335 (CLOUDFLARENET, US)

pexoenne.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2.customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.255.14 (None, )

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 138.199.46.75 (Singapore)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-46-75.bunnyinfra.net

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.14.185 (None, )

ASN13335 (CLOUDFLARENET, US)

www.jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.68.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f139.1e100.net

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.235.70 (None, )

ASN13335 (CLOUDFLARENET, US)

iili.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.138.44 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.241.30.109 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5924.bluehost.com

www.ournewearthnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.14.110 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.250.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-55.sin52.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 13.33.33.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-47.sin2.r.cloudfront.net

static.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.253.118.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.30.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.30.190.35.bc.googleusercontent.com

customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.33.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-107.sin2.r.cloudfront.net

www.tradingview-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 13.35.8.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-4.sin5.r.cloudfront.net

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.233.170.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.65.228.208 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-65-228-208.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.58.165.102 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.213.12.39 (Tokyo, Japan) 11 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.229.205.243 (Singapore) 6 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.217.194.155 (United States) 17 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 103.231.98.197 (Japan) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.84.60.29 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 103.231.98.194 (Japan) 11 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.75.149.219 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-149-219.ap-northeast-1.compute.amazonaws.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 69.173.158.64 (Singapore) 8 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.161.21 (United States) 2 redirects

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.39 (Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.1.117.253 (Singapore) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-117-253.ap-southeast-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.98.65 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 15.197.193.217 (United States) 11 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.136.168.53 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-168-53.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.12.103 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 51.79.234.101 (Singapore) 4 redirects

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.120.110.136 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.152.10 (Piscataway, United States)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (Palos Park, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.223.115 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.227.139.243 (Piscataway, United States) 2 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.spotim.market	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.191.163.152 (United States) 2 redirects

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.254.148.252 (Los Angeles, United States) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.162.137 (Singapore)

ASN60068 (CDN77 ^_^, GB)
PTR: 599610281.sgp.cdn77.com

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.106.127.52 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.60.146 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.74.162.2 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.254.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-35.sin52.r.cloudfront.net

cs.spotimmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.10.171 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.199.150.86 (Singapore) 3 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.9.108.191 (Hong Kong) 1 redirects

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.93.179 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.142.175.23 (Singapore) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 23.175.142.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.179.181.113 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-181-113.ap-southeast-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.231.98.195 (Japan) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.9.185.218 (Singapore) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-185-218.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 67.202.105.24 (Palos Park, United States) 6 redirects

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com

events-ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.242 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.220.170.179 (Singapore) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-170-179.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.244.193 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.223.37 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 220.150.223.50 (None, )

ASN- ()

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.116.239.135 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.47 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.254.26 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-26.sin52.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.23.100 (Singapore) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li865-100.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.138.18.111 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com

cm.ambientdsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.205.120.122 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-120-122.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.114.237.69 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-237-69.ap-northeast-1.compute.amazonaws.com

dps.jp.cinarra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.213.182.200 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-182-200.ap-southeast-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.118.186.45 (Singapore) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.229.2 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.250.207.233 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-207-233.ap-southeast-1.compute.amazonaws.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.173 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.207.22.108 (Singapore) 2 redirects

ASN41041 (VCLK-EU-SE, US)
PTR: sin02-nessy-float2.dotomi.com

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.254.151.36 (Los Angeles, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.113 (None, )

ASN- ()

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.226.52 (None, )

ASN- ()

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.24.95 (None, )

ASN- ()

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.225.52 (None, )

ASN- ()

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.98.57.100 (None, )

ASN- ()

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 74.125.24.93 (None, )

ASN- ()

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 64.233.170.94 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.68.149 (None, )

ASN- ()

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.194.95 (None, )

ASN- ()

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.132 (None, )

ASN- ()

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	tradingview.com s3.tradingview.com — Cisco Umbrella Rank: 18978 s.tradingview.com — Cisco Umbrella Rank: 24401 static.tradingview.com — Cisco Umbrella Rank: 16717 s3-symbol-logo.tradingview.com — Cisco Umbrella Rank: 18143	187 KB
49	pubmatic.com 19 redirects ads.pubmatic.com — Cisco Umbrella Rank: 463 image8.pubmatic.com — Cisco Umbrella Rank: 635 simage2.pubmatic.com — Cisco Umbrella Rank: 665 image6.pubmatic.com — Cisco Umbrella Rank: 733 image2.pubmatic.com — Cisco Umbrella Rank: 872 image4.pubmatic.com — Cisco Umbrella Rank: 941 simage4.pubmatic.com — Cisco Umbrella Rank: 1166	102 KB
47	beforeitsnews.com beforeitsnews.com — Cisco Umbrella Rank: 141345 img.beforeitsnews.com — Cisco Umbrella Rank: 384737 m.beforeitsnews.com — Cisco Umbrella Rank: 411907 ajax.beforeitsnews.com — Cisco Umbrella Rank: 199525 a1.beforeitsnews.com	905 KB
31	doubleclick.net 17 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 static.doubleclick.net	45 KB
31	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8863 c.mgid.com — Cisco Umbrella Rank: 6638 cdn.mgid.com — Cisco Umbrella Rank: 12234 servicer.mgid.com — Cisco Umbrella Rank: 9130 s-img.mgid.com — Cisco Umbrella Rank: 6006 cm.mgid.com — Cisco Umbrella Rank: 1267	401 KB
20	rubiconproject.com 10 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 308 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2119 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 842 eus.rubiconproject.com — Cisco Umbrella Rank: 537 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1079 token.rubiconproject.com — Cisco Umbrella Rank: 548	22 KB
16	youtube.com img.youtube.com — Cisco Umbrella Rank: 3025 www.youtube.com	2 MB
15	onetag-sys.com 4 redirects onetag-sys.com — Cisco Umbrella Rank: 725	7 KB
15	adtelligent.com 1 redirects s.adtelligent.com — Cisco Umbrella Rank: 8798 sync.adtelligent.com — Cisco Umbrella Rank: 5073	8 KB
14	rmbl.ws sp.rmbl.ws — Cisco Umbrella Rank: 27241	494 KB
13	bidswitch.net 11 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	6 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	139 KB
12	33across.com 6 redirects ssc-cms.33across.com — Cisco Umbrella Rank: 812 events-ssc.33across.com — Cisco Umbrella Rank: 1749	4 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 www.googleapis.com — Cisco Umbrella Rank: 25 translate.googleapis.com jnn-pa.googleapis.com	143 KB
11	openx.net 3 redirects rtb.openx.net — Cisco Umbrella Rank: 1634 us-u.openx.net — Cisco Umbrella Rank: 417 jp-u.openx.net — Cisco Umbrella Rank: 13962	2 KB
11	adsrvr.org 11 redirects match.adsrvr.org — Cisco Umbrella Rank: 304	6 KB
10	imgflip.com i.imgflip.com — Cisco Umbrella Rank: 26977	571 KB
9	adnxs.com 9 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 secure.adnxs.com — Cisco Umbrella Rank: 409	9 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	60 KB
8	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 271 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 902	5 KB
7	bitchute.com static-3.bitchute.com — Cisco Umbrella Rank: 127817	199 KB
6	rlcdn.com 4 redirects id.rlcdn.com — Cisco Umbrella Rank: 596 idsync.rlcdn.com — Cisco Umbrella Rank: 349	2 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 translate.google.com	56 KB
6	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1097 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1314	2 KB
6	mathtag.com 6 redirects sync.mathtag.com — Cisco Umbrella Rank: 453	4 KB
5	onesignal.com cdn.onesignal.com onesignal.com	82 KB
5	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414	2 KB
5	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 568 cm.adform.net — Cisco Umbrella Rank: 1400	2 KB
5	id5-sync.com 1 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 948 id5-sync.com — Cisco Umbrella Rank: 389	21 KB
4	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 412	1 KB
4	crwdcntrl.net 3 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 757	2 KB
4	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	318 KB
3	rumble.com rumble.com	35 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 507	2 KB
3	360yield.com 3 redirects ad.360yield.com — Cisco Umbrella Rank: 650	852 B
3	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 782 ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1833	495 B
3	customads.co cdn2.customads.co — Cisco Umbrella Rank: 171260 customads.co — Cisco Umbrella Rank: 123598	7 KB
2	ggpht.com yt3.ggpht.com	5 KB
2	dotomi.com 2 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3016	746 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 726 s.tribalfusion.com — Cisco Umbrella Rank: 1733	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 693	1 KB
2	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 5049	673 B
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 32755	1 KB
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 748	959 B
2	ad-m.asia sync-dsp.ad-m.asia	486 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 601	1 KB
2	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 767	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2177	969 B
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1110	1 KB
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 718	880 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 556	734 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 592	1 KB
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 835	495 B
2	tynt.com 1 redirects ic.tynt.com — Cisco Umbrella Rank: 6443 de.tynt.com — Cisco Umbrella Rank: 1448	3 KB
2	adtarget.com.tr 1 redirects s.console.adtarget.com.tr — Cisco Umbrella Rank: 17575 sync.console.adtarget.com.tr — Cisco Umbrella Rank: 17619	1 KB
2	google.co.nz www.google.co.nz — Cisco Umbrella Rank: 34970	515 B
2	e-volution.ai 2 redirects sync.e-volution.ai — Cisco Umbrella Rank: 2512	918 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com — Cisco Umbrella Rank: 9662	789 B
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 518	688 B
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 131798	1 KB
2	jamesredpillsamerica.com www.jamesredpillsamerica.com — Cisco Umbrella Rank: 616560	2 MB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	88 KB
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 3445	468 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 5207	277 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 831	44 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1283	230 B
1	gammaplatform.com 1 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2556	644 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	527 B
1	cinarra.com dps.jp.cinarra.com — Cisco Umbrella Rank: 23965	220 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 651	617 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 696	363 B
1	ambientdsp.com 1 redirects cm.ambientdsp.com — Cisco Umbrella Rank: 28614	652 B
1	appier.net 1 redirects gocm.c.appier.net — Cisco Umbrella Rank: 1898	397 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 964	855 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 353	573 B
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 4294	392 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 632	594 B
1	spotimmedia.com cs.spotimmedia.com — Cisco Umbrella Rank: 5924	465 B
1	spotim.market sync.spotim.market — Cisco Umbrella Rank: 2216	318 B
1	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2287
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 17179	259 B
1	e-planning.net ads.us.e-planning.net — Cisco Umbrella Rank: 5117	92 B
1	admanmedia.com cs.admanmedia.com — Cisco Umbrella Rank: 917	199 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 502	280 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1123	620 B
1	admedo.com 1 redirects pool.admedo.com — Cisco Umbrella Rank: 4461	290 B
1	idealmedia.io cm.idealmedia.io — Cisco Umbrella Rank: 21114	143 B
1	tradingview-widget.com www.tradingview-widget.com — Cisco Umbrella Rank: 26760
1	ournewearthnews.com www.ournewearthnews.com — Cisco Umbrella Rank: 465532	29 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	49 KB
1	iili.io iili.io — Cisco Umbrella Rank: 37669	64 KB
1	pexoenne.site pexoenne.site — Cisco Umbrella Rank: 361879	42 KB
0	nex8.net Failed cs.nex8.net Failed
399	93

	Domain	Requested by
30	beforeitsnews.com	beforeitsnews.com
28	static.tradingview.com	s.tradingview.com static.tradingview.com
22	cm.g.doubleclick.net	17 redirects onetag-sys.com eus.rubiconproject.com us-u.openx.net
22	s3-symbol-logo.tradingview.com	s.tradingview.com
17	simage2.pubmatic.com	11 redirects ads.pubmatic.com
17	image8.pubmatic.com	4 redirects beforeitsnews.com onetag-sys.com ads.pubmatic.com s.adtelligent.com
15	onetag-sys.com	4 redirects s.adtelligent.com onetag-sys.com
14	www.youtube.com	beforeitsnews.com www.youtube.com
14	sp.rmbl.ws	beforeitsnews.com rumble.com
13	sync.adtelligent.com	1 redirects s.adtelligent.com onetag-sys.com s.console.adtarget.com.tr ads.pubmatic.com
13	x.bidswitch.net	11 redirects onetag-sys.com
13	img.beforeitsnews.com	beforeitsnews.com
12	cm.mgid.com	jsc.mgid.com beforeitsnews.com s.adtelligent.com ads.pubmatic.com
11	match.adsrvr.org	11 redirects
10	pixel.rubiconproject.com	4 redirects beforeitsnews.com onetag-sys.com eus.rubiconproject.com
10	i.imgflip.com	beforeitsnews.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com beforeitsnews.com s.tradingview.com rumble.com
8	ib.adnxs.com	8 redirects
7	jnn-pa.googleapis.com	www.youtube.com
7	static-3.bitchute.com	beforeitsnews.com
7	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com www.youtube.com
6	www.gstatic.com	translate.googleapis.com www.youtube.com www.gstatic.com
6	events-ssc.33across.com	de.tynt.com eus.rubiconproject.com us-u.openx.net
6	ssc-cms.33across.com	6 redirects
6	sync.mathtag.com	6 redirects
6	s-img.mgid.com	beforeitsnews.com
6	jsc.mgid.com	beforeitsnews.com jsc.mgid.com
5	image2.pubmatic.com	3 redirects ads.pubmatic.com
5	s.amazon-adsystem.com	2 redirects onetag-sys.com eus.rubiconproject.com
5	www.google.com	beforeitsnews.com www.youtube.com
4	token.rubiconproject.com	4 redirects
4	pixel.tapad.com	3 redirects s.adtelligent.com
4	sync.crwdcntrl.net	3 redirects s.adtelligent.com
4	us-u.openx.net	de.tynt.com us-u.openx.net
4	rtb.openx.net	3 redirects us-u.openx.net
4	id5-sync.com	1 redirects cdn.id5-sync.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	ads.pubmatic.com	jsc.mgid.com s.adtelligent.com ads.pubmatic.com
4	stats.g.doubleclick.net	customads.co www.google-analytics.com
4	i.ytimg.com	beforeitsnews.com www.youtube.com
3	rumble.com	beforeitsnews.com rumble.com
3	translate.googleapis.com	translate.googleapis.com
3	onesignal.com	cdn.onesignal.com
3	sync.1rx.io	3 redirects
3	jp-u.openx.net	us-u.openx.net
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	idsync.rlcdn.com	2 redirects ads.pubmatic.com
3	ups.analytics.yahoo.com	1 redirects onetag-sys.com
3	id.rlcdn.com	2 redirects onetag-sys.com
3	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
3	lb.eu-1-id5-sync.com	cdn.id5-sync.com
3	ad.360yield.com	3 redirects
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com
3	servicer.mgid.com	jsc.mgid.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	cdn.onesignal.com	beforeitsnews.com cdn.onesignal.com
2	pubmatic-match.dotomi.com	2 redirects
2	pm.w55c.net	2 redirects
2	ipac.ctnsnet.com	1 redirects ads.pubmatic.com
2	cr-p3.ladsp.com	2 redirects
2	ad.turn.com	2 redirects
2	sync-dsp.ad-m.asia	us-u.openx.net ads.pubmatic.com
2	simage4.pubmatic.com	ads.pubmatic.com
2	pixel-sync.sitescout.com	2 redirects
2	eus.rubiconproject.com	de.tynt.com eus.rubiconproject.com
2	image4.pubmatic.com	1 redirects ads.pubmatic.com
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	um.simpli.fi	1 redirects ads.pubmatic.com
2	a.sportradarserving.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	pippio.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ssbsync-global.smartadserver.com	onetag-sys.com
2	pixel-eu.rubiconproject.com	onetag-sys.com
2	image6.pubmatic.com	ads.pubmatic.com
2	ap.lijit.com	2 redirects
2	csync.loopme.me	2 redirects
2	www.google.co.nz	beforeitsnews.com
2	sync.e-volution.ai	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	creativecdn.com	2 redirects
2	s.adtelligent.com	cm.mgid.com s.adtelligent.com
2	cdn.mgid.com	beforeitsnews.com
2	c.mgid.com	jsc.mgid.com beforeitsnews.com
2	customads.co	cdn2.customads.co
2	rddywd.com	beforeitsnews.com
2	m.beforeitsnews.com	beforeitsnews.com
2	img.youtube.com	beforeitsnews.com
2	www.jamesredpillsamerica.com	beforeitsnews.com
2	www.googletagmanager.com	beforeitsnews.com static.tradingview.com
1	a1.beforeitsnews.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	cm-supply-web.gammaplatform.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	dps.jp.cinarra.com	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	cm.ambientdsp.com	1 redirects
1	gocm.c.appier.net	1 redirects
1	tg.socdm.com	1 redirects
1	px.ads.linkedin.com	eus.rubiconproject.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	tags.rd.linksynergy.com	1 redirects
1	cms.quantserve.com	1 redirects
1	sync.console.adtarget.com.tr	1 redirects
1	cm.adform.net	s.console.adtarget.com.tr
1	cs.spotimmedia.com	onetag-sys.com
1	sync.spotim.market	s.adtelligent.com
1	vid.vidoomy.com	s.adtelligent.com
1	a4p.adpartner.pro	1 redirects
1	de.tynt.com	s.adtelligent.com
1	ic.tynt.com	1 redirects
1	s.console.adtarget.com.tr	s.adtelligent.com
1	ads.us.e-planning.net	s.adtelligent.com
1	cs.admanmedia.com	beforeitsnews.com
1	match.sharethrough.com	beforeitsnews.com
1	sync.inmobi.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	pool.admedo.com	1 redirects
1	cm.idealmedia.io	beforeitsnews.com
1	cdn.id5-sync.com	jsc.mgid.com
1	www.tradingview-widget.com	static.tradingview.com
1	s.tradingview.com	s3.tradingview.com
1	ajax.beforeitsnews.com	beforeitsnews.com
1	www.ournewearthnews.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	cdn2.customads.co	beforeitsnews.com
1	iili.io	beforeitsnews.com
1	pexoenne.site	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
0	cs.nex8.net Failed	us-u.openx.net
399	142

This site contains links to these domains. Also see Links.

Domain
www.herbanomics.com
www.tradingview.com
forum.beforeitsnews.com
www.youtube.com
widgets.mgid.com
www.mgid.com
brainberries.co
traitslab.com
herbeauty.co
telegram.org
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-14` - `2023-05-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.tradingview.com Amazon	`2023-01-10` - `2024-02-08`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.pexoenne.site GTS CA 1P5	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
sp.rmbl.ws R3	`2023-01-27` - `2023-04-27`	3 months	crt.sh
static-3.bitchute.com R3	`2023-01-16` - `2023-04-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
cdn2.customads.co R3	`2023-01-06` - `2023-04-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
autodiscover.ournewearthnews.com R3	`2022-12-23` - `2023-03-23`	3 months	crt.sh
tradingview.com Amazon	`2022-04-09` - `2023-05-08`	a year	crt.sh
static.tradingview.com Amazon	`2022-06-23` - `2023-07-22`	a year	crt.sh
customads.co GTS CA 1D4	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.tradingview-widget.com Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-01-27` - `2023-04-27`	3 months	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2022-04-21` - `2023-05-23`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.co.nz GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
ads.us.e-planning.net R3	`2022-12-19` - `2023-03-19`	3 months	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2023-01-23` - `2023-04-23`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-01-24` - `2023-04-24`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-27` - `2023-03-22`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.spotimmedia.com Amazon	`2022-06-20` - `2023-07-19`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
events-ssc.33across.com GTS CA 1D4	`2023-01-10` - `2023-04-10`	3 months	crt.sh
sync-dsp.ad-m.asia GlobalSign GCC R3 DV TLS CA 2020	`2022-07-21` - `2023-08-22`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.jp.cinarra.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-14` - `2023-06-13`	a year	crt.sh
*.ctnsnet.com DigiCert SHA2 Secure Server CA	`2022-09-27` - `2023-03-08`	5 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.iprom.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
*.rumble.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-12` - `2023-12-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 49 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: A643F427B25BD848B7284B9DF7FD36AD
Requests: 164 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20230313
Frame ID: 2D1C0606D8E9BE892BF958AD007059BC
Requests: 4 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: 0A69972545C7A550D76124A036AA8D79
Requests: 55 HTTP requests in this frame

Frame: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 0DC101C6CC3A9FB2F3FFF05E6C694E29
Requests: 2 HTTP requests in this frame

Frame: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: A1C538F13BDAE85CFEF518E9D08D1548
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1675136183612692727546
Frame ID: 7452107A5095597B3EEA5F58188AD8EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html
Frame ID: CF27C47B3875D748996807877951CC16
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=754484
Frame ID: 0FAA74D29E65BAEE543AD6C642B1F60B
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 63A5F9ED1BE9BDBEC01AA9B1BAC10DC3
Requests: 15 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: C58486C0B0125EDA9B935D0415DA432D
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 2709316490007525CCB6743DE4FA3719
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: E151C5017F1CF27810251DEA62ADF8C8
Requests: 12 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 95CC534170C402A1360A3CF435B6ED51
Requests: 5 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=064111dd-b008-476e-98ef-ba6bdce3fb85&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0
Frame ID: 14A5EC410613C1016A245ABC2FAC44F2
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: EBE29A5BFDCFA663D4476B3BBB3AA6E9
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 244242707AB01D9E5FA042F52BB052B5
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 0F73634434A862B03CF02791B5394EFB
Requests: 15 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 978841F0D977602E06A61F72152491A5
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=-1&gdpr_consent=
Frame ID: F6ECCB66D2B1FBB88D3BF8BDA652C437
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7c3663d8-8cba-4900-a91b-09764c4657e7&gdpr=-1&gdpr_consent=
Frame ID: 86B122ED77FDB4B60B1AF09640E2615C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9iMuwADc-a34QAF&gdpr=1&gdpr_consent=&_test=Y9iMuwADc-a34QAF
Frame ID: F0C38CB3BB524A3CBCB4C214F19831F0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6606910694558905850&gdpr=-1&gdpr_consent=
Frame ID: B67B5962D5B9A9457CF2BCAA512CCE53
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NRy3yztMsZIuTbXEMxj-kDAa4pEuGreXYBx84aTi
Frame ID: F00C7B16D91DF761F9D6264AD6E790D6
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373
Frame ID: 461BBA6DD7FE95FDBABB6DEF2E4C11BF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: AAB666CC261E4363378DB56B19D64BFD
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 1BD1343C554A45D8202D32A497961F5A
Requests: 12 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 611FED91D837427F02DB9CE1D12C09E4
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: BC643F9D40FFAEA61333B98521955944
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 04F7C39A217BEEE0FEEB1E0D32FC788D
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 94B07AD91B692129B36EC707B50DB4FA
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 056CC260836652B0947A35ECB789A555
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=C6AC924B-76DE-4DAF-A941-E29B4ABB6373
Frame ID: 69FEF3AA3DA48F95E2BD52C2268CD1DD
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: D444C5687FFA5E52F947D99A27934C35
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: D25543B06E1B611B5629C21C8E5FC2DD
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 10BD970C979A250234A299173E2AC152
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: E5969E994063D06582D140BA277FBAFB
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: BECC00EDC63630900604A87752614456
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 22D5372BAAC2CF7B2C43B731E7E2CCC2
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 3359A30DD211B42481DEB78ACD51765C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3EE1A942CA7536DF2D0F63EF352ACB82
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 868063E7C8B95549E7896985842AB7DB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: A0981B02E4254536BE670E389D82C984
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/m?cdsp=712807&c=C6AC924B-76DE-4DAF-A941-E29B4ABB6373
Frame ID: 65CFC45042E4D23A2BE0D7969384AF5E
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373
Frame ID: 9F895F4C04C0A060378BBEFE8C48EC10
Requests: 1 HTTP requests in this frame

Frame: https://rumble.com/embed/v255cg0/?pub=hw409
Frame ID: 008F305691C1E88CCCEEA8E384BFB583
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EjHMiAr4Spc
Frame ID: 4107A789DA46AC00D49C16A2FC5A26E1
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/yYXGE0gHkP8
Frame ID: DAEE2654C30DDD7D0E71F5E39C664B3B
Requests: 19 HTTP requests in this frame

Frame: data://truncated
Frame ID: 591B6A6777C1C7DBA230F11C68A2451B
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 92B350396EE2F06851FA557A3E03CEE2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before It's News | People Powered News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

399
Requests

81 %
HTTPS

0 %
IPv6

93
Domains

142
Subdomains

89
IPs

11
Countries

7925 kB
Transfer

20690 kB
Size

146
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Ticker Tape

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720413

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/6-oldest-recorded-twins-in-the-world/

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/top-10-most-beautiful-lebanese-women/

Search URL Search Domain Scan URL

URL: https://traitslab.com/celebrities/20-craziest-photos-of-womens-sports/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/10-most-expensive-liquids-in-the-world/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/entertainment/10-reasons-to-love-selena-gomez/

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720415

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/fashion/how-to-style-a-skirt-this-summer/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 175

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=QJ0V0yJGouqO00Gfdrsf&pi=mgid&tc=1

Request Chain 176

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmgid%26bsw_param%3D32151c6c-50c2-428d-afeb-7fcb5cbac3e1&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=7c3663d8-8cba-4900-a91b-09764c4657e7&expires=30&ssp=mgid&bsw_param=32151c6c-50c2-428d-afeb-7fcb5cbac3e1&gdpr=&gdpr_consent= HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&gdpr=&consentData=&uspString=

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjB1bjUwSVdyekFq&muidn=n0un50IWrzAj HTTP 302
https://cm.mgid.com/google?muidn=n0un50IWrzAj&google_ula={guid},5&google_gid=CAESECXEDzJ3psk7-lor9hW7IEw&google_cver=1

Request Chain 179

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=-1&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=-1&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=&piggybackCookie=485870385321057896 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=&ssp=pubmatic&bsw_param=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 180

https://pixel.rubiconproject.com/exchange/sync.php?p=mgid HTTP 302
https://cm.mgid.com/m?cdsp=43070&c=LDJOU1FZ-C-CKLW

Request Chain 181

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=c04d8023-7bbf-4b1c-bc07-ebe93afc02a7

Request Chain 182

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=n0un50IWrzAj HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=895821915120113776&gdpr=0&gdpr_consent= HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 183

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=fd1b046a-fd2d-49d9-baec-eb0476726ada

Request Chain 184

https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A HTTP 302
https://cm.mgid.com/m?cdsp=718337&c=ID5-ac2azdvNZo06tRV8dEt04iTwaOrtiNtVAaWkI7M_zA

Request Chain 185

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&ttl=1677728187

Request Chain 186

https://x.bidswitch.net/sync?dsp_id=303&user_id=n0un50IWrzAj HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

Request Chain 204

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP 307
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X

Request Chain 205

https://csync.loopme.me/?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=064111dd-b008-476e-98ef-ba6bdce3fb85&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0

Request Chain 207

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=GE4YBLZHfXB-6asCQSiub7ge

Request Chain 208

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5f58e29d-7533-46d3-ac97-d69baf9909be

Request Chain 209

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=6606910694558905850

Request Chain 210

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=fd1b046a-fd2d-49d9-baec-eb0476726ada

Request Chain 211

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6606910694558905850

Request Chain 213

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=e4dc875f-1945-4035-a9f9-885b3c6002d4

Request Chain 214

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
https://cm.mgid.com/m?cdsp=617666&c=dae4ba08a6a7a0b4

Request Chain 217

https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy= HTTP 302
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}

Request Chain 220

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=e88c63d8-8cba-4500-883f-f6f47ff4b84c&gdpr=1&gdpr_consent=

Request Chain 222

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6606910694558905850

Request Chain 224

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhgXlsesH3VGDdK7XRBIcVOgqJKcULSZwkg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhgXlsesH3VGDdK7XRBIcVOgqJKcULSZwkg&google_tc=

Request Chain 226

https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
https://id.rlcdn.com/1000.gif?memo=COy5KxoNCLqZ4p4GEgUI6AcQAEIASgA

Request Chain 227

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WU_S9nTzAFCAgf84H8AsQDc10WXrIYeTRDNPRmd1NhQ

Request Chain 229

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc= HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJRKMPwR7EEmr-ixbb3xdyo&google_cver=1

Request Chain 231

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=

Request Chain 234

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=86fa63d8-8cba-4400-baa5-296f0e90d337&gdpr=1&gdpr_consent=

Request Chain 236

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6606910694558905850

Request Chain 237

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhgXlses940mk9eDj9ddUJjbMUyT7SeWqPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhgXlses940mk9eDj9ddUJjbMUyT7SeWqPA&google_tc=

Request Chain 239

https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
https://onetag-sys.com/match/?int_id=110&uid=

Request Chain 240

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WU_S9nTzAFCAgf84H8AsQDc10WXrIYeTRDNPRmd1NhQ

Request Chain 242

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc= HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELKHcGeXaPnKmD8V5QpWasc&google_cver=1

Request Chain 244

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=

Request Chain 253

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=fd98892b461e2f25

Request Chain 254

https://c1.adform.net/serving/cookie/match?party=14&cid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=-1&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=-1&gdpr_consent=

Request Chain 255

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=-1&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7c3663d8-8cba-4900-a91b-09764c4657e7&gdpr=-1&gdpr_consent=

Request Chain 256

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y9iMuwADc-a34QAF HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9iMuwADc-a34QAF&gdpr=1&gdpr_consent=&_test=Y9iMuwADc-a34QAF

Request Chain 257

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=-1&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6606910694558905850&gdpr=-1&gdpr_consent=

Request Chain 258

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=-1&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NRy3yztMsZIuTbXEMxj-kDAa4pEuGreXYBx84aTi

Request Chain 260

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xqySS3beTa-pQeKbSrtjcw%3D%3D&gdpr=-1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xqySS3beTa-pQeKbSrtjcw%3D%3D&gdpr=-1&gdpr_consent=&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=-1&gdpr_consent=

Request Chain 261

https://idsync.rlcdn.com/420486.gif?partner_uid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEM2QUM5MjRCLTc2REUtNERBRi1BOTQxLUUyOUI0QUJCNjM3MxAAGg0IupningYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=7dc6707f1852f38b36927d17dd6b036f773f000ec18b8e5b85a5f3dd3d2bf25b791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3ZGM2NzA3ZjE4NTJmMzhiMzY5MjdkMTdkZDZiMDM2Zjc3M2YwMDBlYzE4YjhlNWI4NWE1ZjNkZDNkMmJmMjViNzkxNDI2YjU0MTdkY2UyMRAAGgwIu5ningYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3ZGM2NzA3ZjE4NTJmMzhiMzY5MjdkMTdkZDZiMDM2Zjc3M2YwMDBlYzE4YjhlNWI4NWE1ZjNkZDNkMmJmMjViNzkxNDI2YjU0MTdkY2UyMRAAGgwIu5ningYSBAgCEABCAEoA&google_gid=CAESEFhmjfwngykPTBQKwZRLZ1w&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=b2e68493-a989-4f62-a6f6-80e6f3197916

Request Chain 262

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&sInitiator=external&gdpr=-1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&sInitiator=external&gdpr=-1&gdpr_consent=

Request Chain 263

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzZBQzkyNEItNzZERS00REFGLUE5NDEtRTI5QjRBQkI2Mzcz&gdpr=-1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzZBQzkyNEItNzZERS00REFGLUE5NDEtRTI5QjRBQkI2Mzcz&gdpr=-1&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=

Request Chain 264

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=-1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=-1&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=CAESEFWc-jhVdkhkYkjAl-azOvM&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=156cf52a-7cdb-42a3-b19c-899f9fe440a5&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 267

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=-1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=-1&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=

Request Chain 268

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&redir=true&gdpr=-1&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xguQVyVE2uWp6blkkfFvBESLbhZkUOs-~A

Request Chain 269

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Request Chain 270

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1675136186536.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D

Request Chain 271

https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=93&user_id=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4 HTTP 302
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&ts=1675136188&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 272

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1675136186536.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=7c3663d8-8cba-4900-a91b-09764c4657e7

Request Chain 273

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a%26partner_url%3Dhttps%253A%252F%252Fssc-cms.33across.com%252Fps%252F%253Fus_privacy%253D%2526xi%253D45%2526xu%253D45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a%26partner_url%3Dhttps%253A%252F%252Fssc-cms.33across.com%252Fps%252F%253Fus_privacy%253D%2526xi%253D45%2526xu%253D45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a&ct=y HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a HTTP 302
https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a HTTP 302
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a&ts=1675136190&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 274

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1675136186536.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6606910694558905850

Request Chain 277

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LDJOU1FZ-C-CKLW HTTP 302
https://ssc-cms.33across.com/ps/?xi=1&xu=LDJOU1FZ-C-CKLW HTTP 302
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LDJOU1FZ-C-CKLW&ts=1675136189&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 278

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=&expires=30

Request Chain 279

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFqwztcqeXXeganxIBMmRK0&google_cver=1

Request Chain 280

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDJOU1FZ-C-CKLW

Request Chain 281

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4EBGf3xWQtq5j-cZg9eVhA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4EBGf3xWQtq5j-cZg9eVhA

Request Chain 282

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERKT1UxRlotQy1DS0xX

Request Chain 283

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/GB4PGtKHU22WJ5DSOcnKWw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Ju7e18pE2oKcM124mZRT33VFhV8CLycnQE1ZyQ--~A

Request Chain 284

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MVkCYvdwQTmgjsl3lD2Rrw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MVkCYvdwQTmgjsl3lD2Rrw

Request Chain 285

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MThiZTljMGU4YTY4MmY1NzVjNGNiMTk1YTJiMzBmYTM5MDdkZjMwMw

Request Chain 289

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=AlSCrAlcyvIkAQT5biL64w==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 291

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=7c3663d8-8cba-4900-a91b-09764c4657e7

Request Chain 292

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4598912905776494910&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 293

https://match.adsrvr.org/track/cmf/openx?oxid=dd020890-a0da-73dc-c275-484ebd3bc059&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&ttd_puid=dd020890-a0da-73dc-c275-484ebd3bc059&gdpr=0&gdpr_consent=

Request Chain 294

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y9iMvcCo8XoAAOgo348AAAAA

Request Chain 295

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVJFKt4d1ME3ks8ADzLRnTi-gc8AAAGGBeXESg

Request Chain 297

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHngo-JrpWCyz8losLHILkk&google_cver=1

Request Chain 298

https://gocm.c.appier.net/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=n-3UQaRXAsWwZMrJvYzYYw HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 299

https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=yrvq14w8a9c HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 301

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_LpH0qPbR29prc8KNQEzbHRaSsU HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 305

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=50379f1660fe448bb5c90baa64a9e7b8 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 306

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IskLff5q1PmHrD5&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 307

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1675136189619 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8058945472 HTTP 302
https://sync.1rx.io/usersync/tradedesk/088324df-d3e2-4a3d-a5c0-5a3d297a3d21 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-17c86d59-6b26-471b-b698-84c8cebeeae6-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-17c86d59-6b26-471b-b698-84c8cebeeae6-004 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-17c86d59-6b26-471b-b698-84c8cebeeae6-004 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 308

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=mocgiupxdyq5 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 311

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 313

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 314

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8DE98068BAA84AEAAEA6A94BD41E9AD6&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3DC6AC924B-76DE-4DAF-A941-E29B4ABB6373 HTTP 302
https://cm.mgid.com/m?cdsp=712807&c=C6AC924B-76DE-4DAF-A941-E29B4ABB6373

Request Chain 316

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=0&gdpr_consent=&ct=y

Request Chain 317

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C6AC924B-76DE-4DAF-A941-E29B4ABB6373 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C6AC924B-76DE-4DAF-A941-E29B4ABB6373 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=123c4593-b4f6-44f6-b6e2-8f326c656999%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&ttd_puid=123c4593-b4f6-44f6-b6e2-8f326c656999%2C%2C

Request Chain 318

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=53a6f2b7a5cf2268&is_secure=true&networkId=17100&version=1&nuid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJrmXGWxksPwNK78EsAAAAAAA&expiration=1675222589&nuid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 319

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4526855311738566974&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 320

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6606910694558905850 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

399 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
beforeitsnews.com/ 125 KB
25 KB 994ms
747ms Document
text/html 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb7a524cd9d970f7fd2f5e9599f3bcb3b5fb9c641b1f92c372a30cdd83911ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-allow-origin: *
access-control-max-age: 3628800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 791f66f56e73ee92-AKL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 31 Jan 2023 03:36:18 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 qG8xE-Uz7lAm-63-NWifn0DDLXk.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 199ms
196ms Script
application/javascript 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/qG8xE-Uz7lAm-63-NWifn0DDLXk.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2703952e60425a622517c94e25a8de3f8cde240112f72f14eb39656ead0d93a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
x-amz-version-id: 94SU4Ibl7dVF7Yg_xi3TUasy2zB9jC2D
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: 5W1H5VYX2GXMNMQ5
age: 985872
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: PsIYokTqfEdiLP2RO/QMSf+/+afZWVx+EZoV84nSGlg8qO+KF7/oiyYE+xoa3y2j8R8TSH/UKRo=
last-modified: Thu, 19 Jan 2023 16:59:57 GMT
server: cloudflare
etag: W/"9e77659ed104536aed1b88124c0fce65"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 791f66fa1c5eee92-AKL

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1012 B 828ms
279ms Stylesheet
text/css 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

968223d9a08ecd504af62126c91de12e96fe95e2a3c00853d9b1a268dd6af653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 03:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 03:36:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 03:36:18 GMT

GET
H2 200 global-bin-rev-202301301.css
beforeitsnews.com/static/css-v3/ 16 KB
4 KB 197ms
195ms Stylesheet
text/css 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-202301301.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a194ace54f5bfe33571be8873a85b98bfa9f7e7b7e9afc9e6fd9a354b23dd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 110771
cf-polished: origSize=16027
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 29 Jan 2023 20:47:27 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63d6db5f-3e9b"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 791f66fa1c60ee92-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 05 Feb 2023 20:47:52 GMT

GET
H2 200 fancybox-bin-rev-202301301.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 143ms
140ms Stylesheet
text/css 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-202301301.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 110771
cf-polished: origSize=8029
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 29 Jan 2023 20:47:27 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63d6db5f-1f5d"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 791f66fa1c62ee92-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 05 Feb 2023 20:47:52 GMT

GET
H2 200 home-bin-rev-202301301.css
beforeitsnews.com/static/css-v3/ 29 KB
7 KB 144ms
142ms Stylesheet
text/css 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-202301301.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 110771
cf-polished: origSize=29354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 29 Jan 2023 20:47:27 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63d6db5f-72aa"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 791f66fa1c68ee92-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 05 Feb 2023 20:48:30 GMT

GET
H2 200 responsive-bin-rev-202301301.css
beforeitsnews.com/static/css-v3/ 20 KB
4 KB 153ms
151ms Stylesheet
text/css 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-202301301.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ee5811c76d7723bfd84473090c1a356eaaf8e383d33dfc592275a375c9197fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 110771
cf-polished: origSize=21003
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 29 Jan 2023 20:47:27 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63d6db5f-520b"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 791f66fa1c6bee92-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 05 Feb 2023 20:47:52 GMT

GET
H2 200 web-responsive-bin-rev-202301301.css
beforeitsnews.com/static/css-v3/ 371 B
227 B 197ms
195ms Stylesheet
text/css 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/web-responsive-bin-rev-202301301.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 110771
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 29 Jan 2023 20:47:27 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63d6db5f-173"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 791f66fa1c6eee92-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 05 Feb 2023 20:47:52 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
57 KB 156ms
154ms Script
application/javascript 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1189368
cf-polished: origSize=149701
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
cf-bgj: minify
server: cloudflare
etag: W/"5fe55cb3-248c5"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 791f66fa1c6fee92-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:01 GMT

GET
H2 200 global-bin-rev-202301301.js Show response
beforeitsnews.com/static/js-v3/ 12 KB
4 KB 158ms
157ms Script
application/javascript 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-202301301.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 110771
cf-polished: origSize=12613
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 29 Jan 2023 20:46:49 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63d6db39-3145"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private, max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 791f66fa1c71ee92-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 05 Feb 2023 20:47:52 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 165ms
160ms Image
image/webp 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 364155
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-8ab"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f66fda8e0ee92-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 24 Jan 2024 08:21:50 GMT

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 805ms
256ms Script
text/javascript 13.224.250.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-27.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f297139122eae436f4821d0b6ca590c1d0119f900cf1e6fa93dbc355f92250e0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 10:47:37 GMT
via: 1.1 f89fcc37b128414167e80016d2f77972.cloudfront.net (CloudFront)
last-modified: Mon, 30 Jan 2023 10:47:27 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 60523
etag: "e0987380ac0fca8478a5d4aaed9fa286"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 11138
x-amz-cf-id: DoylewxR8o8z2Mvob1k-TG5WNsiWfyq19LEwBqMIWt2muxYTvgY7yQ==

GET
H3 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 146ms
145ms Image
image/webp 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed1b3057133066e90a0d34d9b7969f9e078a55a6d8798189f6f207fde7cf3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1235758
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-95e7"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f66ff5c221c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 12 Jan 2024 18:56:08 GMT

GET
H3 200 ads.png
img.beforeitsnews.com/img/v3/ 68 B
585 B 253ms
252ms Image
image/webp 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 982343
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-5f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f66ff6c381c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 18 Jan 2024 16:48:32 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/DGMnpUHoUCc/ 16 KB
16 KB 1343ms
342ms Image
image/jpeg 142.251.10.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/DGMnpUHoUCc/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f119.1e100.net

Software

sffe /

Resource Hash

fc364ee65e0bda411208a30fab628586d1456f6206616124ffd6d218dde441b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16111
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Jan 2023 05:36:20 GMT

GET
H2 200 beforeitsnews.com.720413.js Show response
jsc.mgid.com/b/e/ 3 KB
1 KB 402ms
158ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76d2bd4832614d4ac0742c3cbc98065f3e9296443ec4e89327ebbdf6ed8ea1aa

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
x-amz-version-id: VQGMrDuqXo0RZbUb1N1fgJlDaEkmxgTW
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 06BKHYFKGWCZ7VA1
age: 4311
cf-polished: origSize=2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: hmEnSlTA7pnTghcYd+26QVkUCG7jiWz+MIqQ1FBGj+xvJWSUclUqvikPrxranJn8TJ8oTzMlloI=
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 10:08:11 GMT
server: cloudflare
etag: W/"a793db109920f959e48eddd1e04eb508"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 791f6700ee68ee9e-AKL
expires: Tue, 31 Jan 2023 06:36:19 GMT

GET
H2 200 beforeitsnews.com.720415.js Show response
jsc.mgid.com/b/e/ 3 KB
2 KB 388ms
144ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b2c8d414700933213b9eb6361fbd2ed548aedc9ba2629fb51d220d29c77c115

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
x-amz-version-id: 8P9S6h3niTa1v3X3YxhHEwebItRzhkYy
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: QVEK5ZCD4E28CJN1
age: 605
cf-polished: origSize=2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: m+pCjxGXELR5NiVJa61Q0z1xNXu9QtOQcBVe5Zpgy3zG1L3czW+lhNNrTmeLJoCOLiBPSgCl60Q=
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 10:08:28 GMT
server: cloudflare
etag: W/"bcc6f60d7986c9967ab5feebc06881cc"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 791f6700ee6aee9e-AKL
expires: Tue, 31 Jan 2023 06:36:19 GMT

GET
H3 200 tabs-bin-rev-202301301.js Show response
beforeitsnews.com/static/js-v3/ 148 B
630 B 141ms
141ms Script
application/javascript 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-202301301.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 110770
cf-polished: origSize=189
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 29 Jan 2023 20:46:53 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63d6db3d-bd"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private, max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 791f66fbeccc1c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 05 Feb 2023 20:47:53 GMT

GET
H3 200 jsDeferParsing-bin-rev-202301301.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 137ms
137ms Script
application/javascript 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202301301.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f3eba1194c88bed5aea71a0e612cac14a5f13af4b072395d3327a462a050325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 110770
cf-polished: origSize=6187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 29 Jan 2023 20:46:51 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63d6db3b-182b"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private, max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 791f66fcce961c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 05 Feb 2023 20:47:53 GMT

GET
H2 200 12098 Show response
pexoenne.site/easylist/ 202 KB
42 KB 997ms
682ms Script
text/javascript 172.67.178.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pexoenne.site/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5d6533cc6507f59277611b3ec319f9953fdd9f39ec6562640fb647cac4ee1f1

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65362d99ff806db70b2813b82cfd71eeff619e32"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWt0z2dXb6Vm%2FyX3OXWIANkhFe%2FS5uA5z3BR7fc%2FQiHnbPP9EHwlpUPCyui3lKg7bTR4bftB7cHP1wBynff28c6ybwQJyel1xAUgmfS3PT0N5gTkKTPs2K66714fgNw7"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 791f6701687ba89b-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Uiolm44N3-FK93fQ9weJdchLqeU.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 252ms
251ms Script
application/javascript 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/Uiolm44N3-FK93fQ9weJdchLqeU.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/qG8xE-Uz7lAm-63-NWifn0DDLXk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a20b7d1ce9191eb91e7865d5792d5464ce35f112fda577d96eba93c719cd29ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
x-amz-version-id: INAQVQuYD4x4auwQtLst8_JfYhfaAD6x
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: 5W1XXX8SNQAF7RRG
age: 985873
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: e76/+6vuSnhscTGPdZHO7kxDv9zAz2hOHt7V4H8RoLtb8oWpwF8xyI4SW7vAdTigYRou9z/kvW0=
last-modified: Thu, 19 Jan 2023 16:59:57 GMT
server: cloudflare
etag: W/"a3b984d3941a206295ddc0b5932078dd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 791f66ff6c411c53-AKL

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
45 KB 834ms
279ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

37fb772b3006671ad34131440d74acc325c72c629d4322d43b4d7752e1fb7422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45758
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Jan 2023 03:36:21 GMT

GET
H3 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
632 B 242ms
242ms Image
image/webp 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202301301.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202301301.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1189368
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-a4"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f66ff7c691c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:01 GMT

GET
H3 200 search.png
beforeitsnews.com/img/b4in/ 686 B
1 KB 243ms
243ms Image
image/webp 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202301301.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202301301.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1189368
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-325"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f66ff7c6b1c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 12 Jan 2024 17:24:40 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 1269ms
272ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 08:46:25 GMT
x-content-type-options: nosniff
age: 67795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 08:46:25 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v14/ 15 KB
15 KB 1310ms
313ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v14/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 21:49:15 GMT
x-content-type-options: nosniff
age: 280025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15104
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 21:49:15 GMT

GET
H2 200 U1h_h.oq1b-small-SITUATION-UPDATE-13023.jpg
sp.rmbl.ws/fw/s8/1/U/1/h/_/ 31 KB
31 KB 875ms
424ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/fw/s8/1/U/1/h/_/U1h_h.oq1b-small-SITUATION-UPDATE-13023.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 9a80ffe6a1148d46499fc36fe3038660e65abdc0a855d19175f43ed230c9bede

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
last-modified: Mon, 30 Jan 2023 22:29:49 GMT
etag: "bcc8bd328ac8eb77868fe8f505f7854e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 31354

GET
H2 200 79cs0f.jpg
i.imgflip.com/ 60 KB
60 KB 387ms
141ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/79cs0f.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 621102dfaff08df0016e6e7fe5705131a168361769089e158388ddb515e1fd93

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
cf-cache-status: HIT
x-amz-request-id: WRKQ5CXR9T424GMZ
age: 16894
cf-polished: origSize=62066
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61287
x-amz-id-2: qSbJPjZVND37GYYwLbntjCtKq+RrlcrtevFfMILLeif6XxnN5Jen7YHVAKilhnhYoPUcpVlmK6Y=
cf-bgj: imgq:100,h2pri
last-modified: Mon, 30 Jan 2023 22:47:48 GMT
server: cloudflare
etag: "543a33d63f74bd272bd52859d09ecaf8"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 791f67015a0d1c5d-AKL
expires: Fri, 28 Jan 2033 03:36:19 GMT

GET
H2 200 Yqm_h.oq1b.2-small-Ep.-2985b-DS-Covering-Up-Bi.jpg
sp.rmbl.ws/fw/s8/1/Y/q/m/_/ 50 KB
51 KB 595ms
144ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/fw/s8/1/Y/q/m/_/Yqm_h.oq1b.2-small-Ep.-2985b-DS-Covering-Up-Bi.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 0f9f2b58db56d54a8e8f6aba63e75e33aa19c58fcedd4bbf8602aeddb1d9b746

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
last-modified: Tue, 31 Jan 2023 00:25:33 GMT
etag: "73c55af0a2f30e12229fc65d7daa663a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 51544

GET
H2 200 haS-h.oq1b.jpg
sp.rmbl.ws/fw/s8/6/h/a/S/-/ 9 KB
9 KB 991ms
574ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/fw/s8/6/h/a/S/-/haS-h.oq1b.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7d26554630e4c1de221e4877bc42d91eefa269b7da4f59c99cb2ebff84d33470

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
last-modified: Mon, 30 Jan 2023 09:47:33 GMT
etag: "b47b0dbb3ed56db6626a789cec55afbf"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 9630

GET
H3 200 Copy%20of%20Copy%20of%20Copy%20of%20Green%20and%20White%20Minimalist%20Nature%20Travel%20Vlog%20Youtube%20Thumbnail.jpg
img.beforeitsnews.com/contributor/upload/886595/images/ 27 KB
28 KB 262ms
261ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/886595/images/Copy%20of%20Copy%20of%20Copy%20of%20Green%20and%20White%20Minimalist%20Nature%20Travel%20Vlog%20Youtube%20Thumbnail.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d99c9be202642d5e4b2b019f557e98293ac1247f14003bd67d6dddb5d5af0d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 23660
cf-polished: origSize=30370, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27895
last-modified: Mon, 30 Jan 2023 20:23:41 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63d8274d-76a2"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f6708c8771c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 30 Jan 2024 20:34:07 GMT

GET
H3 200 Copy%20of%20Copy%20of%20Green%20and%20White%20Minimalist%20Nature%20Travel%20Vlog%20Youtube%20Thumbnail(1).jpg
img.beforeitsnews.com/contributor/upload/886595/images/ 50 KB
50 KB 136ms
135ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/886595/images/Copy%20of%20Copy%20of%20Green%20and%20White%20Minimalist%20Nature%20Travel%20Vlog%20Youtube%20Thumbnail(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2680103fe495e1c8fbf6bb2076961cf8cbfce94884ed4af5d7222a1706362e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 222471
cf-polished: origSize=53813, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51053
last-modified: Sat, 28 Jan 2023 13:30:59 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63d52393-d235"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f6708c8791c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 28 Jan 2024 13:33:31 GMT

GET
H2 200 wIf_h.oq1b.2-small-Giant-Hunter-Scandal-Simmer.jpg
sp.rmbl.ws/fw/s8/1/w/I/f/_/ 57 KB
57 KB 144ms
143ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/fw/s8/1/w/I/f/_/wIf_h.oq1b.2-small-Giant-Hunter-Scandal-Simmer.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 6d244c3a001932cb98a9d09bf7b61991903f417f41b3c4ba72757b95b72faa84

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
last-modified: Mon, 30 Jan 2023 21:30:43 GMT
etag: "6ff3daaf14c5c9a25e785a033a5a2d3f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 58709

GET
H3 200 OIP%20(1)(90).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
13 KB 226ms
225ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(90).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a5def112a50a4851378065e3b8c8d5718ea46fb62bc32e04960803605e6b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 984440
cf-polished: origSize=13542, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12521
last-modified: Mon, 13 Sep 2021 00:31:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "613e9bfb-34e6"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f670908d61c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 12 Jan 2024 03:04:56 GMT

GET
H3 200 KXjeKc16gZO61W46nptWmd66_small.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 10 KB
11 KB 226ms
226ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/KXjeKc16gZO61W46nptWmd66_small.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a46105885c5a86da7684c935f2647f6dd95b168d24968484041c704525fbd31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 268589
cf-polished: origSize=10923, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10414
last-modified: Sat, 14 Aug 2021 16:47:10 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6117f38e-2aab"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f670908d71c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 27 Jan 2024 06:40:10 GMT

GET
H2 200 kKc7h.oq1b.2-small-Situation-Update-1242023-Es.jpg
sp.rmbl.ws/s8/1/k/K/c/7/ 36 KB
36 KB 149ms
145ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/k/K/c/7/kKc7h.oq1b.2-small-Situation-Update-1242023-Es.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 83f6f0ff6f18d1d07996d5c81ef5d08270dff8a1e5a377e7bbaaa2e9f11878f1

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
last-modified: Thu, 26 Jan 2023 01:42:47 GMT
etag: "3f0e8167012b4e3fdbcf55c85e3d47a3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 36950

GET
H2 200 VAbMe0gCzpAx_320x180.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 18 KB
19 KB 296ms
296ms Image
image/jpeg 138.199.46.75
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/VAbMe0gCzpAx_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.46.75 , Singapore, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-46-75.bunnyinfra.net

Software

BunnyCDN-SG1-1087 /

Resource Hash

90f8a2925757274095820998715aedb4a44ecb2693c37cee2dd4a22e3a3e464d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 1024
x-amz-request-id: tx00000000000004f05fb03-0063d7c016-21d2756d-nyc3a
cdn-cachedat: 01/30/2023 13:03:18
cdn-pullzone: 89010
content-length: 18665
last-modified: Mon, 30 Jan 2023 12:35:52 GMT
server: BunnyCDN-SG1-1087
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 3925ae93067ee48b9a3cc4ab80ea1d6b
accept-ranges: bytes
cdn-requestcountrycode: NZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 y0k8h.oq1b.2-small-SG-Anon-Stream-1.27.23-The-.jpg
sp.rmbl.ws/s8/1/y/0/k/8/ 28 KB
28 KB 145ms
145ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/y/0/k/8/y0k8h.oq1b.2-small-SG-Anon-Stream-1.27.23-The-.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a5c807a458355b365245808e8120e21f1f14c4ccca0aa8628b9e3cd852bd24fd

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
last-modified: Fri, 27 Jan 2023 07:48:32 GMT
etag: "5d4bb9bc2970abbff79a18e12b5d8e7c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 28574

GET
H3 200 OIP%20(1)(87).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 28 KB
28 KB 186ms
185ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(87).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9d447abcc72abe7d4c47bbef66f0ce21b3a596e9713c650ff7fd84ce9c94986

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 302593
cf-polished: origSize=29997, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28581
last-modified: Sat, 11 Sep 2021 16:33:17 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "613cda4d-752d"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f66ffdd221c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 27 Jan 2024 15:29:02 GMT

GET
H2 200 79d1ej.jpg
i.imgflip.com/ 46 KB
47 KB 511ms
265ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/79d1ej.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d5add779cce664e4f319e2d19523efca6ba8b843263445736a9fadf5dc227d6

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
cf-cache-status: HIT
x-amz-request-id: GJ0G5J7WDG947089
age: 12102
cf-polished: origSize=47674
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47489
x-amz-id-2: Ja3X5y6P2tCwinAQF/9PA+awnYVdNTSd045TzhxMDkaqkKoZ8hWQdkp/OAhAq5tvsW8/6AEuvKA=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2023 00:05:52 GMT
server: cloudflare
etag: "cc3f3213a59c8310552c990add6c445d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 791f67015a121c5d-AKL
expires: Fri, 28 Jan 2033 03:36:19 GMT

GET
H2 200 ElV9h.oq1b.jpg
sp.rmbl.ws/fw/s8/6/E/l/V/9/ 13 KB
13 KB 837ms
386ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/fw/s8/6/E/l/V/9/ElV9h.oq1b.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 6bf8c19e86df162bb8cac54007fe68416c267b46112bd4b8061f666f09af7584

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
last-modified: Sun, 29 Jan 2023 03:16:20 GMT
etag: "c91247c001954e23037856150ae52978"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 12987

GET
H2 200 VTSKl46p3S8m_320x180.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 23 KB
23 KB 1394ms
462ms Image
image/jpeg 138.199.46.75
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/VTSKl46p3S8m_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.46.75 , Singapore, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-46-75.bunnyinfra.net

Software

BunnyCDN-SG1-1087 /

Resource Hash

18bd4c224b539f2b6a48dd6b9a3b797b3cbdfefdfeb4161e4863b2f06bc247a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 981
x-amz-request-id: tx00000000000004ed5dc67-0063d741c3-21d2756d-nyc3a
cdn-cachedat: 01/30/2023 04:04:19
cdn-pullzone: 89010
content-length: 23225
last-modified: Mon, 30 Jan 2023 03:56:55 GMT
server: BunnyCDN-SG1-1087
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 3e421e65c473fc68deeab238dde7729f
accept-ranges: bytes
cdn-requestcountrycode: NZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 OIP%20(2)(129).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 20 KB
20 KB 300ms
299ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(2)(129).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82a94571106e21c6fbbf598a46dfd8b8ddf685764263203a245f701421afdac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 984439
cf-polished: origSize=22656, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20325
last-modified: Tue, 22 Mar 2022 16:57:26 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6239fff6-5880"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f66ffdd261c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 17 Jan 2024 13:00:29 GMT

GET
H2 200 6Sn8h.oq1b.2-small-Derek-Johnson-SHOCKING-This.jpg
sp.rmbl.ws/s8/1/6/S/n/8/ 47 KB
47 KB 858ms
440ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/6/S/n/8/6Sn8h.oq1b.2-small-Derek-Johnson-SHOCKING-This.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: b90f49608405a475e70f1584188847569c6ae875e12579ac2930a8013a80da3a

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
last-modified: Fri, 27 Jan 2023 09:36:25 GMT
etag: "5fb03735cfe77f515d5626b361a0db0b"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 47630

GET
H2 200 TRUMPS-RETURN.jpg
www.jamesredpillsamerica.com/wp-content/uploads/2023/01/ 1 MB
1 MB 973ms
150ms Image
image/jpeg 104.21.14.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jamesredpillsamerica.com/wp-content/uploads/2023/01/TRUMPS-RETURN.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.14.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4621bdd70b2671207f6730e46b084bf3dfde8fa4500600c3e085596e13bc4a

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125169
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1056745
last-modified: Sun, 29 Jan 2023 16:09:28 GMT
server: cloudflare
etag: "63d69a38-101fe9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8T5O9X01V6vuOB%2F2grgCVCIyTu5fG8BP4X03iUJGu4ouIMUkGnTy2GZRieXf26nFWn%2FAYKlbZGiU5984%2Foi%2FdlrOU0xBrF9%2BmG25sHcuJMGEeG%2BqhEO%2FjNxKrNQKtXI1t2kWT6moaU64btBHEqoE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 791f670fa915a8d0-SYD
expires: Mon, 29 Jan 2024 16:50:12 GMT

GET
H2 200 J1wEzZSNWQAO_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 44 KB
44 KB 300ms
299ms Image
image/jpeg 138.199.46.75
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/J1wEzZSNWQAO_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.46.75 , Singapore, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-46-75.bunnyinfra.net

Software

BunnyCDN-SG1-1087 /

Resource Hash

081f3a775da78fb0f0dd654588eab34ddc295bb132ba467c8eee7b29db1a2507

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 749
x-amz-request-id: tx00000000000004ec0c9c5-0063d70864-21d29c43-nyc3a
cdn-cachedat: 01/29/2023 23:59:32
cdn-pullzone: 89010
content-length: 44629
last-modified: Sun, 29 Jan 2023 23:14:17 GMT
server: BunnyCDN-SG1-1087
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 45952edee88b499f315cccbc1730792d
accept-ranges: bytes
cdn-requestcountrycode: NZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 7956ih.jpg
i.imgflip.com/ 70 KB
71 KB 190ms
189ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/7956ih.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc7565898a5fb68b4a99e0e8245c9929179e1cc57400f6264709fc059772f69d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
cf-cache-status: HIT
x-amz-request-id: GCVZKVVKFVWXK6FE
age: 185297
cf-polished: origSize=72513
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72101
x-amz-id-2: BHxErspOvxLkH2u88BInVu3/sAkYhEvkQJJbxBMDyvAXyjB5FyuaK9EQlyMW5fBlWvOohUzaF90=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 29 Jan 2023 00:01:58 GMT
server: cloudflare
etag: "60466ef56afd12fd19423a12d2b6c682"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 791f670a7e5b1c5d-AKL
expires: Fri, 28 Jan 2033 03:36:20 GMT

GET
H2 200 798map.jpg
i.imgflip.com/ 76 KB
77 KB 145ms
144ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/798map.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1c665a48935e569faa4ef79acead93d56282e86f16e3947229ed0530a9b4efb

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
cf-cache-status: HIT
x-amz-request-id: YY5NDAQ03Z0GGBZ6
age: 95008
cf-polished: origSize=78586
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78199
x-amz-id-2: cATkXHIspQxwucqWLiCrzksWwspblhalLdz+LlfjA0uEW1Lwcl7ZzdHNujYP5qZqE7TTXVaeABY=
cf-bgj: imgq:100,h2pri
last-modified: Mon, 30 Jan 2023 01:09:49 GMT
server: cloudflare
etag: "9750f4952ed572f2daaaaa9e24cc7cc3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 791f670a7e611c5d-AKL
expires: Fri, 28 Jan 2033 03:36:20 GMT

GET
H2 200 79dccg.jpg
i.imgflip.com/ 57 KB
57 KB 162ms
162ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/79dccg.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93b57f76f3d1a80a33364a661335bf34b1b7384096d336d8ceca0b0a1a61898f

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
cf-cache-status: HIT
x-amz-request-id: Q7ETM2DJKGAJS6V5
age: 6188
cf-polished: origSize=58420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58212
x-amz-id-2: W/OBrUOGM2RqEu3msjgze/uxO4MrTd8cqxzV5kibFEfgSFY07BtIYhbhHNhER4XbPMd6L+SkEUw=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2023 01:50:31 GMT
server: cloudflare
etag: "73cabd54221c269fb4b5263911b21a1a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 791f670b1f971c5d-AKL
expires: Fri, 28 Jan 2033 03:36:21 GMT

GET
H2 200 ayeH2XlSRreb_640x360.jpg
static-3.bitchute.com/live/cover_images/n9FFMiBGAJDh/ 37 KB
38 KB 306ms
305ms Image
image/jpeg 138.199.46.75
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n9FFMiBGAJDh/ayeH2XlSRreb_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.46.75 , Singapore, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-46-75.bunnyinfra.net

Software

BunnyCDN-SG1-1087 /

Resource Hash

1203270d5f5d2060abe9b8741ad7fc4fec12e40db681ae916f3ed4b19e6992ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 867
x-amz-request-id: tx00000000000001b96100f-0063d70018-2c2c0512-nyc3a
cdn-cachedat: 01/29/2023 23:24:09
cdn-pullzone: 89010
content-length: 38102
last-modified: Thu, 12 Jan 2023 17:34:50 GMT
server: BunnyCDN-SG1-1087
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 40a68992c94d65428927bee2a3058e9e
accept-ranges: bytes
cdn-requestcountrycode: NZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 77posx.jpg
i.imgflip.com/ 72 KB
73 KB 136ms
135ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/77posx.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2523c13014e41785ad9af2c2a9892272cd99fd290a0bdca036ae43a5a7ff48f

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
cf-cache-status: HIT
x-amz-request-id: DHM6NKFM1R2GMNW7
age: 1219127
cf-polished: origSize=74321
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73928
x-amz-id-2: SDxPNJrwYTD3Toc3geHx3S+3mkOdXs/5NTWCNLADq9QFuTdJO+2tIC9F7nFDcymgz8Zcfo8zSuk=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 17 Jan 2023 00:52:19 GMT
server: cloudflare
etag: "69e650798f3bb713677aa42168e7d865"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 791f670bda871c5a-AKL
expires: Fri, 28 Jan 2033 03:36:21 GMT

GET
H3 200 logo_1_wg5s9f.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 70 KB
70 KB 157ms
157ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/logo_1_wg5s9f.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e39fbaf69594ed7df217d88b6e405c5c6497269f6a5becc04e6ca8078a57d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 985368
cf-polished: origSize=76041, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71384
last-modified: Tue, 22 Feb 2022 21:16:35 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "621552b3-12909"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f670c18691c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 04 Jan 2024 21:02:51 GMT

GET
H3 200 1%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20photo_2023-01-29_02-21-25.jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 18 KB
19 KB 143ms
142ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/1%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20photo_2023-01-29_02-21-25.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da445f75f00cf68c3907ecf1546f65491093e94b8ba6d0e4e2a6c9d9970162c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 47054
cf-polished: origSize=20111, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18834
last-modified: Mon, 30 Jan 2023 14:04:45 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63d7ce7d-4e8f"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f670c58e31c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 30 Jan 2024 14:15:47 GMT

GET
H2 200 G1D9h.oq1b.2-small-FOC-Show-Dr.-Bryan-Ardis-Dr.jpg
sp.rmbl.ws/fw/s8/1/G/1/D/9/ 43 KB
44 KB 145ms
144ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/fw/s8/1/G/1/D/9/G1D9h.oq1b.2-small-FOC-Show-Dr.-Bryan-Ardis-Dr.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 1fd6e71deba74429cc0cf0d92b1d1dce528999ad70cab50af7becd3f51aa66ae

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
last-modified: Sat, 28 Jan 2023 18:39:26 GMT
etag: "2292533ba8a5278a9be7ed88b1b19f7b"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 44518

GET
H2 200 vLwnKDKIP6x5_320x180.jpg
static-3.bitchute.com/live/cover_images/jcOs2EA1BUJH/ 19 KB
20 KB 258ms
258ms Image
image/jpeg 138.199.46.75
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/jcOs2EA1BUJH/vLwnKDKIP6x5_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.46.75 , Singapore, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-46-75.bunnyinfra.net

Software

BunnyCDN-SG1-1087 /

Resource Hash

0079d8d288d7e5ef50e36ee74007f2cb14587d0c6ec5a562a51f1169e93864ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 747
x-amz-request-id: tx00000000000001c04d981-0063d8222a-2c2c0512-nyc3a
cdn-cachedat: 01/30/2023 20:01:47
cdn-pullzone: 89010
content-length: 19632
last-modified: Mon, 30 Jan 2023 18:52:00 GMT
server: BunnyCDN-SG1-1087
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 18a4e45c59d859c69514d108c822cfc9
accept-ranges: bytes
cdn-requestcountrycode: NZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/qpWBlTmW_SY/ 35 KB
35 KB 828ms
278ms Image
image/jpeg 74.125.68.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/qpWBlTmW_SY/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f139.1e100.net

Software

sffe /

Resource Hash

3d79e6d28a26a87e74ff12d499d15e64b7cb391977e4c3b292b893167119295b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35674
x-xss-protection: 0
server: sffe
etag: "1675026032"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Jan 2023 03:41:22 GMT

GET
H2 200 HcXCLg9.jpg
iili.io/ 64 KB
64 KB 482ms
168ms Image
image/jpeg 104.21.235.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/HcXCLg9.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.235.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c683e1ded44f6112b3b438fac52304ce7767dba7b4868e65743d7f027f41c3f2

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 331125
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65301
last-modified: Fri, 20 Jan 2023 23:05:37 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXtHxbeIEvxfL6Bi42LM%2BbbbrfEjzusm8RO%2Ft48up81pDO%2BxvxANCkCnToUNIz9x9SqSaGXLOI0Ua%2BucJQR3IZdItzohZKm3T%2FWczKyaGEOHl8VMGu7Id10K"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 791f670fe862dfa1-MEL
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 79cu5v.jpg
i.imgflip.com/ 63 KB
64 KB 135ms
135ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/79cu5v.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f89021b55a1e5bc2cf6feb86724f463fa3dafe6176330edd4285b47d13253798

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
cf-cache-status: HIT
x-amz-request-id: 3K6AAG5SMSC49F9N
age: 15808
cf-polished: origSize=65169
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64847
x-amz-id-2: aBZ5XzMgmRYfDBUR4DTLICTWHUTQe2DWcuz3Brw3NjIjGuOlEctkytOB7XluRvOGk4zMgvf5qQw=
cf-bgj: imgq:100,h2pri
last-modified: Mon, 30 Jan 2023 23:04:39 GMT
server: cloudflare
etag: "b120b80b40d18dfe75dc5c2393be64e3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 791f670e1fcc1c5a-AKL
expires: Fri, 28 Jan 2033 03:36:21 GMT

GET
H3 200 OIP%20(3)(61).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 26 KB
27 KB 142ms
141ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(3)(61).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eca1d35f3411e618bf4da24ffabeb298f0dcb7b729255a442be6fe842b311ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 517116
cf-polished: origSize=28504, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26894
last-modified: Thu, 26 Aug 2021 17:11:52 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6127cb58-6f58"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f670e2cd91c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 24 Jan 2024 03:10:05 GMT

GET
H3 200 78sj4t.jpg
i.imgflip.com/ 50 KB
51 KB 243ms
242ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/78sj4t.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9051831ff582e53f05d7e37603148c7a292966e6ec582a68448319f1dc9d7558

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
cf-cache-status: HIT
x-amz-request-id: MGCPWYKD2AV02C77
age: 213619
cf-polished: origSize=51817
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51556
x-amz-id-2: /0L/vYuN3+1nq/W7WmzYC6gdJxMkw/V8tgdv54dqqLzQ60/4aQ2e3hYp/mQ70PzLg0qmySe0sLY=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 26 Jan 2023 00:23:30 GMT
server: cloudflare
etag: "b83a8ab450501fea5b516ca1b0efdc73"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 791f670e2ff11c5a-AKL
expires: Fri, 28 Jan 2033 03:36:21 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/ijZn7cxcKrU/ 23 KB
23 KB 992ms
603ms Image
image/jpeg 74.125.68.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ijZn7cxcKrU/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f139.1e100.net

Software

sffe /

Resource Hash

67168c8a8ca17557c3257968fc5794d9c4d11f03b751cabd0427464f178c5282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23908
x-xss-protection: 0
server: sffe
etag: "1675040467"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Jan 2023 03:41:22 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/nP0FBeLl0xQ/ 253 KB
254 KB 275ms
275ms Image
image/jpeg 142.251.10.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/nP0FBeLl0xQ/maxresdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f119.1e100.net

Software

sffe /

Resource Hash

cfd8b6f4dd8f2008cab7ca0af02768311a7665495030d97899e2e1f0e89b0335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 02:51:34 GMT
x-content-type-options: nosniff
age: 2687
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259351
x-xss-protection: 0
server: sffe
etag: "1452714729"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Jan 2023 04:51:34 GMT

GET
H2 200 2G38h.oq1b.1.jpg
sp.rmbl.ws/fw/s8/6/2/G/3/8/ 11 KB
11 KB 144ms
143ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/fw/s8/6/2/G/3/8/2G38h.oq1b.1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a8d20640918fd8f22fcde8e3b3b0e0395ff10e795b091147b651b390c596ff1d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
last-modified: Sat, 28 Jan 2023 02:07:17 GMT
etag: "49c1494a074f8fe3f20bfc4a0a5a88eb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 11299

GET
H3 200 78zr7q.jpg
i.imgflip.com/ 27 KB
27 KB 134ms
133ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/78zr7q.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 595b20e4f7c976953427e0f71480a3681af71fd7fb61df1f785c40a98bf14b8a

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
cf-cache-status: HIT
x-amz-request-id: 11NE30VE2H1E41VH
age: 303388
cf-polished: origSize=28179
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27685
x-amz-id-2: g9tlcTjxsvYzfGdDTyZQHFKXvL7IK3ZW2YbQ6n5GJyHRm9D4OacUfaX84JasFwKwWxmq9cjPmNU=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 27 Jan 2023 15:16:55 GMT
server: cloudflare
etag: "d9f55e36fc5c79c133885d45d4fda77b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 791f670fbb081c5a-AKL
expires: Fri, 28 Jan 2033 03:36:21 GMT

GET
H2 200 UBs9h.oq1b.2-small-Kash-Patel-Ds-Are-In-The-Pr.jpg
sp.rmbl.ws/fw/s8/1/U/B/s/9/ 49 KB
50 KB 143ms
143ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/fw/s8/1/U/B/s/9/UBs9h.oq1b.2-small-Kash-Patel-Ds-Are-In-The-Pr.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: ab3ff9607ac81a029cc864e1412fadc4a2415fbf699cb204f282fa39e74bf1d4

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
last-modified: Sat, 28 Jan 2023 14:07:13 GMT
etag: "03d8826cac2e2754c0ad837ab824b51a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 50685

GET
H2 200 Ww2-h.oq1b.2-small-Meet-The-New-Face-Of-The-De.jpg
sp.rmbl.ws/fw/s8/1/W/w/2/-/ 36 KB
36 KB 144ms
144ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/fw/s8/1/W/w/2/-/Ww2-h.oq1b.2-small-Meet-The-New-Face-Of-The-De.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: e794e1adb51c34a3d7575a12edaba5ab34b9388e3ab94295fc23162090eb3517

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
last-modified: Mon, 30 Jan 2023 15:02:22 GMT
etag: "233918ba7198f81f1d7f38ed17f0ae61"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 36608

GET
H2 200 MED-BEDS-PROPHESY.jpg
www.jamesredpillsamerica.com/wp-content/uploads/2023/01/ 1 MB
1 MB 203ms
201ms Image
image/jpeg 104.21.14.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jamesredpillsamerica.com/wp-content/uploads/2023/01/MED-BEDS-PROPHESY.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.14.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 278b01bc2cfecd3a9e5510870083a524aa44d6195fd7ad827899ee674e41b02d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 116563
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1118241
last-modified: Sun, 29 Jan 2023 18:55:01 GMT
server: cloudflare
etag: "63d6c105-111021"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdLtHbLrU0bJD5vC3FpsoewrsAsVdCKbIm8L81%2BgQK5Q4byyLvxben9H8Po%2F1a9UHgen5qJWv0rIT77V2Mo4dGwzPw92X0gYHP2xb9GmuR9M5QdibgFIBA678gW54DvKLhUdfRxDuapGodUgvk0z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 791f6710ba03a8d0-SYD
expires: Mon, 29 Jan 2024 19:13:38 GMT

GET
H2 200 VUUeomKMuLRq_320x180.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 16 KB
17 KB 259ms
258ms Image
image/jpeg 138.199.46.75
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/VUUeomKMuLRq_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.46.75 , Singapore, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-46-75.bunnyinfra.net

Software

BunnyCDN-SG1-1087 /

Resource Hash

d1d495b7355894adc6b8a9b99c1d17a290fe1439734692714d379526ef461b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 1030
x-amz-request-id: tx00000000000001b5d68a1-0063d6711b-2c2c0512-nyc3a
cdn-cachedat: 01/29/2023 13:14:04
cdn-pullzone: 89010
content-length: 16889
last-modified: Sun, 29 Jan 2023 12:59:04 GMT
server: BunnyCDN-SG1-1087
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 51e8de8011c6b12256d4e7eae457913e
accept-ranges: bytes
cdn-requestcountrycode: NZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 7160-tofmgxscqp(12).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 50 KB
50 KB 155ms
155ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/7160-tofmgxscqp(12).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f0593a5d13fb5749e110899dbe6e2e4e7d807f3958e15b937cc6f0001764f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 7685
cf-polished: origSize=53712, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51132
last-modified: Sun, 02 Jan 2022 17:59:08 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "61d1e7ec-d1d0"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f67119bf71c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 30 Jan 2024 21:47:13 GMT

GET
H2 200 t0iTVlrrwcPj_640x360.jpg
static-3.bitchute.com/live/cover_images/U7GfhPOJGirJ/ 38 KB
39 KB 244ms
244ms Image
image/jpeg 138.199.46.75
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/U7GfhPOJGirJ/t0iTVlrrwcPj_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.46.75 , Singapore, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-46-75.bunnyinfra.net

Software

BunnyCDN-SG1-1087 /

Resource Hash

fd404b53d99788cd2d8340f9f45ca2677f99ba01bc7c1a2b6f676dc4a4a88558

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 747
x-amz-request-id: tx00000000000004d4ef14c-0063d36598-21d29c43-nyc3a
cdn-cachedat: 01/27/2023 05:48:09
cdn-pullzone: 89010
content-length: 39343
last-modified: Fri, 27 Jan 2023 05:22:43 GMT
server: BunnyCDN-SG1-1087
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 27769d755ecb769c797228f2b7f94264
accept-ranges: bytes
cdn-requestcountrycode: NZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 IMG_20230129_144107_504.jpg
m.beforeitsnews.com/contributor/upload/819011/images/ 35 KB
35 KB 175ms
162ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20230129_144107_504.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aa95615bbafb1effbf79aafb1fda2d80b5a171cad3984a444601020dcae20a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 102497
cf-polished: origSize=37955, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35755
last-modified: Sun, 29 Jan 2023 22:43:30 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63d6f692-9443"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f67129dc7ee92-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 29 Jan 2024 22:43:31 GMT

GET
H2 200 IMG_20230123_104333_958.jpg
m.beforeitsnews.com/contributor/upload/819011/images/ 28 KB
28 KB 194ms
185ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20230123_104333_958.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

152af5c675f49905d731e13e60ce44bb199be2f1102ca1ddaf8434783435fae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 628405
cf-polished: origSize=32383, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28711
last-modified: Mon, 23 Jan 2023 20:43:46 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63cef182-7e7f"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f67129dc8ee92-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Jan 2024 20:43:46 GMT

GET
H3 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 417ms
416ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202301301.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202301301.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1189368
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-3be6"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f66ffdd2a1c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:01 GMT

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame 2D1C 3 KB
1 KB 140ms
139ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20230313
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cc6ec239f234d5a18b64d69e6d302015311830e98901815992b422fe553c3a8

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
x-amz-version-id: 2EmxEJ1mNzNKIsquEMAeHH6ZccNpbB2O
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 8HPECB8405P9DW5T
age: 4314
cf-polished: origSize=2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 2LoGIsLlfCHjvp2qH1eI5/sU1nXww2SBpczsHvOrrycrL13FSCNE/MghrHsqSJ8DzI0T+2103oA=
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 10:07:34 GMT
server: cloudflare
etag: W/"bdada3687ff26c2d0b9aeee7bfa977a2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 791f6713bf61ee9e-AKL
expires: Tue, 31 Jan 2023 06:36:22 GMT

GET
H2 200 ajs.js Show response
cdn2.customads.co/_js/ 7 KB
3 KB 597ms
144ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.customads.co/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
content-encoding: gzip
via: 1.1 google
x-sp-metadata: HS256.CMa14p4GEogBCiRmMmJjNTYwNS02NWQxLTQ3NTAtOGE1Zi1jYTZlNDMxMTQyZDQQqNnfzcKz/AIaBgi2meKeBiINMTE2LjkwLjc0LjE5NyjC3AIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDg3YmM5Zjk2LWNlMzEtNDhlYi05NTAwLWQ0NDM5NDUzYjYzNBiSFyIYCAISFGNkczIwNy5zeTIuaHdjZG4ubmV0.EkztMkQNeCKVcgxydW7qDl7uqIvxI7GVJtcQKAiY+OM=
last-modified: Fri, 27 Jan 2023 21:20:28 GMT
etag: W/"1a40-185f51a7055"
x-hw: 1675136182.cds201.sy2.hn,1675136182.cds207.sy2.c
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2962

GET
H3 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
43 KB 143ms
142ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202301301.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202301301.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1189368
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-a834"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f6713d8841c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 836ms
285ms Script
text/javascript 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

ed4a27ada55f520a2fe36a4a3bbc0f1a14651a058a4842a98f7a5e8807c9bfec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50078
x-xss-protection: 0
server: cafe
etag: 2380383573048086798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 03:36:23 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
508 B 447ms
151ms Script
application/javascript 172.67.138.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.138.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
cf-cache-status: HIT
last-modified: Mon, 30 Jan 2023 04:28:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 83281
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6BzoiNzk6CIF9cUjPR0s1lQgPNiqD6dOQ3Fm88osxDNwSa3un5GSBwAN5QoqhAwAQsFy0EGARC2KdcX00Ky6iLgFUYoI1xWtU2cT3RFGQ2kv3bg8s%2Bp19tatHI%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 791f6716a864a8b6-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9

GET
H2 200 adcode.png
rddywd.com/ 43 B
538 B 441ms
154ms Image
image/gif 172.67.138.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.138.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 19106
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkTgZe%2FSA4auRPUPHBshNHv8iWFmpFq%2BoAOburlPT%2FK6ha1ZRM1KvTSJVEcdn0u0h8mx9r0HZ3XuykIW9bue6HZrypQjmghlYIuWgwxqQs6U48lEMVNIzENPNB1P"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 791f6716ec2ea8b8-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 204 generate_204
www.googleapis.com/ 0
40 B 273ms
272ms Image
text/plain 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f95.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 141ms
141ms Image
image/webp 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202301301.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202301301.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 985686
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-a0e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f6715dca51c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 06 Jan 2024 19:54:23 GMT

GET
H2 200 Screenshot-2023-01-29-203103.png
www.ournewearthnews.com/wp-content/uploads/2023/01/ 29 KB
29 KB 1919ms
628ms Image
image/webp 162.241.30.109
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ournewearthnews.com/wp-content/uploads/2023/01/Screenshot-2023-01-29-203103.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.30.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5924.bluehost.com
Software: Apache /
Resource Hash: 86a5809b685b63f4e433900f801fcb8a0f47e64ad6579c99e4a792c1a05ae2d4

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:24 GMT
x-nginx-cache: WordPress
last-modified: Mon, 30 Jan 2023 02:36:44 GMT
x-wpo-webp: Redirected directly to existing webp
server: Apache
vary: Accept
x-endurance-cache-level: 2
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 29770
expires: Wed, 01 Feb 2023 03:36:24 GMT

GET
H3 200 79d1ya.jpg
i.imgflip.com/ 45 KB
45 KB 148ms
147ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/79d1ya.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc57c6dc0d222d504e89e06f7fdfc3ce6b9531a59cc150f15fb2bb07d3b178ef

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
cf-cache-status: HIT
x-amz-request-id: VS4J485Y45SP2JNQ
age: 12174
cf-polished: origSize=46283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45741
x-amz-id-2: gr8mpx7/hpVX7xog3vOEv8Xl4wxXMTRLvwPTyRckpxXfCNod6vD3Y53AqjHgwxT3QamMbnTineg=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2023 00:10:44 GMT
server: cloudflare
etag: "b4e69861d27ecf330709e1b974ab2351"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 791f6716299c1c5a-AKL
expires: Fri, 28 Jan 2033 03:36:22 GMT

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
485 B 1035ms
792ms XHR
text/html 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4ad46c860488f3ea1c3392717c6fdbc645eac58538d1afa36f0f978f9bec57e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
x-frame-options: SAMEORIGIN
cf-ray: 791f6701df6aee9a-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
content-length: 16
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 beforeitsnews.com.720415.es6.js Show response
jsc.mgid.com/b/e/ 265 KB
76 KB 144ms
144ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2a485a12877fea07455a904403772cd14d17015280daa9f88882d21f5d8873

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
x-amz-version-id: JhyK2GbxQ2w0RJGadc.t92bEJxKc7Nc7
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 01SCW7GKXZ30JCMZ
age: 4314
cf-polished: origSize=271407
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 9QwSO8etS9Q8ls5NzJgU1tCWDf6G7G5yYFA78JJ9UgaNhocksATI2M5mpblrj1cU1xpQeuNgnwc=
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 10:08:28 GMT
server: cloudflare
etag: W/"8f33533cb60220b44f3322eb1da4acd3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 791f6716cc7efb8c-AKL
expires: Tue, 31 Jan 2023 06:36:22 GMT

GET
H3 200 beforeitsnews.com.720413.es6.js Show response
jsc.mgid.com/b/e/ 265 KB
76 KB 328ms
327ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 963e8f3a4445ad949ba7d22f576988862f6f6dd41dcdfd105534de80690262ac

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
x-amz-version-id: khMKR_6sbveBnhWzZS97vJ3PrOZ5mSPB
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: ANDFX9SQ4A1ZT9SZ
age: 4314
cf-polished: origSize=271407
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: yRqK1sPvIcA3gGNtqtnokBMVOidFP2JCkmbWDAX4X5EcxQ/NrNFmfY5MWgkTywYRwX1wCQIwdS8=
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 10:08:11 GMT
server: cloudflare
etag: W/"9a7ce1287621131baa436a9819a8807d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 791f67171cf3fb8c-AKL
expires: Tue, 31 Jan 2023 06:36:22 GMT

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame 0A69 33 KB
10 KB 959ms
260ms Document
text/html 13.224.250.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.250.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-250-55.sin52.r.cloudfront.net

Software

tv /

Resource Hash

d56fb9669433f27dfc5a69b1124f29b55f8610bcd4c31757f657036360bd215f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://.ampproject.org/ https://.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-WJF0+nwOsKg1mn1oKzD0OA=='; base-uri 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

age: 73
alt-svc: h3=":443"; ma=86400
cache-control: max-age=120
content-encoding: gzip
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-WJF0+nwOsKg1mn1oKzD0OA=='; base-uri 'none'
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 03:35:07 GMT
expires: Tue, 31 Jan 2023 03:37:07 GMT
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
via: 1.1 dd1d744d35431de55502bf3c7c1efcc6.cloudfront.net (CloudFront)
x-amz-cf-id: 9FGWcb9yVqgXRJf96Ymr_a74Tzi7_GrnHcgmBOBPsh-T0Jel3Fe9lw==
x-amz-cf-pop: SIN52-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 runtime.f870b028d5eb60782063.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 58 KB
24 KB 989ms
510ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/runtime.f870b028d5eb60782063.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

c8cecd290135a3ed2ed8c6f705cbfa175f0a5a42de2a2ea345339e3508b4d80e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 10:49:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 60436
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 24278
referrer-policy: origin-when-cross-origin
last-modified: Mon, 30 Jan 2023 08:38:11 GMT
server: tv
etag: "63d781f3-5ed6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 8j06-N74P6H4lzxSCpmzvF5B2ijqeXtgoBRhMO42Ce73rTkjXagGTA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 en.4571.9bb2cb4fabb82931346e.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 3 KB
1 KB 949ms
470ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/en.4571.9bb2cb4fabb82931346e.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

827846bf37c1ddb30e84958ef807853bf1d2482b3629927c1034f84b85f32bf3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 10:49:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 60435
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 797
referrer-policy: origin-when-cross-origin
last-modified: Mon, 30 Jan 2023 08:38:10 GMT
server: tv
etag: "63d781f2-31d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: VrwHObc9rCzbsjRMKv_keTCwdlHf0E4c0qj3EjguyEMDjUDWVtnZFQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 en.73717.1edce5cc655220d8d9ed.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 10 KB
3 KB 246ms
240ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/en.73717.1edce5cc655220d8d9ed.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

ad60e82991479b97628d23059388eee30e8ef242a8c5f66ca91e4b177e1a6261

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 576436
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2899
referrer-policy: origin-when-cross-origin
last-modified: Tue, 24 Jan 2023 10:51:56 GMT
server: tv
etag: "63cfb84c-b53"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: L1V47c_Misq_MLVdLdYwSBHdOJgq0_RnWwuHnqC9v5RaSRg_ANJOLQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 en.29610.e23cf83ffe2e4e97b106.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 39 KB
8 KB 268ms
262ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/en.29610.e23cf83ffe2e4e97b106.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

a7e44100eab9ff10eaf86232be5858183f50e27488f572f4899c71a60f73107d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 11:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 404896
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7204
referrer-policy: origin-when-cross-origin
last-modified: Thu, 26 Jan 2023 09:48:55 GMT
server: tv
etag: "63d24c87-1c24"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: Ib3mQYPQEtkwhU8Axg9ds-Y-t3R5bUjl9Vs4UI-C9jpxLsEeiCoibg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 en.79079.ba22ccafd0f0a3ccecc4.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 368 B
703 B 269ms
263ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/en.79079.ba22ccafd0f0a3ccecc4.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

f889c27015d4eb32a74d57f4fd5d3b67327065c7f7e021188e23a3b7d8ba7bdc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 11:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 1096246
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 187
referrer-policy: origin-when-cross-origin
last-modified: Wed, 18 Jan 2023 10:21:42 GMT
server: tv
etag: "63c7c836-bb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: sjpgzw2Hv3sdTGwdPkDZRCRW8pZczd3M0SQZ2VtIVRLua9GTtZzrcA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 46647.2979278b48af03e6d22b.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 16 KB
5 KB 281ms
275ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/46647.2979278b48af03e6d22b.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

99e2c1ab047d958a6e7a35fd6a9fd3221ebcec1f14ee47cfc15f67d9818bcdb4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 10:49:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 60436
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4252
referrer-policy: origin-when-cross-origin
last-modified: Mon, 30 Jan 2023 08:38:11 GMT
server: tv
etag: "63d781f3-109c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: TOH3093Zc_cyBpiyiqrzREJxHpjPC69Pn3mB7fAPH9Le2g7ueRzhng==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 97532.539979dcf078d6273a99.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 20 KB
7 KB 294ms
288ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/97532.539979dcf078d6273a99.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

8ee3e1c1fe9cf8bc9804cf8b46b91f77d322c1d3fa7c1fb3dacd56f919bd4ca8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 1530137
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6196
referrer-policy: origin-when-cross-origin
last-modified: Fri, 13 Jan 2023 08:35:55 GMT
server: tv
etag: "63c117eb-1834"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: gcjYAndX7h7KwTTcEXONTzuKjsEL1VD7KKlZmni02q0mYlpeBOA7xQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 53748.06fcdc5a1b850f86a915.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 13 KB
6 KB 307ms
301ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/53748.06fcdc5a1b850f86a915.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

a0d7b8a6237561de8a6c9369317d85f5d62d83b26847b181ddeef13c5ac3ea6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 4292753
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5167
referrer-policy: origin-when-cross-origin
last-modified: Mon, 12 Dec 2022 08:31:39 GMT
server: tv
etag: "6396e6eb-142f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: M3E_K1ZWfNPYwXJU2n5lTR9HFANy1MpfVVr988ZRlm2oQ-XQLC89eA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 61636.ada40e4c652da924bfce.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 6 KB
2 KB 314ms
308ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/61636.ada40e4c652da924bfce.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

6baa953e15a3b8c9ea11599c20b1ea9b494c3c8e76b3fee6434ff014a2933ca8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 11:21:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 3428113
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1872
referrer-policy: origin-when-cross-origin
last-modified: Thu, 22 Dec 2022 10:52:18 GMT
server: tv
etag: "63a436e2-750"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: XIyEQdwYpNX0XjTdKufpzPGcl76vko1HnSosYaD7Czi2W_-2WS-9Cw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 43312.e9af1171f40e0899fffc.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 28 KB
11 KB 287ms
286ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/43312.e9af1171f40e0899fffc.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

b614742cb337e048cb308629deec2f68ffa868742c8954bab91b19dcd5f8b2a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 10:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 322156
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 10242
referrer-policy: origin-when-cross-origin
last-modified: Fri, 27 Jan 2023 08:38:17 GMT
server: tv
etag: "63d38d79-2802"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 0vv2YxKGGeYU2lpuw0qJG4DBmKcFrBNgs5CGvXI8GiHgy_0hphFgZA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 88698.c1751595eef9be47dce2.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 24 KB
7 KB 235ms
235ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/88698.c1751595eef9be47dce2.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

6e9a7da361305d9aafe70f454854ac8e196eedf4a581c21f047e4d57793b2b1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 10:14:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
age: 926536
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7211
referrer-policy: origin-when-cross-origin
last-modified: Fri, 20 Jan 2023 08:57:11 GMT
server: tv
etag: "63ca5767-1c2b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: bOPwTJW13Srra5JAq1Ksxap38yMzHO-ETykU2YQg6s1JsMp6mzckew==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 86981.19aa0ac24d19d5900500.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 80 KB
17 KB 236ms
236ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/86981.19aa0ac24d19d5900500.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

f8ca543be24fae0bffafd7ab5c7904ea9154be1069dcc0d93d3129744a0aed35

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 10:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
age: 1616056
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17228
referrer-policy: origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 08:43:58 GMT
server: tv
etag: "63bfc84e-434c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: Zlyo-1mURZXzNvla_ijK_OuUrc15fS5CnkgRTI5MFcBoSn22VllXBg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 19240.9336c626b12d6ce72dba.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 28 KB
9 KB 237ms
236ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/19240.9336c626b12d6ce72dba.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

14c51f0de90f3f9528679d1b7477a76aec15be7e3c8bc0848fa490483e3d405b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
age: 1010596
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8505
referrer-policy: origin-when-cross-origin
last-modified: Thu, 19 Jan 2023 10:06:58 GMT
server: tv
etag: "63c91642-2139"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: ruybk7CV7T47-aS1YGahw8vYMDdbHYrga-_J_jCd3xSwX53lb3NT3A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 84258.cc38cadc45775e01eebd.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 28 KB
8 KB 240ms
240ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/84258.cc38cadc45775e01eebd.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

a47600637704c2c05ee69a3cd348a9c9a76f8a8f655899efeff70266ffb10fc9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
age: 1010596
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8242
referrer-policy: origin-when-cross-origin
last-modified: Thu, 19 Jan 2023 10:06:57 GMT
server: tv
etag: "63c91641-2032"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: bfTUMeyH_VO6A3Hk0dUrD87VGnJfuHye-b9AuGeG-pPtMG3EwY0MaA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 69550.dfd2d402de02e09aca70.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 20 KB
6 KB 262ms
262ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/69550.dfd2d402de02e09aca70.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

163d5c11f834ccff3bb12178c3b98f97881877007464cceba82f66c2668b43d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 11:05:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
age: 1096276
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5551
referrer-policy: origin-when-cross-origin
last-modified: Wed, 18 Jan 2023 10:21:40 GMT
server: tv
etag: "63c7c834-15af"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: HsHmUjBpHHrEdJ-CekTraCGf9vfvB_PFEf3HubnL6niKPUPckB7Piw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 47393.4688975c5b64b5291dc2.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 15 KB
6 KB 401ms
400ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/47393.4688975c5b64b5291dc2.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

4a72c41a68044e9d76bb083dadf61957352acc0204fe96ddae9b72b8330324dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 10:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
age: 60429
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5785
referrer-policy: origin-when-cross-origin
last-modified: Mon, 30 Jan 2023 08:38:13 GMT
server: tv
etag: "63d781f5-1699"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: Utlq6GHfmJrrb17631AiOVbSqQBTFv_b89xz6AmeDOgFIuext6oWlw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 embed_ticker_tape_widget.d0b9182f74227ebdf790.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 23 KB
8 KB 395ms
395ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.d0b9182f74227ebdf790.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

200a946e5791d7badbd24083107892396943aa46f63fbd8001948ab2afe3866e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 10:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
age: 60428
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7427
referrer-policy: origin-when-cross-origin
last-modified: Mon, 30 Jan 2023 08:38:11 GMT
server: tv
etag: "63d781f3-1d03"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: Nz1SGIpH43HIMIBPyMy7eyg5EwsMseeeONwMrb2i3j2BEz4pRSzFdw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 32350.ca9918cbf462aff5b55b.css
static.tradingview.com/static/bundles/embed/ Frame 0A69 1 KB
1 KB 713ms
235ms Stylesheet
text/css 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/32350.ca9918cbf462aff5b55b.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

6159f32f1b79a94b26c2c580fdd4ffdfc91af5334f46c4d8b2a1597925fb2e78

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 17:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 3666065
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 712
referrer-policy: origin-when-cross-origin
last-modified: Mon, 19 Dec 2022 16:46:09 GMT
server: tv
etag: "63a09551-2c8"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: uETf6hLKxufpc3XZRQ6k7h2J5jFLzOt45UDvsgW6mwwK0R4u64CsIQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 96972.3ff50c27a31c85df6216.css
static.tradingview.com/static/bundles/embed/ Frame 0A69 1 KB
809 B 713ms
236ms Stylesheet
text/css 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/96972.3ff50c27a31c85df6216.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

cb19fbbe887b10fc39e63ba83f2da46f1c24f2d7e965a5cba217c0db9099d136

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 10:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 1616053
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 304
referrer-policy: origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 08:43:52 GMT
server: tv
etag: "63bfc848-130"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: uY_lLEORyMCsmeNsLLZzh1W68IY1lEB-ao--YhnA0M_Kp29Mbtl1ig==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 75398.2e21e39552e27b0c3f8d.css
static.tradingview.com/static/bundles/embed/ Frame 0A69 2 KB
864 B 713ms
237ms Stylesheet
text/css 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/75398.2e21e39552e27b0c3f8d.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

31568e93727ea81019c4ad3ee96535f2999688c83e5612c45096a0a576a31701

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 10:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 1616051
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 358
referrer-policy: origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 08:43:53 GMT
server: tv
etag: "63bfc849-166"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: o_QIarRZERq0WYiAIgZoRrVj2txSAVQ0gUd9o6lGCAzXqnHG1X2oGQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 34145.83330e98cd0f13f52e0f.css
static.tradingview.com/static/bundles/embed/ Frame 0A69 9 KB
2 KB 715ms
239ms Stylesheet
text/css 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/34145.83330e98cd0f13f52e0f.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

35756cfdc99cea57d1bebba0304db1a4657bbfae0366c0bf15b1e48bdf113e9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 05:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 2930109
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1402
referrer-policy: origin-when-cross-origin
last-modified: Tue, 27 Dec 2022 08:37:05 GMT
server: tv
etag: "63aaaeb1-57a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: VXShVeAMFnHMW1HQwdPOad5nWcZVeTxtTKP6aWk4lSpkH5vcKNqD9A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 75270.1b9346a9976805f588f4.css
static.tradingview.com/static/bundles/embed/ Frame 0A69 2 KB
1 KB 720ms
244ms Stylesheet
text/css 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/75270.1b9346a9976805f588f4.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

370a59263a79542e45b906d533eee3a047abe89219f1c11c720a84c72fac144c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 10:49:07 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 60434
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 551
referrer-policy: origin-when-cross-origin
last-modified: Mon, 30 Jan 2023 08:38:06 GMT
server: tv
etag: "63d781ee-227"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 42lkclQ_1xnwgv8q6LAKglq5gOorYfxyQOWpIe7Rs7FMYTX_JNGs9A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 31755.721cbfb1a5d6784e3109.css
static.tradingview.com/static/bundles/embed/ Frame 0A69 2 KB
1 KB 721ms
245ms Stylesheet
text/css 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/31755.721cbfb1a5d6784e3109.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

d1b8a0fc8cd1e1cee4a88d59f5787fdd243f2fbf583f809d5c8d5028ea2b1162

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 17:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 3666073
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 564
referrer-policy: origin-when-cross-origin
last-modified: Mon, 19 Dec 2022 16:46:03 GMT
server: tv
etag: "63a0954b-234"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: Rzq14Zg8aunWsHTfwYLWxJuCNQbpG_lhSlrw-vyIkpntQsHmSGXVzQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 76045.57ed1f0e14de0ce7dcbb.css
static.tradingview.com/static/bundles/embed/ Frame 0A69 868 B
859 B 945ms
469ms Stylesheet
text/css 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/76045.57ed1f0e14de0ce7dcbb.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 04:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 3194604
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 353
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Dec 2022 16:00:19 GMT
server: tv
etag: "63a5d093-161"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: abEVNF1WmLe3BjD41WbucoRrO6Pr-NJijbzRO_1ZnsCKaJqHHMayxA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 66690.c7183a76dc0599de9f42.css
static.tradingview.com/static/bundles/embed/ Frame 0A69 4 KB
1 KB 727ms
251ms Stylesheet
text/css 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/66690.c7183a76dc0599de9f42.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

fe19334709cd41c6c626aa65d242a3c096e5ef4d92097fc19fc27ab73d31d50a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 17:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 3666073
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 634
referrer-policy: origin-when-cross-origin
last-modified: Mon, 19 Dec 2022 16:46:03 GMT
server: tv
etag: "63a0954b-27a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 3GLu8NYdk3eHJz0voeqjm8P-CaOxMSI7XQIERitwVqvwP_WYe8mvgA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 76270.a819f80182db62e2c3b6.css
static.tradingview.com/static/bundles/embed/ Frame 0A69 6 KB
2 KB 726ms
250ms Stylesheet
text/css 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/76270.a819f80182db62e2c3b6.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

7908c2f4b89146df43567c37fef2bfcb60e7cbad27f8e6650c5d6f94388778b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 23:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 2519631
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1239
referrer-policy: origin-when-cross-origin
last-modified: Fri, 30 Dec 2022 10:36:31 GMT
server: tv
etag: "63aebf2f-4d7"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: S8asBA9AN9KLZ5XQ5EF_WoMwc-tS8GzD-Wtv3gVZI_ZUhuBPi5rYyA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 822ms
272ms Script
text/javascript 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 01:56:26 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5997
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 31 Jan 2023 03:56:26 GMT

GET
H3 200 beforeitsnews.com.351459.es6.js Show response
jsc.mgid.com/b/e/ Frame 2D1C 266 KB
76 KB 379ms
378ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20230313
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d4a5500923a659d39bd547d72f37372f7e97ab0cae00e9f25cf431095a7420a

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
x-amz-version-id: yG8FFov0kFyrKWLc0awUFgTGxkkUowmb
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: JNADQFMZXWKEK391
age: 4314
cf-polished: origSize=272074
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: iL5gnQ/Acfcxfnkp0rIzIBMiFx+4qUxbutFSDNUN1khYdhF4+lNrFei25dfoWczMRlVNompdUWM=
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 10:07:34 GMT
server: cloudflare
etag: W/"63df79f68a4872c0606743b11f1329ed"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 791f67178d88fb8c-AKL
expires: Tue, 31 Jan 2023 06:36:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 0A69 110 KB
43 KB 279ms
278ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/43312.e9af1171f40e0899fffc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

342003704250e79d6104077de0924bd489b5edd0a5fa2736398480f5883f3627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44061
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Jan 2023 03:36:22 GMT

GET
H3 200 24966.415109541489380d12f6.css
static.tradingview.com/static/bundles/embed/ Frame 0A69 801 B
628 B 235ms
235ms Stylesheet
text/css 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/24966.415109541489380d12f6.css

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/runtime.f870b028d5eb60782063.js

Protocol

Security

QUIC, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

a5068464290b2b7404e5f67f0bbbcabfc046b1e6d635430e91e77d96461c95ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 08:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
age: 3006824
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 263
referrer-policy: origin-when-cross-origin
last-modified: Mon, 26 Dec 2022 08:30:38 GMT
server: tv
etag: "63a95bae-107"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: dzAe2yQhND6NDjv9Qv9AATw13-VnfODAU8wN9yDA2jE7RnT_W0omfw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tradingview-copyright-data-impl.633dde454d123fa388d9.js Show response
static.tradingview.com/static/bundles/embed/ Frame 0A69 4 KB
3 KB 235ms
235ms Script
application/javascript 13.33.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.633dde454d123fa388d9.js

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/runtime.f870b028d5eb60782063.js

Protocol

Security

QUIC, , AES_128_GCM

Server

13.33.33.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

4a726be2f2c71e83ac3a30833a22ee41fe2653aeedc4ef4699dc68ab85467d90

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 22:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
age: 2608830
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2232
referrer-policy: origin-when-cross-origin
last-modified: Fri, 30 Dec 2022 10:36:28 GMT
server: tv
etag: "63aebf2c-8b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: eoo9a-THf9MAssuHmS0SEIOKlMmNf4tCAaAheNtH7MJHdCiey0pn2Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8301289771671655 Show response
customads.co/lad/ Frame 0DC1 1 KB
2 KB 642ms
352ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: f670413d2ae1a2ae6adb0f76cf9a23e52e96324d60f3c10658a9bfe558a6513d

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1342
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 03:36:23 GMT
via: 1.1 google

GET
H2 200 10864438442185062 Show response
customads.co/lad/ Frame A1C5 1 KB
2 KB 626ms
338ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: f670413d2ae1a2ae6adb0f76cf9a23e52e96324d60f3c10658a9bfe558a6513d

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1342
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 03:36:23 GMT
via: 1.1 google

GET
H2 204 search
www.tradingview-widget.com/sheriff/api/v1/rules/ Frame 0A69 0
0 783ms
235ms Fetch 13.33.33.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tradingview-widget.com/sheriff/api/v1/rules/search?origin=https%3A%2F%2Fbeforeitsnews.com
Requested by: Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/43312.e9af1171f40e0899fffc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-107.sin2.r.cloudfront.net
Software: tv /
Resource Hash

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:01:12 GMT
via: 443, 1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
server: tv
x-amz-cf-pop: SIN2-P1
age: 2111
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-cache: Hit from cloudfront
access-control-allow-origin: https://s.tradingview.com
cache-control: public, max-age=3600, s-maxage=3600
cross-origin-resource-policy: same-site
vary: Origin
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Xw5Zjh4ZJ-87NUw69O3CuPokDtKYGJLaCb3KCh0IFDgJMUoTYjcgoQ==

GET
H2 200 s-and-p-500.svg
s3-symbol-logo.tradingview.com/indices/ Frame 0A69 1 KB
1 KB 727ms
235ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc65c6721af6fef8b02dca12cd466a18150acbe66203f45d76782f210194867e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:22:09 GMT
content-encoding: gzip
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 855
x-cache: Hit from cloudfront
x-amz-meta-hash: f120e635d6a57528861fe87233bc6c11
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 May 2022 07:17:22 GMT
server: AmazonS3
etag: W/"f120e635d6a57528861fe87233bc6c11"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: tNKaN-0OOc9TyrlzpHrvqi9WsfJJJk0btGD5yOMWHbLZVb5_pYwh_Q==

GET
H2 200 nasdaq-100.svg
s3-symbol-logo.tradingview.com/indices/ Frame 0A69 777 B
1 KB 728ms
236ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:00:56 GMT
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 2133
x-cache: Hit from cloudfront
x-amz-meta-hash: fe60c6206a39b7984b1ebb2b8234c5ab
alt-svc: h3=":443"; ma=86400
content-length: 777
last-modified: Thu, 26 May 2022 07:17:23 GMT
server: AmazonS3
etag: "fe60c6206a39b7984b1ebb2b8234c5ab"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 2YHegQx33DxWHZOQgEc-Hy7OJAdukNK3EyP31s97AXJRIXIJSmPMVQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 0A69 49 KB
20 KB 662ms
354ms Script
text/javascript 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 01:56:26 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5997
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 31 Jan 2023 03:56:26 GMT

GET
BLOB 200
OK 088682de-4f52-479f-a3bf-0943b4454bae
https://beforeitsnews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/088682de-4f52-479f-a3bf-0943b4454bae
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 348da06e-3614-4848-8006-420bb200dd4c
https://beforeitsnews.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/348da06e-3614-4848-8006-420bb200dd4c
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 0A69 3 KB
926 B 641ms
238ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:30:10 GMT
content-encoding: gzip
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 2170
x-cache: Hit from cloudfront
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
server: AmazonS3
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: HH_2w3BCoHbHQen9P8AeIrSDzpnQfY0fyV1MSeD1ihK-6lCyxOWHdQ==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 0A69 870 B
1 KB 643ms
241ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:00:03 GMT
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 2181
x-cache: Hit from cloudfront
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
alt-svc: h3=":443"; ma=86400
content-length: 870
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
server: AmazonS3
etag: "e9173ef4613c3da43c45885ea39c4b96"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 8LAjb3Bw7EtCSwMpwFxtHGKNnnHowdupvf1WfIVt_sEgHP_0aQB8sw==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 0A69 801 B
1 KB 236ms
235ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:17:03 GMT
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 1167
x-cache: Hit from cloudfront
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
alt-svc: h3=":443"; ma=86400
content-length: 801
last-modified: Wed, 08 Sep 2021 09:03:52 GMT
server: AmazonS3
etag: "107060b925841745f310697bd9f1f83d"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: K1Ul4mXbxXH9U68DB1UCqf9ONjcPZ1WYUSWD3b8fLYq7gzPDpvBrpA==

GET
H2 200 / Show response
c.mgid.com/pv/ 0
43 B 308ms
305ms Script
text/plain 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1675136183238213017996&uniqId=0c83b&lct=1674000000&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=63d88cb7-158b6&pageView=1&pvid=18605e5abc7bb762896&site=310742&implVersion=11&dpr=1&tfre=5029
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 791f6719ae74ee9e-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content 80d98b4d-f35c-42b4-870f-d22337c307e7
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/80d98b4d-f35c-42b4-870f-d22337c307e7
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 135ms
132ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 4ZA9P7VPAM79SEE5
age: 248
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Ogo/ex200L7ps4FnQp+/tzaMP2Es62GIpyM//oh5VixopnKeKU/OLkVNxoGwINDIcf8PtYkWji0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 791f6719be8bee9e-AKL
expires: Wed, 01 Feb 2023 03:36:23 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
910 B 133ms
130ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YX26RVNEGW9X6AWK
age: 5647
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 791f6719be86ee9e-AKL
expires: Wed, 01 Feb 2023 03:36:23 GMT

GET
BLOB 200
OK d834e6e9-1eeb-4894-ae4c-de0e9221840a
https://beforeitsnews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/d834e6e9-1eeb-4894-ae4c-de0e9221840a
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 423157e8-dea8-4ca5-bd0d-35ce7f0c5058
https://beforeitsnews.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/423157e8-dea8-4ca5-bd0d-35ce7f0c5058
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 1 Show response
servicer.mgid.com/720415/ 1 KB
1 KB 280ms
277ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720415/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1675136183309647120521&uniqId=0c83b&lct=1674000000&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=370&h=330&maxw_1=366&maxh_1=284&ident_p=true&cols=1&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=63d88cb7-158b6&pageView=1&pvid=18605e5abc7bb762896&implVersion=11&dpr=1&tfre=5099
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84586075ffc5cd4d1773d6a6449cdfe77d7243cec07c44b9d248a834029cced5

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 791f671a1ed9ee9e-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 0A69 836 B
1 KB 239ms
238ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b9fe71606636a37b6f7fb74e8ea572130d0f61dbcd92fe3ae40e80425f56fb2

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 02:37:06 GMT
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 3558
x-cache: Hit from cloudfront
x-amz-meta-hash: 22c56ff05dc453a69fdbae0b7a7eb06c
alt-svc: h3=":443"; ma=86400
content-length: 836
last-modified: Fri, 18 Nov 2022 08:44:55 GMT
server: AmazonS3
etag: "22c56ff05dc453a69fdbae0b7a7eb06c"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: d9GlYqS9kd6NXXZWsBadq1rcBS88ZJnS2U0_UDcSefoQoZPntcQTww==

GET
H2 200 apple.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 1 KB
1 KB 242ms
241ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/apple.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:00:56 GMT
content-encoding: gzip
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 2136
x-cache: Hit from cloudfront
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
server: AmazonS3
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: s28t56bTnDaz1vi0UoFhsKbtjpiPidDOJlLVrGcKfwv8RwITgYNA6A==

GET
BLOB 206
Partial Content 3ce807b8-b1ce-4ed7-8f61-6e2ce6121a16
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/3ce807b8-b1ce-4ed7-8f61-6e2ce6121a16
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 meta-platforms.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 786 B
1 KB 239ms
235ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/meta-platforms.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:00:56 GMT
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 2129
x-cache: Hit from cloudfront
x-amz-meta-hash: cafd1d7d717ad67e5dbe45b88fa3d47b
alt-svc: h3=":443"; ma=86400
content-length: 786
last-modified: Fri, 05 Nov 2021 11:07:13 GMT
server: AmazonS3
etag: "cafd1d7d717ad67e5dbe45b88fa3d47b"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: ugoQxssutpRdFBYa22Lw6X12gLCpzMYO6Jo8CTm18AUdj4UrlDzPWA==

GET
H2 200 alphabet.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 761 B
1 KB 241ms
237ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/alphabet.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:09:34 GMT
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 1829
x-cache: Hit from cloudfront
x-amz-meta-hash: d721ee9258a9e765f67ec5dfb05d72f2
alt-svc: h3=":443"; ma=86400
content-length: 761
last-modified: Wed, 08 Sep 2021 08:55:20 GMT
server: AmazonS3
etag: "d721ee9258a9e765f67ec5dfb05d72f2"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: gA7LkQYpFin9N7OkBIcDtpRwFEO9lt2kWMzUGQrMYU2rDY7IHoMlIQ==

GET
BLOB 200
OK b86cd33d-1f47-40e3-8810-2c12aafab20d
https://beforeitsnews.com/ Frame 2D1C 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/b86cd33d-1f47-40e3-8810-2c12aafab20d
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 460ac5bc-170f-4ecc-8bb0-fee344f46cc3
https://beforeitsnews.com/ Frame 2D1C 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/460ac5bc-170f-4ecc-8bb0-fee344f46cc3
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 1 Show response
servicer.mgid.com/720413/ 1 KB
942 B 254ms
254ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720413/1?scum=%3F0&scuw=%3F0&mp4=1&ap=1&w=370&h=330&maxw_1=366&maxh_1=284&ident_p=true&cols=1&pv=5&cbuster=167513618344596806121&uniqId=041fd&lct=1674000000&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=63d88cb7-158b6&pageView=0&pvid=18605e5abc7bb762896&implVersion=11&dpr=1&tfre=5235
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6840b50612138317ff854a1a65ab25037a659cd64329b8806ecbf7c43e0ee585

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 791f671ae848ee9e-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 berkshire-hathaway.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 1 KB
1 KB 247ms
244ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/berkshire-hathaway.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:03:05 GMT
content-encoding: gzip
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 2023
x-cache: Hit from cloudfront
x-amz-meta-hash: 7c18bc7ae368cb48e47ba8066bb6f18d
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 09:01:25 GMT
server: AmazonS3
etag: W/"7c18bc7ae368cb48e47ba8066bb6f18d"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 5VG59kXYRMdXYlBJeO0tABSM0QAheeLl46veZj-wkVJ0V-i3iynmtg==

GET
BLOB 206
Partial Content 1ad9e7b9-6127-4181-b1b1-08839c62a533
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/1ad9e7b9-6127-4181-b1b1-08839c62a533
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 273ms
272ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 12:40:31 GMT
x-content-type-options: nosniff
age: 53752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 12:40:31 GMT

GET
H2 200 crispr-therapeutics-ag.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 1 KB
1 KB 240ms
239ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crispr-therapeutics-ag.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 02:38:27 GMT
content-encoding: gzip
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 3562
x-cache: Hit from cloudfront
x-amz-meta-hash: 16a44c1a6154b68c7aa2fa206e59c817
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 09:03:06 GMT
server: AmazonS3
etag: W/"16a44c1a6154b68c7aa2fa206e59c817"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: aeMkrfbKQT8JFOgltzTd_oJ7oIbIf74jf87XnKnzBi27Qt5yWglltw==

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame A1C5 45 KB
17 KB 825ms
273ms Script
text/javascript 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 02:14:53 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4891
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Tue, 31 Jan 2023 04:14:53 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 0DC1 45 KB
17 KB 882ms
341ms Script
text/javascript 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 02:14:53 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4891
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Tue, 31 Jan 2023 04:14:53 GMT

GET
H3 200 1 Show response
servicer.mgid.com/351459/ 4 KB
2 KB 262ms
262ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?scum=%3F0&scuw=%3F0&mp4=1&ap=1&w=370&h=1095&maxw_3=366&maxh_3=247&cols=1&pv=5&cbuster=1675136183576121805347&lct=1674000000&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=63d88cb7-158b6&pageView=0&pvid=18605e5abc7bb762896&implVersion=10&dpr=1&tfre=5366
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cef4288d352bd527b814a99f80bd33c9ce0ab956520a685aeb41da83e9f41705

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 791f671bdab3fb8c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA1LzEwMTkyNC8xNTJlNGE5NmVmYWE2MmNmY...
s-img.mgid.com/g/12578212/492x328/-/ 71 KB
72 KB 517ms
273ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12578212/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA1LzEwMTkyNC8xNTJlNGE5NmVmYWE2MmNmYmNkMmViNDM5MjMzZDkyYS5qcGVn.webp?v=1675136183-V9d7RVfjjhje9_1G9xqvzoql86XhAX2l0YcUckmiWsA
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e533d7e61b0197daff947d931e3b5bc458a4f9659e2b968fe08277e3a5232faf

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:24 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 06:53:42 GMT
x-mg-request-uuid: 4e19ea48-e290-4525-b677-347590783518
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 791f671ddb4b1c54-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73170

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
1 KB 303ms
300ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=16751361836027801967
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb18dd3629c5ea729e1ba5aba3a1bfbc19b7158118b0d0ba7cac059a59834640

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 791f671c8a57ee9e-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dillards.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 522 B
1 KB 236ms
236ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/dillards.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:21:31 GMT
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 1781
x-cache: Hit from cloudfront
x-amz-meta-hash: fe0a346dd65be84d3e810b04e0ec4c77
alt-svc: h3=":443"; ma=86400
content-length: 522
last-modified: Wed, 08 Sep 2021 08:56:49 GMT
server: AmazonS3
etag: "fe0a346dd65be84d3e810b04e0ec4c77"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 3S1mG-DT8GfdAUIsiD75o8XGIVo6qethSyyBjGWs2DlF0LodjcRiWQ==

GET
H2 200 amazon.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 1 KB
1 KB 235ms
235ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/amazon.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:00:56 GMT
content-encoding: gzip
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 2135
x-cache: Hit from cloudfront
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 08:57:49 GMT
server: AmazonS3
etag: W/"839d24db4574bb8543cec9624d3e1007"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: ukYT8S5JYvmArbqFY9HN2Mo_wE0fRQ-qhRwl84xm_kj7EnQBYcU32A==

GET
H3 204 i-noref.js Show response
cm.mgid.com/ Frame 7452 0
162 B 305ms
304ms Script
text/plain 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1675136183612692727546
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:24 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 791f671efeb9fb8c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
17 KB 370ms
129ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: QD7GDG9X6V5Q0C35
age: 3428
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 791f67207fb6fb88-AKL
x-amz-id-2: +XbogXZv0ULDVKtqCqTKTi2AEGfyxJuTUT2YITVMKt7cw3Xs1O73ugRMzpaTeN1erymDGZ9T99s=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 227 KB
72 KB 725ms
240ms Script
application/javascript 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:24 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 12:15:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=118175
accept-ranges: bytes
content-length: 73257
expires: Wed, 01 Feb 2023 12:25:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/ Frame CF27 10 KB
5 KB 818ms
272ms Document
text/html 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

age: 31088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 18:58:16 GMT
etag: 10353107486223812946
expires: Mon, 13 Feb 2023 18:58:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tesla.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 508 B
1 KB 235ms
235ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/tesla.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:17:03 GMT
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 1165
x-cache: Hit from cloudfront
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
alt-svc: h3=":443"; ma=86400
content-length: 508
last-modified: Wed, 08 Sep 2021 09:01:16 GMT
server: AmazonS3
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: GrdanwOEih7IEJQo_V1Sany_ejQz-gdZP9b8EFwjl2VslgyYtG65OA==

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2ZhNTkxYzM4MzIwMTM5YTNlYTU3ZmE1NTM4YmM5MmQyLmpwZWc.webp
s-img.mgid.com/g/8052386/492x328/0x0x1203x802/ 25 KB
25 KB 837ms
637ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8052386/492x328/0x0x1203x802/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2ZhNTkxYzM4MzIwMTM5YTNlYTU3ZmE1NTM4YmM5MmQyLmpwZWc.webp?v=1675136183-tLAJBgazlXZBA13BG-sk3-k3JRQIAxLTU9MQK3rqeMM
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f14d028ac7f7b7592441757801b1a860210c9d0b3842a2fd0ac209127410f1ba

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:24 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 16:56:47 GMT
x-mg-request-uuid: bdebcd6e-2cbb-453e-9476-caa97b2f579f
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 791f671ddb491c54-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25148

GET
H3 200 microsoft.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 304 B
734 B 238ms
238ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/microsoft.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:29:50 GMT
via: 1.1 b4eebfe47952c39ed1b8a9637b729eb4.cloudfront.net (CloudFront)
age: 417
x-amz-cf-pop: SIN5-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
alt-svc: h3=":443"; ma=86400
content-length: 304
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
server: AmazonS3
etag: "074d127e2f9fd8c2e79c01a5f002979c"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: cVvRUBVvMz3gRy7KW_fC9hcqWi3GUCAgCd87lahDGyvCERi4FCDA9A==

GET
H3 200 fedex.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 182 B
612 B 238ms
238ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/fedex.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:21:31 GMT
via: 1.1 b4eebfe47952c39ed1b8a9637b729eb4.cloudfront.net (CloudFront)
age: 1939
x-amz-cf-pop: SIN5-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: a4fcbd383e2f657b6528f4aa95844de5
alt-svc: h3=":443"; ma=86400
content-length: 182
last-modified: Wed, 08 Sep 2021 08:56:21 GMT
server: AmazonS3
etag: "a4fcbd383e2f657b6528f4aa95844de5"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 938xQt7ZI4BA3Xa7TDZstzp6ejDi5HnwtgM4qGXBFvx-KCttL4tEWg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 274ms
273ms XHR
text/plain 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1005588732&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=701829313&gjid=2011750091&cid=1063384836.1675136184&tid=UA-16055024-1&_gid=2059306866.1675136184&_r=1&_slc=1&gtm=2wg1p05D8XJ6Q&z=128707081

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 275ms
274ms Image
image/gif 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1005588732&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=1063384836.1675136184&tid=UA-16055024-1&_gid=2059306866.1675136184&gtm=2wg1p05D8XJ6Q&z=1193374279

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:26:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76172
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 276ms
274ms Image
image/gif 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:26:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76172
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 united-parcel.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 1 KB
1 KB 237ms
237ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/united-parcel.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:03:23 GMT
content-encoding: gzip
via: 1.1 b4eebfe47952c39ed1b8a9637b729eb4.cloudfront.net (CloudFront)
age: 1982
x-amz-cf-pop: SIN5-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: ffadcdfb231eca2a6bddb9ca0efde5be
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 08:56:05 GMT
server: AmazonS3
etag: W/"ffadcdfb231eca2a6bddb9ca0efde5be"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: TtyOm4mWu8Kvp933rUrAsDw9KSvZDLD_Zr8Ha7NoZZ55YwMflepMlg==

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzM4LHlfMjUzL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAxL...
s-img.mgid.com/g/15112070/492x277/-/ 21 KB
22 KB 177ms
138ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15112070/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzM4LHlfMjUzL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAxLzEwMTkyNC8xNGQzNDYxOTgzMzVhN2IyYjJiZWYxMjMyYjM3YTVkOC5qcGVn.webp?v=1675136183-QdFiypUnefPUL2aaZyKSQOYomzloWiIc-0xtd0XtJ-A
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c00dde69b0c0314bfa0b2b8b80045aae3043c5addb34d8d35946e5103bd51b9d

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 09:57:56 GMT
x-mg-request-uuid: 8bcd83a6-c47d-43d4-898a-8da4fef2293b
server: cloudflare
age: 1512568
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 791f671ddb4a1c54-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21592

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMi8xNzU2ODUvNjE3Z...
s-img.mgid.com/g/14958907/492x277/-/ 20 KB
20 KB 150ms
149ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14958907/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMi8xNzU2ODUvNjE3ZjFhMTkwYmUzNTQwMTc5Mjk1OTkyMjhiYzk0YzAuanBn.webp?v=1675136183-hpcadUJYtxJvTjSZqaeMvtdLzHMr_3hU_vvicOUqPrI
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1ff24b814482924167dfbfe5c4a325873bc9f795fca59455fe685407a41de94

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
cf-cache-status: HIT
last-modified: Tue, 20 Dec 2022 14:18:50 GMT
x-mg-request-uuid: d7eb307f-9459-43fa-a776-56f500f934ee
server: cloudflare
age: 90897
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 791f67306e8b1c54-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20552

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDgvMTAxOTI0L2NlNjJmNDU2M2UxMWU1ODhiMjE1MWZkYzlhMzM2ZWVmLmpwZw.webp
s-img.mgid.com/g/3805551/492x277/0x0x492x277/ 6 KB
6 KB 131ms
131ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805551/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDgvMTAxOTI0L2NlNjJmNDU2M2UxMWU1ODhiMjE1MWZkYzlhMzM2ZWVmLmpwZw.webp?v=1675136183-Y0an7v3WYxYoP9fVJnUkCy87CG1qrtGzANIML7wv2uQ
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76e330cd2f514570ec77ff9ccb39f72966c87acc599074eac3f92510b8e82685

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 10:06:03 GMT
x-mg-request-uuid: 5c7a96c6-cc2b-40d4-80e4-21a6d9a45202
server: cloudflare
age: 1507891
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 791f67306e8d1c54-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6026

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDktMTQvMTAxOTI0LzY2MTg4NzY0MDYxZTNlNGMwZDM0YWIxYzQ3YTRjMDBlLnBuZw.webp
s-img.mgid.com/g/8193506/492x277/0x0x582x327/ 12 KB
12 KB 135ms
134ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193506/492x277/0x0x582x327/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDktMTQvMTAxOTI0LzY2MTg4NzY0MDYxZTNlNGMwZDM0YWIxYzQ3YTRjMDBlLnBuZw.webp?v=1675136183-NY_TPT2cw-i83DyIoTC4IPb-Rg9hqUqiqSGVIpWCBp4
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2979f4d14ee6099d5a7bc437925cb7dee1b78af94cd8f3fd6170eb1f22608df

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 19:20:29 GMT
x-mg-request-uuid: 4e06c4aa-be7f-484a-8fa9-f6667ceeeb60
server: cloudflare
age: 20287
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 791f67307eb01c54-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11960

GET
H3 200 gamestop.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 1 KB
1 KB 237ms
236ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/gamestop.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:17:41 GMT
content-encoding: gzip
via: 1.1 b4eebfe47952c39ed1b8a9637b729eb4.cloudfront.net (CloudFront)
age: 1998
x-amz-cf-pop: SIN5-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: bbf56edc1acae4673f8e03ab9e3e2290
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 08:53:53 GMT
server: AmazonS3
etag: W/"bbf56edc1acae4673f8e03ab9e3e2290"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: qvntOGR2XwQXfFWa9f-tpNUnRtpIjRsNRcZ43pnGqXYsKaUX5BPkbA==

GET
H3 200 paypal.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 1 KB
1 KB 237ms
237ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/paypal.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:17:40 GMT
content-encoding: gzip
via: 1.1 b4eebfe47952c39ed1b8a9637b729eb4.cloudfront.net (CloudFront)
age: 1458
x-amz-cf-pop: SIN5-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: 65eea60fcee5ecdfdbb1acd1ba7cc66b
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 09:02:09 GMT
server: AmazonS3
etag: W/"65eea60fcee5ecdfdbb1acd1ba7cc66b"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 7M86dqSo2Fx7FQyqg16VOBC5VVAW8b5sUsou1GSMdZSkmQfeRljXtg==

GET
H3 200 ebay.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 1 KB
1 KB 236ms
236ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/ebay.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 02:37:27 GMT
content-encoding: gzip
via: 1.1 b4eebfe47952c39ed1b8a9637b729eb4.cloudfront.net (CloudFront)
age: 3540
x-amz-cf-pop: SIN5-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: 10fc27643c8debeb225d244f546f3641
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 08:57:07 GMT
server: AmazonS3
etag: W/"10fc27643c8debeb225d244f546f3641"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: qEp9ZkAPZxgEcp8JhB8AbJNRMH2t7scRjyfdq4g5EN5RAPOLIHMZTw==

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 0FAA 3 KB
2 KB 707ms
234ms Document
text/html 209.58.165.102
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=754484
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=16751361836027801967
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.165.102 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: Adtelligent /
Resource Hash: 6ac7ed5eff9362a031e0c6020cb5e0421c7908dc82c73e40c56c12f26ede064e

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://beforeitsnews.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1283
Content-Type: text/html; charset=UTF-8
Date: Tue, 31 Jan 2023 03:36:24 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=QJ0V0yJGouqO00Gfdrsf&pi=mgid&tc=1

43 B
397 B

314ms
313ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=QJ0V0yJGouqO00Gfdrsf&pi=mgid&tc=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 791f673a3caefb8c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=QJ0V0yJGouqO00Gfdrsf&pi=mgid&tc=1
pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT, Tue, 31 Jan 2023 03:36:28 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmgid%26bsw_param%3D32151c6c-50c2-428d-afeb-7fcb5cbac3e1&g...
https://x.bidswitch.net/sync?dsp_id=80&user_id=7c3663d8-8cba-4900-a91b-09764c4657e7&expires=30&ssp=mgid&bsw_param=32151c6c-50c2-428d-afeb-7fcb5cbac3e1&gdpr=&gdpr_consent=
https://cm.mgid.com/m?cdsp=433145&c=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&gdpr=&consentData=&uspString=

43 B
397 B

316ms
315ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&gdpr=&consentData=&uspString=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 791f673a7cf6fb8c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

Location: //cm.mgid.com/m?cdsp=433145&c=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&gdpr=&consentData=&uspString=
Date: Tue, 31 Jan 2023 03:36:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjB1bjUwSVdyekFq&muidn=n0un50IWrzAj
https://cm.mgid.com/google?muidn=n0un50IWrzAj&google_ula={guid},5&google_gid=CAESECXEDzJ3psk7-lor9hW7IEw&google_cver=1

0
121 B

338ms
337ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=n0un50IWrzAj&google_ula={guid},5&google_gid=CAESECXEDzJ3psk7-lor9hW7IEw&google_cver=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 791f6732386ffb8c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.mgid.com/google?muidn=n0un50IWrzAj&google_ula={guid},5&google_gid=CAESECXEDzJ3psk7-lor9hW7IEw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
143 B 648ms
403ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=n0un50IWrzAj
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 791f67320bf11c58-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: image/gif

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mg...
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=&piggybackCookie=485870385321057896
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=&ssp=pubmatic&bsw_param=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&gdpr=&gdpr_consent=&gdpr_pd=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
161 B

234ms
234ms

Image
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:30 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Tue, 31 Jan 2023 03:36:29 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=mgid
https://cm.mgid.com/m?cdsp=43070&c=LDJOU1FZ-C-CKLW

43 B
365 B

345ms
344ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=43070&c=LDJOU1FZ-C-CKLW
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 791f6732b950fb8c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.mgid.com/m?cdsp=43070&c=LDJOU1FZ-C-CKLW
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
Expires: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=c04d8023-7bbf-4b1c-bc07-ebe93afc02a7

43 B
397 B

303ms
302ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=c04d8023-7bbf-4b1c-bc07-ebe93afc02a7
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 791f67397b9cfb8c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=c04d8023-7bbf-4b1c-bc07-ebe93afc02a7
date: Tue, 31 Jan 2023 03:36:28 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=n0un50IWrzAj
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=895821915120113776&gdpr=0&gdpr_consent=
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

42 B
774 B

239ms
237ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d264e84c9dc1a645a3048554992c5d82
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 03:36:29 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=fd1b046a-fd2d-49d9-baec-eb0476726ada

43 B
381 B

487ms
485ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=665953&c=fd1b046a-fd2d-49d9-baec-eb0476726ada
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 791f6735ddfcfb8c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=fd1b046a-fd2d-49d9-baec-eb0476726ada
access-control-allow-origin: *
date: Tue, 31 Jan 2023 03:36:27 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A
https://cm.mgid.com/m?cdsp=718337&c=ID5-ac2azdvNZo06tRV8dEt04iTwaOrtiNtVAaWkI7M_zA

43 B
413 B

302ms
302ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=718337&c=ID5-ac2azdvNZo06tRV8dEt04iTwaOrtiNtVAaWkI7M_zA
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 791f673e4986fb8c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=718337&c=ID5-ac2azdvNZo06tRV8dEt04iTwaOrtiNtVAaWkI7M_zA
date: Tue, 31 Jan 2023 03:36:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&ttl=1677728187

43 B
381 B

331ms
331ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&ttl=1677728187
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 791f6735cde8fb8c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:27 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&ttl=1677728187
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 205

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=n0un50IWrzAj
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

68 B
280 B

713ms
238ms

Image
image/png

18.136.168.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Server: 18.136.168.53 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-168-53.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Date: Tue, 31 Jan 2023 03:36:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 204
No Content e4e1f5fe20753b6b614cda48b7e3c9f7.gif
cs.admanmedia.com/ 0
199 B 1046ms
346ms Image
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:29 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY

GET
H3 200 walt-disney.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 1 KB
1 KB 237ms
236ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/walt-disney.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31257fdc7fa342a349e0e054c694570eba2bd8e05f44444def4021d549ed8153

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:10:43 GMT
content-encoding: gzip
via: 1.1 b4eebfe47952c39ed1b8a9637b729eb4.cloudfront.net (CloudFront)
age: 1933
x-amz-cf-pop: SIN5-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: 56b3637bda59798c561f6b371aa11c36
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 08:58:26 GMT
server: AmazonS3
etag: W/"56b3637bda59798c561f6b371aa11c36"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: vCNwQUUIFWEh5k07oezJbiIKH1Bb9_UgZUEMylXTeHHbBmYCDQbynw==

GET
H2 200 collect
www.google-analytics.com/ Frame 0A69 35 B
132 B 273ms
272ms Image
image/gif 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=111262402&t=pageview&_s=1&dl=https%3A%2F%2Fs.tradingview.com%2Fembed-widget%2Fticker-tape%2F%3Flocale%3Den&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Ticker%20Tape%20Widget&sd=24-bit&sr=1600x1200&vp=775x46&je=0&_u=YEAAAQABAAAAAAAAIE~&cid=1379586003.1675136184&tid=UA-132755435-1&_gid=900812877.1675136184&gtm=2ou1p0&gcs=G1-0&z=1478761477

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:44:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39129
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
214 B 621ms
604ms XHR
text/plain 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-16055024-1&cid=1063384836.1675136184&jid=701829313&gjid=2011750091&_gid=2059306866.1675136184&_u=YEBAAEAAAAAAACAAI~&z=21770687

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 31 Jan 2023 03:36:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icahn-enterprises.svg
s3-symbol-logo.tradingview.com/ Frame 0A69 168 B
600 B 238ms
237ms Image
image/svg+xml 13.35.8.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/icahn-enterprises.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.35.8.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-4.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c589c7f1b9c73d8c3a073c49d14d7acc7d8af6e2bee79ed841cf07ec635c851f

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:21:30 GMT
via: 1.1 b4eebfe47952c39ed1b8a9637b729eb4.cloudfront.net (CloudFront)
age: 1025
x-amz-cf-pop: SIN5-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: 78b7400ec504733273e5f39b20f5f3c7
alt-svc: h3=":443"; ma=86400
content-length: 168
last-modified: Wed, 08 Sep 2021 09:00:49 GMT
server: AmazonS3
etag: "78b7400ec504733273e5f39b20f5f3c7"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: BN-YNSjD81wZVnAwYDI_A-zSb3ZK2ElPjtgAQCo0R8TMVq5mpKHb2Q==

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 1192ms
397ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

ecc2a2a04b695832f8cd8291974b14a216726c7764b0ce03809803dd6a293053

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 31 Jan 2023 03:36:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 34 B
285 B 1191ms
396ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lbs.eu-1-id5-sync.com/lbs/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

7692705e89a59b78f69c719f9b22dfb4978de5fc56f3ee54a81cc85379b8ba19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 31 Jan 2023 03:36:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 34
vary: Origin
content-type: application/json

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 1184ms
394ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

7bb2c889df4d7f0fcef15a3b32ecca9db3c45cb5358ddce59d45c485e53b4f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 31 Jan 2023 03:36:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 34 B
285 B 1192ms
397ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lbs.eu-1-id5-sync.com/lbs/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

fdc924b3a76a3ad764d3afacd9b9ed4d95f6d0757770c2b697145d560ad570f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 31 Jan 2023 03:36:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 34
vary: Origin
content-type: application/json

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 1192ms
397ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

2b0c92532e3e5e738b0e48f44255367171f4e9cbf727221f69e642a1da5b6692

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 31 Jan 2023 03:36:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 34 B
285 B 1191ms
397ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lbs.eu-1-id5-sync.com/lbs/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

4fb50a8cd69d0904f2651010f47f1716179579821acf15dbc313de2f1969f908

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 31 Jan 2023 03:36:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 34
vary: Origin
content-type: application/json

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 825ms
277ms Image
image/gif 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-16055024-1&cid=1063384836.1675136184&jid=701829313&_u=YEBAAEAAAAAAACAAI~&z=980122777

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.nz/ads/ 42 B
408 B 824ms
277ms Image
image/gif 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.nz/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-16055024-1&cid=1063384836.1675136184&jid=701829313&_u=YEBAAEAAAAAAACAAI~&z=980122777

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 63A5 4 KB
2 KB 866ms
392ms Document
text/html 51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.101 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

3f0a964ff8cbc8c4d927de92c5ba56136ed13b39696b118555e452b64f310b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1405
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
ads.us.e-planning.net/uspd/1/ Frame C584 13 B
92 B 711ms
236ms Document
text/html 64.120.110.136
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.136 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

content-length: 13
content-type: text/html
date: Tue, 31 Jan 2023 03:36:25 GMT
server: openresty
x-sid: SIN-726

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame 2709 1 KB
1 KB 1037ms
339ms Document
text/html 23.227.152.10
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.152.10 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 56f068f84f80c321e052fd3e2b2a56032832e9d76fe8332bbf5ac8a083a6d33e

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s.adtelligent.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 744
Content-Type: text/html; charset=UTF-8
Date: Tue, 31 Jan 2023 03:36:24 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E151 16 KB
6 KB 625ms
619ms Document
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=27948
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 31 Jan 2023 03:36:24 GMT
expires: Tue, 31 Jan 2023 11:22:12 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

/ Show response
de.tynt.com/deb/ Frame 95CC
Redirect Chain

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X

2 KB
3 KB

963ms
323ms

Document
text/html

67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 0da99f1d4a2e33f27d13a30d06141b123f6034f176d66f5f26b6a38878eff98b

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 1932
content-type: text/html
date: Tue, 31 Jan 2023 03:36:26 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

Redirect headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
content-length: 171
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 03:36:25 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
location: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 14A5
Redirect Chain

https://csync.loopme.me/?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=064111dd-b008-476e-98ef-ba6bdce3fb85&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0

0
404 B

1464ms
1388ms

Document
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=064111dd-b008-476e-98ef-ba6bdce3fb85&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

Content-Length: 0
Date: Tue, 31 Jan 2023 03:36:26 GMT
Etag: dae4ba08a6a7a0b4
Server: Adtelligent

Redirect headers

content-length: 0
date: Tue, 31 Jan 2023 03:36:25 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=064111dd-b008-476e-98ef-ba6bdce3fb85&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0
server: _

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame EBE2 2 KB
1 KB 237ms
234ms Document
text/html 209.58.165.102
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=651796
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.165.102 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: Adtelligent /
Resource Hash: 9d9f69b458097c709f4c00bebf9040036f09ac49fb8f6543755dbb36227a7041

Request headers

Referer: https://s.adtelligent.com/sync.html?aid=754484
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s.adtelligent.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 856
Content-Type: text/html; charset=UTF-8
Date: Tue, 31 Jan 2023 03:36:24 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 0FAA
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=GE4YBLZHfXB-6asCQSiub7ge

0
392 B

1493ms
1230ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=GE4YBLZHfXB-6asCQSiub7ge
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:26 GMT
Server: Adtelligent
Etag: dae4ba08a6a7a0b4
Content-Length: 0

Redirect headers

date: Tue, 31 Jan 2023 03:36:25 GMT
pod: X-Sovrn-Pod: ad_ap1sfo1
access-control-allow-methods: GET, POST, DELETE, PUT
location: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=GE4YBLZHfXB-6asCQSiub7ge
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 0FAA
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5f58e29d-7533-46d3-ac97-d69baf9909be

0
404 B

1661ms
590ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5f58e29d-7533-46d3-ac97-d69baf9909be
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:27 GMT
Server: Adtelligent
Etag: dae4ba08a6a7a0b4
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5f58e29d-7533-46d3-ac97-d69baf9909be
date: Tue, 31 Jan 2023 03:36:25 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 0FAA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=6606910694558905850

0
387 B

1431ms
1258ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=6606910694558905850
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:26 GMT
Server: Adtelligent
Etag: dae4ba08a6a7a0b4
Content-Length: 0

Redirect headers

Date: Tue, 31 Jan 2023 03:36:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 116.90.74.197; 116.90.74.197; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 92d8ef8f-c9a6-41d8-82e3-942ecb311e20
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=6606910694558905850
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 0FAA
Redirect Chain

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=fd1b046a-fd2d-49d9-baec-eb0476726ada

0
404 B

399ms
340ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=fd1b046a-fd2d-49d9-baec-eb0476726ada
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:25 GMT
Server: Adtelligent
Etag: dae4ba08a6a7a0b4
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=fd1b046a-fd2d-49d9-baec-eb0476726ada
access-control-allow-origin: *
date: Tue, 31 Jan 2023 03:36:25 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 0FAA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6606910694558905850

0
387 B

1550ms
1285ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6606910694558905850
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:26 GMT
Server: Adtelligent
Etag: dae4ba08a6a7a0b4
Content-Length: 0

Redirect headers

Date: Tue, 31 Jan 2023 03:36:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 116.90.74.197; 116.90.74.197; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 20240853-05bc-43c8-8663-3c7aa283e80f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6606910694558905850
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
vid.vidoomy.com/ Frame 0FAA 0
0 809ms
331ms Image
text/html 89.187.162.137
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.162.137 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 599610281.sgp.cdn77.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 0FAA
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=e4dc875f-1945-4035-a9f9-885b3c6002d4

0
404 B

510ms
341ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=e4dc875f-1945-4035-a9f9-885b3c6002d4
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:25 GMT
Server: Adtelligent
Etag: dae4ba08a6a7a0b4
Content-Length: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:24 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=e4dc875f-1945-4035-a9f9-885b3c6002d4
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: rdd9oc1dkpbhem03ne08q9kj85scnf5k

GET
H3

200

m
cm.mgid.com/ Frame 0FAA
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
https://cm.mgid.com/m?cdsp=617666&c=dae4ba08a6a7a0b4

43 B
350 B

321ms
321ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617666&c=dae4ba08a6a7a0b4
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 791f67297c24fb8c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

Location: https://cm.mgid.com/m?cdsp=617666&c=dae4ba08a6a7a0b4
Date: Tue, 31 Jan 2023 03:36:25 GMT
Server: Adtelligent
Etag: dae4ba08a6a7a0b4
Content-Length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2442 16 KB
6 KB 389ms
389ms Document
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=27947
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 31 Jan 2023 03:36:25 GMT
expires: Tue, 31 Jan 2023 11:22:12 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 0F73 4 KB
2 KB 604ms
394ms Document
text/html 51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=75a1922f904cc20

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.101 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

d1e8543cd877843279ac02134e1f872a27b3f137c532d94bae93f454096305de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1400
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

csync
sync.spotim.market/ Frame EBE2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}

43 B
318 B

1525ms
339ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:26 GMT
Server: Adtelligent
Etag: dae4ba08a6a7a0b4
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c80248407eff6cf595ce43a76c04e23f
Expires: 0

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame EBE2 43 B
320 B 1016ms
339ms Image
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?redir=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:25 GMT
Server: Adtelligent
Etag: dae4ba08a6a7a0b4
Content-Length: 43
Content-Type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame E151 2 KB
3 KB 709ms
235ms Script
text/html 103.231.98.196
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83924376&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: dfe1ba6bf7ed007c1cde8f6f8824e37f404676b85c5caf01646195a8d7ed3f4f

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 31 Jan 2023 03:36:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

/
onetag-sys.com/match/ Frame 63A5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=e88c63d8-8cba-4500-883f-f6f47ff4b84c&gdpr=1&gdpr_consent=

0
291 B

393ms
392ms

Image
text/plain

51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=e88c63d8-8cba-4500-883f-f6f47ff4b84c&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Protocol

Server

51.79.234.101 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Tue, 31 Jan 2023 03:36:26 GMT
Server: MT3 404 ce67235 master nrt-pixel-x18 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=e88c63d8-8cba-4500-883f-f6f47ff4b84c&gdpr=1&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 31 Jan 2023 03:36:25 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 63A5 0
239 B 1558ms
386ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 402fba8a82f093def2459220061c8d31
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 63A5
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6606910694558905850

0
291 B

463ms
462ms

Image
text/plain

51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6606910694558905850

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Protocol

Server

51.79.234.101 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Tue, 31 Jan 2023 03:36:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 116.90.74.197; 116.90.74.197; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a8a00d4a-3c95-452a-b056-ea54f1d9b88d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6606910694558905850
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 63A5 42 B
774 B 563ms
238ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=BKySa8R-SZ7iKAZ_fQa4fr2HP6ajU3QoyXw_yPVLCtY
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 63A5
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhgXlsesH3VGDdK7XRBIcVOgqJKcULSZwkg
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhgXlsesH3VGDdK7XRBIcVOgqJKcULSZwkg&google_tc=

170 B
232 B

286ms
285ms

Image
image/png

172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhgXlsesH3VGDdK7XRBIcVOgqJKcULSZwkg&google_tc=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Protocol

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhgXlsesH3VGDdK7XRBIcVOgqJKcULSZwkg&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 63A5 0
75 B 726ms
242ms Image
text/plain 23.106.127.52
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.52 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
content-length: 0

GET
H2

200

1000.gif
id.rlcdn.com/ Frame 63A5
Redirect Chain

https://id.rlcdn.com/711916.gif?ct=4&cv=
https://id.rlcdn.com/1000.gif?memo=COy5KxoNCLqZ4p4GEgUI6AcQAEIASgA

42 B
317 B

319ms
319ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/1000.gif?memo=COy5KxoNCLqZ4p4GEgUI6AcQAEIASgA
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol: H2
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Tue, 31 Jan 2023 03:36:26 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://id.rlcdn.com/1000.gif?memo=COy5KxoNCLqZ4p4GEgUI6AcQAEIASgA
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 63A5
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WU_S9nTzAFCAgf84H8AsQDc10WXrIYeTRDNPRmd1NhQ

43 B
479 B

1674ms
342ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WU_S9nTzAFCAgf84H8AsQDc10WXrIYeTRDNPRmd1NhQ

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 03:36:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QXS0QVCC1Y2RPW5GW2FV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WU_S9nTzAFCAgf84H8AsQDc10WXrIYeTRDNPRmd1NhQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 63A5 0
39 B 235ms
234ms Image
text/plain 103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 63A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJRKMPwR7EEmr-ixbb3xdyo&google_cver=1

0
291 B

391ms
391ms

Image
text/plain

51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJRKMPwR7EEmr-ixbb3xdyo&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Protocol

Server

51.79.234.101 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJRKMPwR7EEmr-ixbb3xdyo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 63A5 0
125 B 909ms
240ms Image
text/plain 52.74.162.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 63A5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=

0
291 B

392ms
392ms

Image
text/plain

51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Protocol

Server

51.79.234.101 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 63A5 43 B
235 B 845ms
281ms Image
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame 63A5 0
411 B 1051ms
541ms Image
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=306279&extuid=BKySa8R-SZ7iKAZ_fQa4fr2HP6ajU3QoyXw_yPVLCtY
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:27 GMT
Server: Adtelligent
Etag: dae4ba08a6a7a0b4
Content-Length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 0F73
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=86fa63d8-8cba-4400-baa5-296f0e90d337&gdpr=1&gdpr_consent=

0
291 B

393ms
393ms

Image
text/plain

51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=86fa63d8-8cba-4400-baa5-296f0e90d337&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20

Protocol

Server

51.79.234.101 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Tue, 31 Jan 2023 03:36:26 GMT
Server: MT3 404 ce67235 master nrt-pixel-x20 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=86fa63d8-8cba-4400-baa5-296f0e90d337&gdpr=1&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 31 Jan 2023 03:36:25 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 0F73 0
239 B 1553ms
385ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 402fba8a82f093def2459220061c8d31
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 0F73
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6606910694558905850

0
291 B

565ms
565ms

Image
text/plain

51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6606910694558905850

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20

Protocol

Server

51.79.234.101 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Tue, 31 Jan 2023 03:36:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 116.90.74.197; 116.90.74.197; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5d025120-86e3-4453-8932-9801c289a25e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6606910694558905850
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0F73
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhgXlses940mk9eDj9ddUJjbMUyT7SeWqPA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhgXlses940mk9eDj9ddUJjbMUyT7SeWqPA&google_tc=

170 B
243 B

282ms
282ms

Image
image/png

172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhgXlses940mk9eDj9ddUJjbMUyT7SeWqPA&google_tc=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20

Protocol

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhgXlses940mk9eDj9ddUJjbMUyT7SeWqPA&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 0F73 0
75 B 715ms
235ms Image
text/plain 23.106.127.52
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.52 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:25 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 0F73
Redirect Chain

https://id.rlcdn.com/711916.gif?ct=4&cv=
https://onetag-sys.com/match/?int_id=110&uid=

0
291 B

391ms
391ms

Image
text/plain

51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=110&uid=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20

Protocol

Server

51.79.234.101 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date: Tue, 31 Jan 2023 03:36:26 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://onetag-sys.com/match/?int_id=110&uid=
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0F73
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WU_S9nTzAFCAgf84H8AsQDc10WXrIYeTRDNPRmd1NhQ

43 B
479 B

1670ms
337ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WU_S9nTzAFCAgf84H8AsQDc10WXrIYeTRDNPRmd1NhQ

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 03:36:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YVVX2KJ44CSD2A0QBBA8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WU_S9nTzAFCAgf84H8AsQDc10WXrIYeTRDNPRmd1NhQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 0F73 0
42 B 710ms
234ms Image
text/plain 103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 0F73
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELKHcGeXaPnKmD8V5QpWasc&google_cver=1

0
291 B

391ms
391ms

Image
text/plain

51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESELKHcGeXaPnKmD8V5QpWasc&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20

Protocol

Server

51.79.234.101 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESELKHcGeXaPnKmD8V5QpWasc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 0F73 0
15 B 939ms
241ms Image
text/plain 52.74.162.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 0F73
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=

0
291 B

393ms
392ms

Image
text/plain

51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20

Protocol

Server

51.79.234.101 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 0F73 43 B
235 B 847ms
285ms Image
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 0F73 42 B
774 B 237ms
237ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=WU_S9nTzAFCAgf84H8AsQDc10WXrIYeTRDNPRmd1NhQ
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cs
cs.spotimmedia.com/ Frame 0F73 0
465 B 931ms
450ms Image
application/javascript 13.227.254.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.spotimmedia.com/cs?aid=40013&id=WU_S9nTzAFCAgf84H8AsQDc10WXrIYeTRDNPRmd1NhQ
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-35.sin52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:27 GMT
via: 1.1 423016d18a128e118b016383665b6de8.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-reason: advertiser 40013 not exists
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://onetag-sys.com/
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: FjWrjJSWRNuzomLxKe29b6mqEKZPGsL2CM6Xf9zG5WtfMEQlcbGA-Q==

GET
H3 200 c
c.mgid.com/ 43 B
213 B 308ms
307ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=366|267|8|XLCf6enwEPu0RVQ9k7BAX9a4S4ExXbe8ftmMJlgU8JCnHPgL59NFEAHIVFjy3KJ-zp9YXnuGchJP6PVYDkOFnQ**&fw=1&extjs=66044&cid=720413&h2=HZ1TSImmca6cD9-h8CHUTtJSkEME0mrAc5p31T7JHSY*&rid=6f3b3478-a118-11ed-baf6-2cea7f942996&tt=Direct&iv=11&pageImp=1&pvid=18605e5abc7bb762896&muid=n0un0qwdcfAj&cbuster=1675136185665522141601
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:29 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: a5b2eca9-ab43-49fe-bc2a-08895ecbd8ab
server: cloudflare
content-type: image/gif
cf-ray: 791f673c6f48fb8c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 461 B
1 KB 1193ms
396ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a8a0d2847710e51c816f6973ff5cb3e11dc41ebe5648331789a92b973f8dc0a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://beforeitsnews.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 462 B
1 KB 1184ms
395ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

2f4225701dabeb409f09d5ff3bba85993d7ef0c399ccf2dd9daa609300d23992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://beforeitsnews.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 462 B
1 KB 1187ms
396ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

9e0fa7875e28ffdbb397955dbc336b800dd39e14f19c19e63e753e4740c46f80

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://beforeitsnews.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H2 200 cookie Show response
cm.adform.net/ Frame 9788 43 B
106 B 1195ms
396ms Document
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Tue, 31 Jan 2023 03:36:26 GMT
server: nginx

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 2709
Redirect Chain

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=fd98892b461e2f25

0
384 B

340ms
339ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=fd98892b461e2f25
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:27 GMT
Server: Adtelligent
Etag: dae4ba08a6a7a0b4
Content-Length: 0

Redirect headers

Location: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=fd98892b461e2f25
Date: Tue, 31 Jan 2023 03:36:26 GMT
Server: Adtelligent
Etag: fd98892b461e2f25
Content-Length: 0

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame F6EC
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=-1&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=-1&gdpr_consent=

35 B
468 B

264ms
263ms

Document
image/gif

185.84.60.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=-1&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Tue, 31 Jan 2023 03:36:27 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Tue, 31 Jan 2023 03:36:27 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=-1&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 86B1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=-1&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7c3663d8-8cba-4900-a91b-09764c4657e7&gdpr=-1&gdpr_consent=

42 B
326 B

685ms
236ms

Document
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7c3663d8-8cba-4900-a91b-09764c4657e7&gdpr=-1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 31 Jan 2023 03:36:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Tue, 31 Jan 2023 03:36:26 GMT
Expires: Tue, 31 Jan 2023 03:36:25 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 404 ce67235 master nrt-pixel-x15 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7c3663d8-8cba-4900-a91b-09764c4657e7&gdpr=-1&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F0C3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9iMuwADc-a34QAF&gdpr=1&gdpr_consent=&_test=Y9iMuwADc-a34QAF

0
93 B

235ms
235ms

Document
text/html

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9iMuwADc-a34QAF&gdpr=1&gdpr_consent=&_test=Y9iMuwADc-a34QAF
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 03:36:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Tue, 31 Jan 2023 03:36:27 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9iMuwADc-a34QAF&gdpr=1&gdpr_consent=&_test=Y9iMuwADc-a34QAF
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fty21352-FTY
x-timer: S1675136188.533563,VS0,VE0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B67B
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=-1&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6606910694558905850&gdpr=-1&gdpr_consent=

42 B
447 B

810ms
235ms

Document
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6606910694558905850&gdpr=-1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 31 Jan 2023 03:36:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 1648cdd0-e141-48a0-8271-8679b62e16c9
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Tue, 31 Jan 2023 03:36:26 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6606910694558905850&gdpr=-1&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 116.90.74.197; 116.90.74.197; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame F00C
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=-1&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NRy3yztMsZIuTbXEMxj-kDAa4pEuGreXYBx84aTi

42 B
570 B

710ms
235ms

Document
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NRy3yztMsZIuTbXEMxj-kDAa4pEuGreXYBx84aTi
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 31 Jan 2023 03:36:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Tue, 31 Jan 2023 03:36:26 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NRy3yztMsZIuTbXEMxj-kDAa4pEuGreXYBx84aTi
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 461B 0
404 B 1070ms
347ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

Content-Length: 0
Date: Tue, 31 Jan 2023 03:36:26 GMT
Etag: dae4ba08a6a7a0b4
Server: Adtelligent

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E151
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xqySS3beTa-pQeKbSrtjcw%3D%3D&gdpr=-1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xqySS3beTa-pQeKbSrtjcw%3D%3D&gdpr=-1&gdpr_consent=&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=-1&gdpr_consent=

4 KB
4 KB

240ms
240ms

Image
text/html

104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=-1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:27 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=27945
accept-ranges: bytes
content-length: 5554
expires: Tue, 31 Jan 2023 11:22:12 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=-1&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 302
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

458249.gif
idsync.rlcdn.com/ Frame E151
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEM2QUM5MjRCLTc2REUtNERBRi1BOTQxLUUyOUI0QUJCNjM3MxAAGg0IupningYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=7dc6707f1852f38b36927d17dd6b036f773f000ec18b8e5b85a5f3dd3d2bf25b791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3ZGM2NzA3ZjE4NTJmMzhiMzY5MjdkMTdkZDZiMDM2Zjc3M2YwMDBlYzE4YjhlNWI4NWE1ZjNkZDNkMmJmMjViNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3ZGM2NzA3ZjE4NTJmMzhiMzY5MjdkMTdkZDZiMDM2Zjc3M2YwMDBlYzE4YjhlNWI4NWE1ZjNkZDNkMmJmMjViNzkxNDI2YjU0MTdkY2UyMRAAGgwIu5ningYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=b2e68493-a989-4f62-a6f6-80e6f3197916

42 B
60 B

321ms
320ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=b2e68493-a989-4f62-a6f6-80e6f3197916
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=b2e68493-a989-4f62-a6f6-80e6f3197916
date: Tue, 31 Jan 2023 03:36:28 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame E151
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&sInitiator=external&gdpr=-1&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&sInitiator=external&gdpr=-1&gdpr_consent=

42 B
570 B

276ms
275ms

Image
image/gif

119.9.108.191
RACKSPACE-AP Rack...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&sInitiator=external&gdpr=-1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: HTTP/1.1
Server: 119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:24 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:24 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&sInitiator=external&gdpr=-1&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E151
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzZBQzkyNEItNzZERS00REFGLUE5NDEtRTI5QjRBQkI2Mzcz&gdpr=-1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzZBQzkyNEItNzZERS00REFGLUE5NDEtRTI5QjRBQkI2Mzcz&gdpr=-1&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=

42 B
95 B

593ms
236ms

Image
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 31 Jan 2023 03:36:27 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E151
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=-1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=-1&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=CAESEFWc-jhVdkhkYkjAl-azOvM&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=156cf52a-7cdb-42a3-b19c-899f9fe440a5&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&gdpr=&gdpr_consent=&gdpr_pd=

1 B
165 B

237ms
234ms

Image
text/html

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 03:36:29 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&gdpr=&gdpr_consent=&gdpr_pd=
Date: Tue, 31 Jan 2023 03:36:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 pubmatic
um.simpli.fi/ Frame E151 43 B
612 B 1120ms
271ms Image
image/gif 34.142.175.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=-1&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.142.175.23 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.175.142.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:27 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 30 Jan 2023 03:36:27 GMT

GET
H2 200 C6AC924B-76DE-4DAF-A941-E29B4ABB6373
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E151 43 B
602 B 716ms
240ms Image
image/gif 54.179.181.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/C6AC924B-76DE-4DAF-A941-E29B4ABB6373?gdpr=-1&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.179.181.113 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-181-113.ap-southeast-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E151
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=-1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=-1&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=

42 B
278 B

508ms
236ms

Image
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 31 Jan 2023 03:36:27 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame E151
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&redir=true&gdpr=-1&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xguQVyVE2uWp6blkkfFvBESLbhZkUOs-~A

0
260 B

706ms
235ms

Image
text/plain

103.231.98.195
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xguQVyVE2uWp6blkkfFvBESLbhZkUOs-~A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:27 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xguQVyVE2uWp6blkkfFvBESLbhZkUOs-~A
date: Tue, 31 Jan 2023 03:36:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame AAB6
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

281 B
410 B

243ms
239ms

Document
text/html

23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 31 Jan 2023 03:36:27 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 31 Jan 2023 03:36:27 GMT
location: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server: AkamaiGHost

GET
H2

200

cm Show response
us-u.openx.net/w/1.0/ Frame 1BD1
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1675136186536.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D...

959 B
972 B

525ms
238ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 2d113108c7509fce2ed86e98a1840c8aeb271f932ad8dcf603127b20d4393a98

Request headers

Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 538
content-type: text/html
date: Tue, 31 Jan 2023 03:36:28 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Tue, 31 Jan 2023 03:36:27 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP004
x-33x-status: 40000000008200000C

GET
H2

200

match
events-ssc.33across.com/ Frame 95CC
Redirect Chain

https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=93&user_id=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&ts=1675136188&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
126 B

285ms
280ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&ts=1675136188&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:27 GMT
referrer-policy: unsafe-url
server: 33XP011
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=c7e11e1a-dcc0-4438-aa44-dd49782b2ab4&ts=1675136188&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame 95CC
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1675136186536.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=7c3663d8-8cba-4900-a91b-09764c4657e7

68 B
225 B

568ms
279ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=7c3663d8-8cba-4900-a91b-09764c4657e7
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

Date: Tue, 31 Jan 2023 03:36:28 GMT
Server: MT3 404 ce67235 master nrt-pixel-x15 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=7c3663d8-8cba-4900-a91b-09764c4657e7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 31 Jan 2023 03:36:27 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame 95CC
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26...
https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a&ts=1675136190&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
126 B

281ms
280ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=45&external_user_id=45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a&ts=1675136190&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:30 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
referrer-policy: unsafe-url
server: 33XP018
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=45&external_user_id=45316404-4790-4a7e-943d-c2d1da18630c-63d88cbc-4e5a&ts=1675136190&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame 95CC
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1675136186536.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253...
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6606910694558905850

68 B
126 B

527ms
280ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6606910694558905850
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

Date: Tue, 31 Jan 2023 03:36:28 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 116.90.74.197; 116.90.74.197; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ccd46c52-eb4c-4592-889d-c8d8f5bef313
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6606910694558905850
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame AAB6 34 KB
10 KB 263ms
263ms Script
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f8121d1ed327726347e9785871364755c8cc93a021f8f135102b54e5f1a3bef6

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 07:09:23 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=12797
content-length: 10037
expires: Tue, 31 Jan 2023 07:09:45 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame E151 0
128 B 237ms
235ms Script
text/plain 103.231.98.195
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match
events-ssc.33across.com/ Frame AAB6
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LDJOU1FZ-C-CKLW
https://ssc-cms.33across.com/ps/?xi=1&xu=LDJOU1FZ-C-CKLW
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LDJOU1FZ-C-CKLW&ts=1675136189&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
126 B

281ms
281ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LDJOU1FZ-C-CKLW&ts=1675136189&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:30 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
referrer-policy: unsafe-url
server: 33XP008
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LDJOU1FZ-C-CKLW&ts=1675136189&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame AAB6
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=&expires=30

42 B
774 B

238ms
237ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame AAB6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFqwztcqeXXeganxIBMmRK0&google_cver=1

42 B
774 B

241ms
237ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFqwztcqeXXeganxIBMmRK0&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFqwztcqeXXeganxIBMmRK0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame AAB6
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDJOU1FZ-C-CKLW

0
573 B

654ms
361ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDJOU1FZ-C-CKLW
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:29 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: F6B1A166198B4436BF512762A42194BA Ref B: SYD03EDGE0909 Ref C: 2023-01-31T03:36:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzhwmL8pWMRTbEtCkKWA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDJOU1FZ-C-CKLW
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AAB6
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4EBGf3xWQtq5j-cZg9eVhA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4EBGf3xWQtq5j-cZg9eVhA

43 B
479 B

341ms
340ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4EBGf3xWQtq5j-cZg9eVhA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 03:36:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2T9XSZYA7NZ0DJNC8BBJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4EBGf3xWQtq5j-cZg9eVhA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0d2bd05215470efb17ae41aff76c3f98
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AAB6
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERKT1UxRlotQy1DS0xX

170 B
188 B

279ms
279ms

Image
image/png

172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERKT1UxRlotQy1DS0xX

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERKT1UxRlotQy1DS0xX
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame AAB6
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/GB4PGtKHU22WJ5DSOcnKWw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Ju7e18pE2oKcM124mZRT33VFhV8CLycnQE1ZyQ--~A

42 B
774 B

238ms
238ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Ju7e18pE2oKcM124mZRT33VFhV8CLycnQE1ZyQ--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 808ed95536e7f55d8adbcb9fc76d309d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 31 Jan 2023 03:36:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Ju7e18pE2oKcM124mZRT33VFhV8CLycnQE1ZyQ--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame AAB6
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MVkCYvdwQTmgjsl3lD2Rrw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MVkCYvdwQTmgjsl3lD2Rrw

43 B
479 B

419ms
418ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MVkCYvdwQTmgjsl3lD2Rrw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 03:36:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QCTQH2XVTSBE78ZYPQ17
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MVkCYvdwQTmgjsl3lD2Rrw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AAB6
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MThiZTljMGU4YTY4MmY1NzVjNGNiMTk1YTJiMzBmYTM5MDdkZjMwMw

170 B
188 B

277ms
276ms

Image
image/png

172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MThiZTljMGU4YTY4MmY1NzVjNGNiMTk1YTJiMzBmYTM5MDdkZjMwMw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MThiZTljMGU4YTY4MmY1NzVjNGNiMTk1YTJiMzBmYTM5MDdkZjMwMw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2442 3 KB
4 KB 235ms
235ms Script
text/html 103.231.98.196
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46409919&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 6c25f2f8465e707f379f76845e598a90c3672ac227048ef1d6cc9d6f9955573e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 31 Jan 2023 03:36:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match
events-ssc.33across.com/ Frame 1BD1 68 B
126 B 281ms
280ms Image
image/png 34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=70&external_user_id=ab6904fe-7e51-4333-ae42-479eb76f5206
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

GET openx
cs.nex8.net/cs/ Frame 1BD1 0
0

GET
H3

200

dds
rtb.openx.net/sync/ Frame 1BD1
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=AlSCrAlcyvIkAQT5biL64w==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
64 B

242ms
238ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: pq31unpap66tp60e7i51o77kdpdkh26j

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 1BD1 43 B
243 B 8531ms
311ms Image
image/gif 220.150.223.50

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.150.223.50 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 03:36:36 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
expires: -1

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 1BD1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=7c3663d8-8cba-4900-a91b-09764c4657e7

43 B
106 B

244ms
243ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=536872786&val=7c3663d8-8cba-4900-a91b-09764c4657e7
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 31 Jan 2023 03:36:28 GMT
Server: MT3 404 ce67235 master nrt-pixel-x7 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://jp-u.openx.net/w/1.0/sd?id=536872786&val=7c3663d8-8cba-4900-a91b-09764c4657e7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 31 Jan 2023 03:36:27 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 1BD1
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4598912905776494910&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

243ms
242ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=4598912905776494910&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=4598912905776494910&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1BD1
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=dd020890-a0da-73dc-c275-484ebd3bc059&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&ttd_puid=dd020890-a0da-73dc-c275-484ebd3bc059&gdpr=0&gdpr_consent=

43 B
323 B

238ms
237ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&ttd_puid=dd020890-a0da-73dc-c275-484ebd3bc059&gdpr=0&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&ttd_puid=dd020890-a0da-73dc-c275-484ebd3bc059&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 1BD1
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y9iMvcCo8XoAAOgo348AAAAA

43 B
61 B

238ms
238ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y9iMvcCo8XoAAOgo348AAAAA
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Tue, 31 Jan 2023 03:36:29 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.197","key":"Y9iMvcCo8XoAAOgo348AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40368"}
X-SO-Key: Y9iMvcCo8XoAAOgo348AAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40368
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y9iMvcCo8XoAAOgo348AAAAA
Cache-Control: private
X-SO-HostName: a-ad40368.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: m-tgng22.dc4p.scaleout.jp
X-SO-IP: 116.90.74.197

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 1BD1
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVJFKt4d1ME3ks8ADzLRnTi-gc8AAAGGBeXESg

43 B
61 B

239ms
238ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVJFKt4d1ME3ks8ADzLRnTi-gc8AAAGGBeXESg
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
via: 1.1 1d57d3cbfc5a5b868b460784e4cd7888.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SIN52-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVJFKt4d1ME3ks8ADzLRnTi-gc8AAAGGBeXESg
cache-control: no-cache
content-length: 0
x-amz-cf-id: UTRtsfzyZ-660xgSfHBFC3a6dVUlhYHLv8V-lyC1Lugj8nm-6WMK9A==
expires: -1

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 1BD1 170 B
188 B 278ms
278ms Image
image/png 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2ZGRiNWEtNjlhZC0yZDc4LWQ3OTUtMTJmNzc3ZDkwZTM5

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 1BD1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHngo-JrpWCyz8losLHILkk&google_cver=1

43 B
61 B

239ms
239ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHngo-JrpWCyz8losLHILkk&google_cver=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHngo-JrpWCyz8losLHILkk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 611F
Redirect Chain

https://gocm.c.appier.net/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=n-3UQaRXAsWwZMrJvYzYYw
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

237ms
234ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: private,max-age=86400
date: Tue, 31 Jan 2023 03:36:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 31 Jan 2023 03:36:29 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame BC64
Redirect Chain

https://cm.ambientdsp.com/cm/send?vc=pmj
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=yrvq14w8a9c
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

239ms
233ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: private,max-age=86400
date: Tue, 31 Jan 2023 03:36:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 31 Jan 2023 03:36:29 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 04F7 43 B
363 B 714ms
235ms Document
image/gif 182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 03:36:28 GMT
expires: Tue, 31 Jan 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 363884
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 94B0
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_LpH0qPbR29prc8KNQEzbHRaSsU
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

234ms
234ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: private,max-age=86400
date: Tue, 31 Jan 2023 03:36:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 31 Jan 2023 03:36:30 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H/1.1 200
OK send Show response
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 056C 43 B
243 B 5215ms
301ms Document
image/gif 220.150.223.50

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.150.223.50 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 03:36:33 GMT
Pragma: no-cache
Server: nginx
expires: -1

GET
H/1.1 200
OK pxd Show response
dps.jp.cinarra.com/ Frame 69FE 95 B
220 B 1100ms
275ms Document
image/png 13.114.237.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=C6AC924B-76DE-4DAF-A941-E29B4ABB6373
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.114.237.69 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-114-237-69.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 95
Content-Type: image/png
Date: Tue, 31 Jan 2023 03:36:29 GMT

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame D444 43 B
369 B 565ms
277ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Tue, 31 Jan 2023 03:36:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame D255
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=50379f1660fe448bb5c90baa64a9e7b8
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

234ms
234ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: private,max-age=86400
date: Tue, 31 Jan 2023 03:36:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 31 Jan 2023 03:36:29 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 10BD
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IskLff5q1PmHrD5&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

237ms
235ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: private,max-age=86400
date: Tue, 31 Jan 2023 03:36:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 31 Jan 2023 03:36:30 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame E596
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1675136189619
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8058945472
https://sync.1rx.io/usersync/tradedesk/088324df-d3e2-4a3d-a5c0-5a3d297a3d21
https://sync.targeting.unrulymedia.com/csync/RX-17c86d59-6b26-471b-b698-84c8cebeeae6-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-17c86d59-6b26-471b-b698-84c8cebeeae6-004
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

235ms
234ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: private,max-age=86400
date: Tue, 31 Jan 2023 03:36:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 31 Jan 2023 03:36:32 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame BECC
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=mocgiupxdyq5
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

234ms
234ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: private,max-age=86400
date: Tue, 31 Jan 2023 03:36:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 31 Jan 2023 03:36:29 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 22D5 0
230 B 866ms
238ms Document
text/plain 13.250.207.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.207.233 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-207-233.ap-southeast-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
date: Tue, 31 Jan 2023 03:36:29 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: aws-apsoutheast1a-delivery-1

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 3359 0
44 B 1022ms
337ms Document
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

content-length: 0
date: Tue, 31 Jan 2023 03:36:29 GMT
server: a

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 3EE1
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
410 B

296ms
292ms

Document
image/gif

104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 791f673f3eac1c56-AKL
content-length: 43
content-type: image/gif; charset=utf-8
date: Tue, 31 Jan 2023 03:36:29 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 791f673d8af91c56-AKL
content-type: text/html
date: Tue, 31 Jan 2023 03:36:29 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 548

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 8680 43 B
277 B 1628ms
412ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 03:36:30 GMT
Vary: Accept-Encoding
X-adserver-worker: avatar-e02c1cfb527e@version_1.534
X-core-time: 1ms
X-server-arch: v2

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A098
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

235ms
234ms

Document
text/html

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 03:36:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Tue, 31 Jan 2023 03:36:29 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H3

200

m Show response
cm.mgid.com/ Frame 65CF
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8DE98068BAA84AEAAEA6A94BD41E9AD6&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3DC6AC924B-76DE-4DAF-A941-E29B4ABB6373
https://cm.mgid.com/m?cdsp=712807&c=C6AC924B-76DE-4DAF-A941-E29B4ABB6373

43 B
429 B

297ms
296ms

Document
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/m?cdsp=712807&c=C6AC924B-76DE-4DAF-A941-E29B4ABB6373
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate max-age=0
cf-cache-status: DYNAMIC
cf-ray: 791f67422e7cfb8c-AKL
content-length: 43
content-type: image/gif
date: Tue, 31 Jan 2023 03:36:29 GMT
pragma: no-cache
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 31 Jan 2023 03:36:29 GMT
location: https://cm.mgid.com/m?cdsp=712807&c=C6AC924B-76DE-4DAF-A941-E29B4ABB6373
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 9F89 0
404 B 346ms
340ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

Content-Length: 0
Date: Tue, 31 Jan 2023 03:36:28 GMT
Etag: dae4ba08a6a7a0b4
Server: Adtelligent

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 2442
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=0&gdpr_consent=&ct=y

49 B
265 B

264ms
263ms

Image
image/gif

52.220.170.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Server: 52.220.170.179 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-170-179.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.16.242
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.42.18.157
content-length: 0
expires: 0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 2442
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C6AC924B-76DE-4DAF-A941-E29B4ABB6373
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C6AC924B-76DE-4DAF-A941-E29B4ABB6373
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=123c4593-b4f6-44f6-b6e2-8f326c656999%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&ttd_puid=123c4593-b4f6-44f6-b6e2-8f326c656999%2C%2C

95 B
123 B

284ms
282ms

Image
image/png

107.178.244.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&ttd_puid=123c4593-b4f6-44f6-b6e2-8f326c656999%2C%2C

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484

Protocol

Server

107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

193.244.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:29 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=088324df-d3e2-4a3d-a5c0-5a3d297a3d21&ttd_puid=123c4593-b4f6-44f6-b6e2-8f326c656999%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 2442
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=53a6f2b7a5cf2268&is_secure=true&networkId=17100&version=1&nuid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJrmXGWxksPwNK78EsAAAAAAA&expiration=1675222589&nuid=C6AC924B-76DE-4DAF-A941-E29B4ABB6373&...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
112 B

236ms
234ms

Image
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:30 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Tue, 31 Jan 2023 03:36:30 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 2442
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4526855311738566974&gdpr=0&gdpr_consent=&us_privacy=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
44 B

241ms
234ms

Image
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:29 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Tue, 31 Jan 2023 03:36:29 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 2442
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6606910694558905850
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
112 B

234ms
234ms

Image
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:30 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Tue, 31 Jan 2023 03:36:30 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 2442 0
128 B 236ms
235ms Script
text/plain 103.231.98.195
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:30 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 jsDynamic-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 4 KB
2 KB 154ms
154ms Script
application/javascript 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202301301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1189377
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-105e"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 791f67702aa61c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:05 GMT

GET
H3 200 responsive-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
1 KB 163ms
160ms Script
application/javascript 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202301301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1189377
cf-polished: origSize=1728
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-6c0"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 791f67703aab1c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:05 GMT

GET
H3 200 validate-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 7 KB
2 KB 138ms
136ms Script
application/javascript 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202301301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c5482525141cafe3826dd5c62639094fe6053531a9b93af37c3c396c2681d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1189377
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:46 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be6-1a18"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 791f67703aad1c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:05 GMT

GET
H3 200 loadmore-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
3 KB 141ms
139ms Script
application/javascript 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202301301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1189377
cf-polished: origSize=14745
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-3999"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 791f67703ab11c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:05 GMT

GET
H3 200 lazy-loading-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 124 B
588 B 147ms
146ms Script
application/javascript 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/lazy-loading-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202301301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1189377
cf-polished: origSize=173
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-ad"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 791f67703ab31c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:05 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 77 KB
27 KB 832ms
286ms Script
text/javascript 74.125.24.113

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202301301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

787486f12ff3fac81aa633e6bd17085d5ba21c6b4af40cb007becc7b7ab5a60b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showing.php Show response
a1.beforeitsnews.com/dAjax/ 92 KB
10 KB 1119ms
1114ms XHR
text/html 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.beforeitsnews.com/dAjax/showing.php?_=1675136197244

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62344df9409dbdd519e83de5ad4d26e6a5791f5a237076ec8a0295596b60902a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private
access-control-max-age: 3628800
cf-ray: 791f67713ff6ee9a-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 379ms
140ms Script
application/javascript 104.18.226.52

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-202301301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.226.52 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2609
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 791f6772b9811c51-AKL
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Feb 2023 03:36:37 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 138ms
138ms Script
application/javascript 104.18.226.52

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.226.52 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2608
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 791f6773ab7d1c51-AKL
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Feb 2023 03:36:37 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/ 4 KB
2 KB 144ms
143ms Script
text/javascript 104.18.226.52

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.226.52 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

dcd6a1853d499f914e87951f7eebc017762acd55a1aab5436e9a2ca1a2b8fd95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:38 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 715
cf-polished: origSize=4420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 26a30b82-25ab-48c5-a228-ed7e42eb81a8
x-runtime: 0.026502
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"528ed288222d30bedb6da896a0d0054f"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 791f67757fa01c51-AKL
access-control-allow-headers: SDK-Version
expires: Tue, 31 Jan 2023 04:36:38 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 143ms
143ms Stylesheet
text/css 104.18.226.52

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.226.52 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:38 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2610
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 791f67767a80fb94-AKL
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 02 Mar 2023 03:36:38 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 22 KB
4 KB 823ms
273ms Stylesheet
text/css 74.125.24.95

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_GB.shRxLBDPmNA.O/d=1/rs=AN8SPfoR3DfNTIf6KdSTQXk6H_ghxgBKKw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8953492dba77df435e5fbcd568b638fe049279d04fa0403f859d33e72fea74e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3632
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 31 Jan 2023 04:08:48 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.shRxLBDPmNA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoR3DfNTIf6KdSTQXk6H_ghxgBKKw/ 207 KB
74 KB 793ms
279ms Script
text/javascript 74.125.24.95

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.shRxLBDPmNA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoR3DfNTIf6KdSTQXk6H_ghxgBKKw/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_GB.shRxLBDPmNA.O/d=1/rs=AN8SPfoR3DfNTIf6KdSTQXk6H_ghxgBKKw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3e6cd25df04ebc9b9101d7f131cc765c10a3f88dabc2487e1a06f48ce8a767b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75400
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 04:12:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Jan 2024 22:29:44 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/ 44 B
528 B 597ms
473ms Fetch
application/json 104.18.225.52

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.225.52 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:38 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
x-xss-protection: 1; mode=block
x-request-id: 42fc061c-b5c6-43c0-98be-f99733bd01de
x-runtime: 0.006842
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e51140cdcd044ad76335646936ec5319"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
cf-ray: 791f677839a9ee9a-AKL
access-control-allow-headers: SDK-Version

GET
H2 200 / Show response
rumble.com/embed/v255cg0/ Frame 008F 18 KB
8 KB 1006ms
313ms Document
text/html 172.98.57.100

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/v255cg0/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.100 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e1a1f62823d42a8f4bdfa245c2ee3dbb6a5163f140c3b97846eb2ae658066fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: private,max-age=1
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 31 Jan 2023 03:36:39 GMT
link: <https://rumble.com/v27r9v4-your-greatest-of-freedoms-is-under-attack.html>; rel="canonical"
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
vary: Accept-Encoding

GET
H2 200 EjHMiAr4Spc Show response
www.youtube.com/embed/ Frame 4107 68 KB
28 KB 1186ms
636ms Document
text/html 74.125.24.93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/EjHMiAr4Spc

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.93 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

db06812489da502d3fbf8ed1f8dc9ffbbb8694dcbddc09103271f1896b64e9a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 03:36:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4abe66f06af1cceac089c17dfef0355fefc72164.jpg
beforeitsnews.com/img/year2023/01/ 26 KB
27 KB 141ms
139ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/year2023/01/4abe66f06af1cceac089c17dfef0355fefc72164.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec6d37e254162f59be8cc87b3460548733a4958849afbb0d64d67a114e2f6c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 984762
cf-polished: origSize=30099, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26810
last-modified: Sun, 09 May 2021 19:21:50 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6098364e-7593"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f67784d4f1c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:27:29 GMT

GET
H3 200 7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg
beforeitsnews.com/img/banner_contract/ 46 KB
46 KB 138ms
138ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58edc25ba1976b550899f5f02fe9344f4f5fccfd573a379df3451e743f8a8c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 986001
cf-polished: origSize=51812, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46896
last-modified: Sat, 22 May 2021 12:15:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "60a8f5fb-ca64"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f67793f1c1c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Jan 2024 17:48:41 GMT

GET
H3 200 70189017dfbe10d1266577b2701c43e156554529.jpg
beforeitsnews.com/img/banner_contract/ 60 KB
61 KB 147ms
147ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/70189017dfbe10d1266577b2701c43e156554529.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc93f930396c1e55d7d0ebce7db81b3b9f12fbaa3e4b7fe184787ba9c16b6dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1235768
cf-polished: origSize=69526, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61721
last-modified: Thu, 06 Oct 2022 00:57:10 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "633e27e6-10f96"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f677a18ed1c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:05 GMT

GET
H3 200 f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
beforeitsnews.com/img/banner_contract/ 36 KB
36 KB 177ms
174ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1235768
cf-polished: origSize=36512, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36504
last-modified: Sat, 22 May 2021 12:16:37 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "60a8f625-8ea0"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f677aaa3d1c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:04 GMT

GET
H3 200 273ceae2fc3c0ab4b860bbeb5b0ec043cfe78267.jpg
beforeitsnews.com/img/banner_contract/ 24 KB
24 KB 180ms
178ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/273ceae2fc3c0ab4b860bbeb5b0ec043cfe78267.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

642dbae86cac1cdb3ec7335358c89e077a11b5d28bdc51dd706216af312e7dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 985519
cf-polished: origSize=25060, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24113
last-modified: Thu, 12 Jan 2023 20:49:19 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63c0724f-61e4"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f677aaa431c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 12 Jan 2024 20:49:19 GMT

GET
H3 200 1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg
beforeitsnews.com/img/banner_contract/ 81 KB
82 KB 141ms
138ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1235768
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83236
last-modified: Fri, 04 Mar 2022 07:11:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6221bbbb-14524"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f677aaa461c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:05 GMT

GET
H3 200 39809350864b0a3554f604e504aca8b82b3c4df8.jpg
beforeitsnews.com/img/banner_contract/ 39 KB
40 KB 142ms
142ms Image
image/jpeg 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/39809350864b0a3554f604e504aca8b82b3c4df8.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bf1ff7c861b303af85db79af26f29bd653f3a16fe257b9c2614d46e8b85f683

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1235768
cf-polished: origSize=46051, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40061
last-modified: Tue, 08 Nov 2022 05:16:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6369e647-b3e3"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f67785d6a1c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:05 GMT

GET
H2 200 yYXGE0gHkP8 Show response
www.youtube.com/embed/ Frame DAEE 68 KB
28 KB 891ms
357ms Document
text/html 74.125.24.93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/yYXGE0gHkP8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.93 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

95690d5c4fe1189d2d0387554c0b23c5d4e16d047db5d7a4154b9c4e83f86bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 03:36:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
2 KB 169ms
168ms Image
image/webp 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 984391
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-8ab"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 791f677b3b501c53-AKL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 18 Jan 2024 18:27:12 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/4248d311/ Frame DAEE 360 KB
49 KB 418ms
417ms Stylesheet
text/css 74.125.24.93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yYXGE0gHkP8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.93 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/yYXGE0gHkP8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 12:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49911
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Jan 2024 12:26:17 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DAEE 15 KB
15 KB 273ms
273ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yYXGE0gHkP8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 22:39:13 GMT
x-content-type-options: nosniff
age: 277046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 22:39:13 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DAEE 15 KB
15 KB 288ms
287ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yYXGE0gHkP8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:45:34 GMT
x-content-type-options: nosniff
age: 150665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 09:45:34 GMT

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame 008F 77 KB
28 KB 322ms
312ms Script
application/javascript 172.98.57.100

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=335

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v255cg0/?pub=hw409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.100 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

eedda45be3c48912f2e0a2c7d947c1cca93370fbe26ac15e505f96a31b4bad46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rumble.com/embed/v255cg0/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:39 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br
last-modified: Tue, 17 Jan 2023 21:40:17 GMT
server: nginx
etag: W/"63c715c1-13452"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000

GET
H2 200 WMb_h.qR4e-small-Your-Greatest-of-Freedoms-i.jpg
sp.rmbl.ws/fw/s8/1/W/M/b/_/ Frame 008F 82 KB
82 KB 148ms
145ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/fw/s8/1/W/M/b/_/WMb_h.qR4e-small-Your-Greatest-of-Freedoms-i.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/v255cg0/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 15b595d88258b8c2174c610e0a8e1ba14bb57c612e2194572578f5032ddb04f0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:39 GMT
last-modified: Mon, 30 Jan 2023 19:53:54 GMT
etag: "8774ce14ddf39c0a875746e5339dd9c0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 83798

GET
H2 206 WMb_h.caa.rec.mp4
sp.rmbl.ws/fw/s8/2/W/M/b/_/ Frame 008F 5 MB
0 147ms
144ms Media
video/mp4 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/fw/s8/2/W/M/b/_/WMb_h.caa.rec.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/v255cg0/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash

Request headers

Referer: https://rumble.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 31 Jan 2023 03:36:39 GMT
last-modified: Mon, 30 Jan 2023 22:30:35 GMT
etag: "ec2fa1b3c5081046ae2fd364ab316913-69"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-358282713/358282714
cache-control: max-age=5184000
accept-ranges: bytes
Content-Length: 358282714

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4248d311/www-embed-player.vflset/ Frame DAEE 342 KB
107 KB 361ms
359ms Script
text/javascript 74.125.24.93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yYXGE0gHkP8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.93 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/yYXGE0gHkP8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 00:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109432
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Jan 2024 00:04:29 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame DAEE 2 MB
597 KB 464ms
462ms Script
text/javascript 74.125.24.93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yYXGE0gHkP8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.93 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f90057fc184b6c8eae37528418032d0c50678fd1ad00261808c71fbbe1cb1856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/yYXGE0gHkP8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 17:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 611243
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 29 Jan 2024 17:07:39 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/ Frame DAEE 9 KB
3 KB 351ms
350ms Script
text/javascript 74.125.24.93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yYXGE0gHkP8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.93 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/yYXGE0gHkP8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 19:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 28 Jan 2024 19:01:33 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/4248d311/ Frame 4107 360 KB
49 KB 1026ms
1026ms Stylesheet
text/css 74.125.24.93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EjHMiAr4Spc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.93 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/EjHMiAr4Spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 12:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49911
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Jan 2024 12:26:17 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4107 15 KB
15 KB 282ms
282ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EjHMiAr4Spc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 22:39:13 GMT
x-content-type-options: nosniff
age: 277046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 22:39:13 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4107 15 KB
15 KB 356ms
355ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EjHMiAr4Spc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:45:34 GMT
x-content-type-options: nosniff
age: 150665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 09:45:34 GMT

GET
DATA 200
OK truncated Show response
/ Frame 591B 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 822ms
273ms Image
image/png 64.233.170.94

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:48:58 GMT
x-content-type-options: nosniff
age: 186462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Jan 2024 23:48:58 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 92B3 22 KB
4 KB 278ms
274ms Stylesheet
text/css 74.125.24.95

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.shRxLBDPmNA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoR3DfNTIf6KdSTQXk6H_ghxgBKKw/m=el_main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8953492dba77df435e5fbcd568b638fe049279d04fa0403f859d33e72fea74e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3632
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 31 Jan 2023 04:08:48 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
937 B 821ms
274ms Image
image/png 64.233.170.94

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 07:49:44 GMT
x-content-type-options: nosniff
age: 71216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Jan 2024 07:49:44 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
320 B 278ms
275ms Image
image/gif 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f103.1e100.net

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4248d311/www-embed-player.vflset/ Frame 4107 342 KB
107 KB 928ms
928ms Script
text/javascript 74.125.24.93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EjHMiAr4Spc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.93 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/EjHMiAr4Spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 00:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109432
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Jan 2024 00:04:29 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame 4107 2 MB
597 KB 945ms
944ms Script
text/javascript 74.125.24.93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EjHMiAr4Spc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.93 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f90057fc184b6c8eae37528418032d0c50678fd1ad00261808c71fbbe1cb1856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/EjHMiAr4Spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 17:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 611243
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 29 Jan 2024 17:07:39 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/ Frame 4107 9 KB
3 KB 962ms
961ms Script
text/javascript 74.125.24.93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EjHMiAr4Spc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.93 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/EjHMiAr4Spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 19:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 28 Jan 2024 19:01:33 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 008F 49 KB
20 KB 274ms
273ms Script
text/javascript 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=335

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 01:56:26 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6014
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 31 Jan 2023 03:56:26 GMT

POST
H2 200 view...255cg0.gtesuw
rumble.com/l/ Frame 008F 35 B
191 B 310ms
307ms Ping
image/gif 172.98.57.100

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...255cg0.gtesuw?p=2.3&r=109818100&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.100 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rumble.com/embed/v255cg0/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 31 Jan 2023 03:36:40 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
server: nginx
log-code: 3
content-type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 008F 4 B
24 B 276ms
275ms XHR
text/plain 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1938546974&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.v255cg0%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Your%20Greatest%20of%20Freedoms%20is%20Under%20Attack%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&_u=YEBAAEABAAAAACgBIC~&jid=1258096923&gjid=754274859&cid=1141819850.1675136200&tid=UA-44331619-1&_gid=955369561.1675136200&_r=1&_slc=1&z=153260384

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 008F 35 B
55 B 277ms
276ms Image
image/gif 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1938546974&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.v255cg0%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Your%20Greatest%20of%20Freedoms%20is%20Under%20Attack%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&ec=Embed&ea=View&el=v255cg0&_u=YEBAAEABAAAAACgBIC~&jid=&gjid=&cid=1141819850.1675136200&tid=UA-44331619-1&_gid=955369561.1675136200&z=517934488

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v255cg0/?pub=hw409

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:26:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76187
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 008F 7 B
87 B 281ms
273ms XHR
text/plain 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-44331619-1&cid=1141819850.1675136200&jid=1258096923&gjid=754274859&_gid=955369561.1675136200&_u=YEBAAEAAAAAAACgBIC~&z=1370945903

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 31 Jan 2023 03:36:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame DAEE 113 B
363 B 277ms
275ms XHR
application/json 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

9c94a48b42770fd8cf43f8dadc4882c5b147395e4bcced53656d74e7a7a31cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame DAEE 29 B
494 B 826ms
273ms Script
text/javascript 74.125.68.149

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.149 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:35:05 GMT
x-content-type-options: nosniff
age: 96
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Jan 2023 03:50:05 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 820ms
273ms Preflight
text/html 172.217.194.95

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 31 Jan 2023 03:36:41 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DAEE 66 KB
30 KB 449ms
442ms XHR
application/json+protobuf 172.217.194.95

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e5e8dfcc31f7d778690a794e2e53ed59dc8ed4912f8e25d6d948031e748495f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 31 Jan 2023 03:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30996
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame DAEE 119 KB
36 KB 274ms
273ms Script
text/javascript 74.125.24.93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.93 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f3b85842f1435a024c577c49e634cfdfc799a7d3fb19e8909d1bdd29017ad912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/yYXGE0gHkP8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 04:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37215
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 29 Jan 2024 04:46:34 GMT

GET
H3 200 x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js Show response
www.google.com/js/th/ Frame DAEE 36 KB
14 KB 274ms
274ms Script
text/javascript 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f103.1e100.net

Software

sffe /

Resource Hash

c785098fc813e82b53e7f3d9481dac324593ee84f738d62f621788fd597f91bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14250
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 18:03:06 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame DAEE 26 KB
8 KB 273ms
273ms Script
text/javascript 74.125.24.93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.93 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

39bfedc970a003d6ec90bcf8544220ad285c773d9b07d08b9233ea28d72f406d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/yYXGE0gHkP8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 17:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8333
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 29 Jan 2024 17:07:36 GMT

GET
DATA 200
OK truncated
/ Frame DAEE 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJXFDbRqQ9-HynhndQ-yehn6LlQisLJPOH1hSjYRFw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame DAEE 3 KB
3 KB 825ms
273ms Image
image/jpeg 74.125.24.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJXFDbRqQ9-HynhndQ-yehn6LlQisLJPOH1hSjYRFw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yYXGE0gHkP8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

fde8b5c1a6312c50315dc391477111fe9082b4ed9d9ea11cc30e3586aa8769c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:31:05 GMT
x-content-type-options: nosniff
age: 7536
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3280
x-xss-protection: 0
server: fife
etag: "v2e8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 30 Jan 2023 04:56:36 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/yYXGE0gHkP8/ Frame DAEE 25 KB
25 KB 274ms
273ms Image
image/webp 142.251.10.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/yYXGE0gHkP8/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yYXGE0gHkP8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f119.1e100.net

Software

sffe /

Resource Hash

4d635319e018f14e522b0c483578cb3c528aa645b95e3a80122051d34e1ea19e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 02:59:07 GMT
x-content-type-options: nosniff
age: 2254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25966
x-xss-protection: 0
server: sffe
etag: "1330461765"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Jan 2023 04:59:07 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 008F 42 B
63 B 280ms
277ms Image
image/gif 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-44331619-1&cid=1141819850.1675136200&jid=1258096923&_u=YEBAAEAAAAAAACgBIC~&z=1129546108

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.nz/ads/ Frame 008F 42 B
107 B 283ms
279ms Image
image/gif 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.nz/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-44331619-1&cid=1141819850.1675136200&jid=1258096923&_u=YEBAAEAAAAAAACgBIC~&z=1129546108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 4107 113 B
202 B 275ms
273ms XHR
application/json 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

2a22332dedb5e29ae5495a962ce5d26a13f5306ee16db3a656e64c6fbd8be499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4107 29 B
89 B 666ms
274ms Script
text/javascript 74.125.68.149

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.149 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:35:05 GMT
x-content-type-options: nosniff
age: 96
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Jan 2023 03:50:05 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 662ms
276ms Preflight
text/html 172.217.194.95

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 31 Jan 2023 03:36:41 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4107 66 KB
30 KB 283ms
278ms XHR
application/json+protobuf 172.217.194.95

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

cc5d2d679b4c0b8a35064a931d10f02e0700b6c780631d7af6c57542562a13d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 31 Jan 2023 03:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30808
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame 4107 119 KB
36 KB 273ms
272ms Script
text/javascript 74.125.24.93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.93 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f3b85842f1435a024c577c49e634cfdfc799a7d3fb19e8909d1bdd29017ad912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/EjHMiAr4Spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 04:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37215
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 29 Jan 2024 04:46:34 GMT

GET
H3 200 x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js Show response
www.google.com/js/th/ Frame 4107 36 KB
14 KB 273ms
272ms Script
text/javascript 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f103.1e100.net

Software

sffe /

Resource Hash

c785098fc813e82b53e7f3d9481dac324593ee84f738d62f621788fd597f91bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14250
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 18:03:06 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame 4107 26 KB
8 KB 273ms
272ms Script
text/javascript 74.125.24.93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.93 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

39bfedc970a003d6ec90bcf8544220ad285c773d9b07d08b9233ea28d72f406d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/EjHMiAr4Spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 17:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8333
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 29 Jan 2024 17:07:36 GMT

GET
DATA 200
OK truncated
/ Frame 4107 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJXuXqRNpoHcduVILEQZLyQ2zK5CNfPRJdDykg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4107 942 B
1 KB 692ms
288ms Image
image/jpeg 74.125.24.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJXuXqRNpoHcduVILEQZLyQ2zK5CNfPRJdDykg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EjHMiAr4Spc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 23:42:55 GMT
x-content-type-options: nosniff
server: fife
age: 14026
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 942
x-xss-protection: 0
expires: Tue, 31 Jan 2023 23:42:55 GMT

GET
H3 200 hqdefault.jpg
i.ytimg.com/vi/EjHMiAr4Spc/ Frame 4107 22 KB
23 KB 278ms
277ms Image
image/jpeg 142.251.10.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/EjHMiAr4Spc/hqdefault.jpg?sqp=-oaymwEmCOADEOgC8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGYgZihmMA8=&rs=AOn4CLDSqSrnECveumitdjtQFTqJbDofHw

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EjHMiAr4Spc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f119.1e100.net

Software

sffe /

Resource Hash

568a3bd629dc7eeab71e353ce4289db0653c58aebb57d92959d812c2e54748d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:41 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23015
x-xss-protection: 0
server: sffe
etag: "1675058518"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Jan 2023 03:41:41 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame DAEE 4 KB
2 KB 276ms
275ms Script
text/javascript 64.233.170.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 03:36:41 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4107 4 KB
2 KB 280ms
274ms Script
text/javascript 64.233.170.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 03:36:41 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/109/ Frame DAEE 50 KB
15 KB 274ms
273ms Script
text/javascript 64.233.170.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/109/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 21:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 15:07:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 31 Jan 2023 21:44:17 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/109/ Frame 4107 50 KB
15 KB 341ms
340ms Script
text/javascript 64.233.170.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/109/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 21:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 15:07:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 31 Jan 2023 21:44:17 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4107 90 B
134 B 280ms
279ms XHR
application/json+protobuf 172.217.194.95

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.95 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

19ed19926b766c727ed0ea992d95836e977bfeeac37521b1e6bc6bf83434eaca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 31 Jan 2023 03:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H2 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 276ms
274ms Preflight
text/html 172.217.194.95

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 31 Jan 2023 03:36:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DAEE 0
0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 275ms
274ms Preflight
text/html 172.217.194.95

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.95 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 31 Jan 2023 03:36:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.nex8.net
URL: https://cs.nex8.net/cs/openx

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

146 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s3
beforeitsnews.com/	1970-01-20 09:19:04	Name: __cflb Value: 0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKy91PARUnM9Sf
beforeitsnews.com/	1970-01-20 18:54:56	Name: b4in-uuid Value: 94f8dde0-52da-4e8d-adf1-9d35e1927522
.mgid.com/	1970-01-20 09:18:57	Name: __cf_bm Value: NqTudtGUYyzVh67jUl7n.cjh5B9xU1If0m4HvBqSRqI-1675136179-0-ARz+E+CCLT76OltPrAyh66iI1xEBd3WlAJMo1kkk7v7fJXM9eCXjF1HlQ7U9PKKgg3+w754GODiajg3cRtJ3PLA=
.customads.co/	1970-01-20 18:04:32	Name: account_id Value: 15846037898360064
.customads.co/	1970-01-20 18:04:32	Name: login_token Value: %2215846037898360064%7C1682912183380%3A%7Call%7C%2Fei3QchbDVu9EkBJ18FDMXmDLGDeJRlNyV6PxXXLG2kLh5LPIgMdrA5UI4h0HpvIh2p%2FQm5MXY%2FiUeui08lRxA%3D%3D%22
.mgid.com/	1970-01-20 18:04:32	Name: muidn Value: n0un50IWrzAj
.beforeitsnews.com/	1970-01-20 18:54:56	Name: _ga Value: GA1.2.1063384836.1675136184
.beforeitsnews.com/	1970-01-20 09:20:22	Name: _gid Value: GA1.2.2059306866.1675136184
.beforeitsnews.com/	1970-01-20 09:18:56	Name: _gat_UA-16055024-1 Value: 1
beforeitsnews.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C720415%22%3A%7B%22page%22%3A1%2C%22time%22%3A1675136183594%7D%2C%22C720413%22%3A%7B%22page%22%3A1%2C%22time%22%3A1675136183705%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1675136183858%7D%7D
.openx.net/	1970-01-20 18:04:32	Name: i Value: 0eae37c9-095d-4c2b-98a3-80a6d91cf3a4\|1675136185
beforeitsnews.com/	1970-01-20 10:02:08	Name: _pbjs_userid_consent_data Value: 3524755945110770
.360yield.com/	1970-01-20 11:28:32	Name: tuuid Value: fd1b046a-fd2d-49d9-baec-eb0476726ada
.360yield.com/	1970-01-20 11:28:32	Name: tuuid_lu Value: 1675136185
.adnxs.com/	1970-01-20 11:28:32	Name: uuid2 Value: 6606910694558905850
.onetag-sys.com/	1970-01-20 18:54:56	Name: OTP Value: WU_S9nTzAFCAgf84H8AsQDc10WXrIYeTRDNPRmd1NhQ
.lijit.com/	1970-01-20 18:04:32	Name: ljt_reader Value: GE4YBLZHfXB-6asCQSiub7ge
.tynt.com/	1970-01-20 18:04:32	Name: uid Value: CoIKSWPYjLlq2zz5L/Q6Ag==
.adtelligent.com/	1970-01-20 10:48:12	Name: vmuid Value: dae4ba08a6a7a0b4
a4p.adpartner.pro/	1970-01-20 10:45:20	Name: apuid Value: 5f58e29d-7533-46d3-ac97-d69baf9909be
.adtelligent.com/	1970-01-20 10:48:12	Name: a309255 Value: e4dc875f-1945-4035-a9f9-885b3c6002d4
.adtelligent.com/	1970-01-20 10:48:12	Name: a289656 Value: fd1b046a-fd2d-49d9-baec-eb0476726ada
.pubmatic.com/	1970-01-20 18:04:32	Name: KADUSERCOOKIE Value: C6AC924B-76DE-4DAF-A941-E29B4ABB6373
.rubiconproject.com/	1970-01-20 18:04:32	Name: khaos Value: LDJOU1FZ-C-CKLW
.mathtag.com/	1970-01-20 18:44:51	Name: uuid Value: 7c3663d8-8cba-4900-a91b-09764c4657e7
.adsrvr.org/	1970-01-20 18:04:32	Name: TDID Value: 088324df-d3e2-4a3d-a5c0-5a3d297a3d21
.tynt.com/	1970-01-20 11:28:32	Name: pids Value: %5B%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1675136186536%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1675136186536%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1675136186536%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1675136186536%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1675136186536%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1675136186536%7D%5D
.rlcdn.com/	1970-01-20 10:45:20	Name: pxrc Value: CLqZ4p4GEgUI6AcQABIFCOhHEAA=
.quantserve.com/	1970-01-20 11:28:32	Name: d Value: EP8BCwGXKPijAA
.quantserve.com/	1970-01-20 18:49:10	Name: mc Value: 63d88cba-bf707-c351b-5ddc3
.yahoo.com/	1970-01-20 18:04:53	Name: A3 Value: d=AQABBLqM2GMCEOivbxDzUPiQ5SLlmhlgYucFEgEBAQHe2WPiYwAAAAAA_eMAAA&S=AQAAAlz3zuqt4a0Cv201o4BzNSA
.doubleclick.net/	1970-01-20 18:54:56	Name: IDE Value: AHWqTUkwY5L0A09WWRTdrWLEeWkeeT9bst4lwlO_OQ05T4fKA7YC249b02qo5EdynDE
.adtelligent.com/	1970-01-20 10:48:12	Name: a558003 Value: C6AC924B-76DE-4DAF-A941-E29B4ABB6373
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_57 Value: 22776-6606910694558905850&KRTB&23339-6606910694558905850
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_27 Value: 16735-uid:7c3663d8-8cba-4900-a91b-09764c4657e7&KRTB&16736-uid:7c3663d8-8cba-4900-a91b-09764c4657e7&KRTB&23019-uid:7c3663d8-8cba-4900-a91b-09764c4657e7&KRTB&23114-uid:7c3663d8-8cba-4900-a91b-09764c4657e7
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_377 Value: 6810-088324df-d3e2-4a3d-a5c0-5a3d297a3d21&KRTB&22918-088324df-d3e2-4a3d-a5c0-5a3d297a3d21&KRTB&23031-088324df-d3e2-4a3d-a5c0-5a3d297a3d21
.adtelligent.com/	1970-01-20 10:48:12	Name: a584890 Value: 6606910694558905850
.analytics.yahoo.com/	1970-01-20 18:04:32	Name: IDSYNC Value: 18z8~29q3
.adform.net/	1970-01-20 09:59:15	Name: C Value: 1
.simpli.fi/	1970-01-20 18:05:58	Name: suid Value: 8DE98068BAA84AEAAEA6A94BD41E9AD6
.semasio.net/	1970-01-20 18:04:32	Name: SEUNCY Value: CFE313948243DF0B
.everesttech.net/	1970-01-20 18:04:32	Name: everest_g_v2 Value: g_surferid~Y9iMuwADc-a34QAF
.adtelligent.com/	1970-01-20 10:48:12	Name: a297253 Value: 6606910694558905850
.adtelligent.com/	1970-01-20 10:48:12	Name: a319130 Value: 064111dd-b008-476e-98ef-ba6bdce3fb85
.console.adtarget.com.tr/	1970-01-20 10:48:12	Name: vmuid Value: fd98892b461e2f25
.adtelligent.com/	1970-01-20 10:48:12	Name: a310570 Value: GE4YBLZHfXB-6asCQSiub7ge
.pippio.com/	1970-01-20 18:04:32	Name: did Value: kb8cWbSADlWqrD6S
.pippio.com/	1970-01-20 18:04:32	Name: didts Value: 1675136187
.pippio.com/	1970-01-20 10:45:20	Name: nnls Value:
.spotim.market/	1970-01-20 10:48:12	Name: vmuid Value: dae4ba08a6a7a0b4
.adtelligent.com/	1970-01-20 10:48:12	Name: a307558 Value: 5f58e29d-7533-46d3-ac97-d69baf9909be
.adform.net/	1970-01-20 10:45:20	Name: uid Value: 485870385321057896
.bidswitch.net/	1970-01-20 18:04:32	Name: c Value: 1675136187
.bidswitch.net/	1970-01-20 18:04:32	Name: tuuid_lu Value: 1675136187
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_153 Value: 1923-NRy3yztMsZIuTbXEMxj-kDAa4pEuGreXYBx84aTi&KRTB&19420-NRy3yztMsZIuTbXEMxj-kDAa4pEuGreXYBx84aTi&KRTB&22979-NRy3yztMsZIuTbXEMxj-kDAa4pEuGreXYBx84aTi&KRTB&23403-NRy3yztMsZIuTbXEMxj-kDAa4pEuGreXYBx84aTi
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_80 Value: 16514-CAESEFWc-jhVdkhkYkjAl-azOvM&KRTB&22987-CAESEFWc-jhVdkhkYkjAl-azOvM&KRTB&23025-CAESEFWc-jhVdkhkYkjAl-azOvM&KRTB&23386-CAESEFWc-jhVdkhkYkjAl-azOvM
.adtelligent.com/	1970-01-20 10:48:12	Name: a318342 Value: fd98892b461e2f25
.adtelligent.com/	1970-01-20 10:48:12	Name: a306279 Value: BKySa8R-SZ7iKAZ_fQa4fr2HP6ajU3QoyXw_yPVLCtY
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_391 Value: 22924-485870385321057896&KRTB&23263-485870385321057896
.bidswitch.net/	1970-01-20 18:04:32	Name: tuuid Value: c7e11e1a-dcc0-4438-aa44-dd49782b2ab4
.mfadsrvr.com/	1970-01-20 18:54:56	Name: tuuid Value: c04d8023-7bbf-4b1c-bc07-ebe93afc02a7
.mfadsrvr.com/	1970-01-20 18:54:56	Name: c Value: 1675136187
.33across.com/	1970-01-20 18:04:32	Name: 33x_ps Value: u%3D212091374222325%3As1%3D1675136187854%3Ats%3D1675136187854
.pippio.com/	1970-01-20 10:45:20	Name: pxrc Value: CLuZ4p4GEgQIAhAAEgYI7OsBEAA=
.creativecdn.com/	1970-01-20 18:04:32	Name: u Value: QJ0V0yJGouqO00Gfdrsf
.creativecdn.com/	1970-01-20 18:04:32	Name: ts Value: 1675136187
.e-volution.ai/	1970-01-20 09:39:05	Name: v_usr Value: 5a7667a0-8a4e-4001-be97-fc2a9bc8cdf7
.sitescout.com/	1970-01-20 18:04:32	Name: ssi Value: 45316404-4790-4a7e-943d-c2d1da18630c#1675136188029
.mfadsrvr.com/	1970-01-20 18:54:56	Name: tuuid_lu Value: 1675136188
.mfadsrvr.com/	1970-01-20 18:54:56	Name: ssh Value: !mgid,1675136188
.linksynergy.com/	1970-01-20 18:04:32	Name: rmuid Value: b2e68493-a989-4f62-a6f6-80e6f3197916
.linksynergy.com/	1970-01-20 18:04:32	Name: icts Value: 2023-01-31T03:36:28Z
.openx.net/	1970-01-20 09:40:32	Name: pd Value: v2\|1675136188\|jElYiuvOuIlUkaialQhI
.sitescout.com/	1970-01-20 10:02:08	Name: _ssuma Value: eyIzOSI6MTY3NTEzNjE4ODQxNiwiNyI6MTY3NTEzNjE4ODQxNn0
.pubmatic.com/	1970-01-20 11:28:32	Name: DPSync3 Value: 1675728000%3A248_164%7C1676332800%3A201_197_226_245
.pubmatic.com/	1970-01-20 11:28:32	Name: SyncRTB3 Value: 1680307200%3A69%7C1675987200%3A63%7C1676332800%3A21_247_107_165_8_3_54_220_209_179_204_5_96_238_22_71_233_214_7_99_254_231_176_234_13_56%7C1675728000%3A2_15_223%7C1676419200%3A35
.rlcdn.com/	1970-01-20 18:04:32	Name: rlas3 Value: Ya/Hb2h2dVsCJja0G1gbm/9gGbfj4Bnv/o84D7TSx+8=
.smartadserver.com/	1970-01-20 18:49:10	Name: pid Value: 895821915120113776
.openx.net/	1970-01-20 09:40:32	Name: univ_id Value: 537072971\|088324df-d3e2-4a3d-a5c0-5a3d297a3d21\|1675136188821961
.sharethrough.com/	1970-01-20 10:02:08	Name: stx_user_id Value: cf68ec7c-105a-4de0-a693-8db81ee6c19f
.adtelligent.com/	1970-01-20 10:48:12	Name: a281178 Value: C6AC924B-76DE-4DAF-A941-E29B4ABB6373
.id5-sync.com/	1970-01-20 11:28:32	Name: id5 Value: 0a3caa9a-8ecc-7d47-a292-336a1b5092aa#1675136186701#2
.id5-sync.com/	1970-01-20 11:28:32	Name: 3pi Value:
.id5-sync.com/	1970-01-20 09:18:56	Name: cf Value:
.id5-sync.com/	1970-01-20 09:18:56	Name: cip Value:
.id5-sync.com/	1970-01-20 09:18:56	Name: cnac Value:
.id5-sync.com/	1970-01-20 09:18:56	Name: car Value:
.id5-sync.com/	1970-01-20 09:18:56	Name: gdpr Value:
.id5-sync.com/	1970-01-20 09:18:56	Name: callback Value:
.sportradarserving.com/	1970-01-20 18:04:32	Name: zuuid Value: 156cf52a-7cdb-42a3-b19c-899f9fe440a5
.sportradarserving.com/	1970-01-20 18:04:32	Name: c Value: 1675136188
.amazon-adsystem.com/	1970-01-20 18:54:56	Name: ad-privacy Value: 0
ads.playground.xyz/	1970-01-20 09:28:35	Name: connect.sid Value: s%3AU07O23p2At9vL3GL5yw_-HPpb8Z_oxHq.P%2FCo%2FEDK0mpxTEBvNAL%2FjSdN1nzvkfAxi1%2BjKThZrfM
.ctnsnet.com/	1970-01-20 18:04:32	Name: cid_7ef3a27d2cd1472da9d08cce50938838 Value: 1
.ctnsnet.com/	1970-01-20 18:04:32	Name: cid_50379f1660fe448bb5c90baa64a9e7b8 Value: 1
.tapad.com/	1970-01-20 10:45:20	Name: TapAd_TS Value: 1675136189171
.tapad.com/	1970-01-20 10:45:20	Name: TapAd_DID Value: 123c4593-b4f6-44f6-b6e2-8f326c656999
.turn.com/	1970-01-20 13:38:08	Name: uid Value: 4526855311738566974
.ladsp.com/	1970-01-20 09:18:59	Name: cr Value: 1
.sportradarserving.com/	1970-01-20 18:04:32	Name: zuuid_lu Value: 1675136189
.sportradarserving.com/	1970-01-20 18:04:32	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 18:04:32	Name: zuuid_k_lu Value: 1675136189
.socdm.com/	1970-01-20 18:54:56	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjc1MTM2MTg5fQ
.c.appier.net/	1970-01-20 18:04:32	Name: _auid Value: n-3UQaRXAsWwZMrJvYzYYw
.ambientdsp.com/	1970-01-20 09:20:22	Name: _aGeoIp Value: NZ-Auckland
.ambientdsp.com/	1970-01-20 18:54:56	Name: _aUID Value: yrvq14w8a9c
.gammaplatform.com/	1970-01-20 09:20:22	Name: _aGeoIp Value: SG\|Singapore
.gammaplatform.com/	1970-01-20 18:54:56	Name: _aUID Value: mocgiupxdyq5
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_1159 Value: 23138-50379f1660fe448bb5c90baa64a9e7b8&KRTB&23328-50379f1660fe448bb5c90baa64a9e7b8&KRTB&23427-50379f1660fe448bb5c90baa64a9e7b8&KRTB&23445-50379f1660fe448bb5c90baa64a9e7b8
.tribalfusion.com/	1970-01-20 11:28:32	Name: ANON_ID Value: aunseFwl6h6bQQwbQQaIUZa33YjCe5keNMdc62oSQYBrEqHO39eNBxBgJR1TIZdl1j3AT4eu09ig5xYNU29msw
.crwdcntrl.net/	1970-01-20 15:47:42	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 15:47:42	Name: _cc_id Value: ec3a4bd5999bc4f39961c918c3754352
.crwdcntrl.net/	1970-01-20 15:47:44	Name: _cc_cc Value: "ACZ4XmNQSE02TjRJSjG1tLRMSjZJM7a0NDNMtjS0SDY2NzUxNjViAILkGz17QTQUAABfvgsb"
.crwdcntrl.net/	1970-01-20 15:47:44	Name: _cc_aud Value: "ABR4XmNgYGBIvtGzF0hBAQAfIwKF"
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_22 Value: 14911-4526855311738566974&KRTB&23150-4526855311738566974
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_904 Value: 16787-n-3UQaRXAsWwZMrJvYzYYw
.ladsp.com/	1970-01-20 18:54:56	Name: smn_uid Value: ygZq3hg0PF-pAWOObpD9WQ8y0Z04voE
.ladsp.com/	1970-01-20 18:54:56	Name: lum Value: CMqIl6_gMBIFCAMQ0AU
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_1290 Value: 23368-yrvq14w8a9c
.w55c.net/	1970-01-20 18:46:17	Name: wfivefivec Value: IskLff5q1PmHrD5
.dotomi.com/	1970-01-20 09:18:56	Name: DotomiTest Value: 53a6f2b7a5cf2268
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_1310 Value: 23431-mocgiupxdyq5&KRTB&23446-mocgiupxdyq5
.pubmatic.com/	1970-01-20 09:20:22	Name: pi Value: 0:3
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_466 Value: 16530-c7e11e1a-dcc0-4438-aa44-dd49782b2ab4
.w55c.net/	1970-01-20 10:02:08	Name: matchpubmatic Value: 5
.csync.loopme.me/	1970-01-20 11:27:05	Name: viewer_token Value: e887af6d-e53e-4a2e-ba14-88422e9e5ff7
.tapad.com/	1970-01-20 10:45:20	Name: TapAd_3WAY_SYNCS Value: 1!747
cm.mgid.com/	1970-01-20 10:02:08	Name: mg_sync Value: {"265689":1675136183,"363887":1675136183,"43070":1675136187,"433145":1675136188,"433146":1675136183,"516418":1675136183,"617666":1675136185,"665953":1675136188,"712807":1675136189,"718337":1675136189}
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:04:32	Name: bcookie Value: "v=2&b31370b6-d9c8-4541-83e1-7a3c431f5b6a"
.linkedin.com/	1970-01-20 09:20:22	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2569:u=1:x=1:i=1675136189:t=1675222589:v=2:sig=AQGK11U2Mn2U8zMXbjYsaW0lhuhe1JXN"
sync.srv.stackadapt.com/	1970-01-20 18:04:32	Name: sa-user-id Value: s%3A0-fcba47d2-a3db-476f-69ad-cf0a3501336c.Kjje8YhGjfJy0aw8mylx65oX9Gq9fc%2Bzj%2BD%2FudwQqvQ
.srv.stackadapt.com/	1970-01-20 18:04:32	Name: sa-user-id-v2 Value: s%3A_LpH0qPbR29prc8KNQEzbHRaSsU.gZKVch2kdzeQgbVORpbofRm82blVzHViQrrtgxMxDa4
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_107 Value: 1471-uid:IskLff5q1PmHrD5&KRTB&23421-uid:IskLff5q1PmHrD5
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_32 Value: 11175-AAAJrmXGWxksPwNK78EsAAAAAAA&KRTB&22713-AAAJrmXGWxksPwNK78EsAAAAAAA&KRTB&22715-AAAJrmXGWxksPwNK78EsAAAAAAA
.pubmatic.com/	1970-01-20 10:02:08	Name: KRTBCOOKIE_860 Value: 16335-_LpH0qPbR29prc8KNQEzbHRaSsU&KRTB&23334-_LpH0qPbR29prc8KNQEzbHRaSsU&KRTB&23417-_LpH0qPbR29prc8KNQEzbHRaSsU&KRTB&23426-_LpH0qPbR29prc8KNQEzbHRaSsU
.adsrvr.org/	1970-01-20 18:04:32	Name: TDCPM Value: CAESGAoJYmlkc3dpdGNoEgsIzP-L5svRwTsQBRIUCgV0YXBhZBILCLaawvXL0cE7EAUYASABKAIyCwj63ZSp4tHBOxAFOAFaC2FkY29uZHVjdG9yYAI.
.amazon-adsystem.com/	1970-01-20 15:08:51	Name: ad-id Value: A1Xrt4pHiEU4n34zhU4SmNI
.pubmatic.com/	1970-01-20 10:02:08	Name: SPugT Value: 1675136190
.rubiconproject.com/	1970-01-20 18:04:32	Name: audit Value: 1\|3WZQcVYb/Ivs16R0Yus68EblE08dAeljfKn+wo0dSeagPkpb7mceIzyI/YlaHkKOGqF9eHzvxpuM1KxoLazIt6NWShwHx7KI6rocrMY9/A8imyOSRY/leEFH+lzCZqcoKUTVn6tGtVUbHQle859nfG1OO/e1LqWTZ8qg/TYl0piLNo1JehIMyc9sdGeFC9lF
.1rx.io/	1970-01-20 18:04:32	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-17c86d59-6b26-471b-b698-84c8cebeeae6-004%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/	1970-01-20 18:04:32	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-17c86d59-6b26-471b-b698-84c8cebeeae6-004%22%7D
.pubmatic.com/	1970-01-20 11:28:32	Name: KRTBCOOKIE_594 Value: 17105-RX-17c86d59-6b26-471b-b698-84c8cebeeae6-004&KRTB&17107-RX-17c86d59-6b26-471b-b698-84c8cebeeae6-004
.pubmatic.com/	1970-01-20 10:02:08	Name: PugT Value: 1675136192
.pubmatic.com/	1970-01-20 11:28:32	Name: chkChromeAb67Sec Value: 9

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://beforeitsnews.com/(Line 170) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20230129_144107_504.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 273) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20230123_104333_958.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 373) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20230129_144107_504.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 373) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20230123_104333_958.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://cs.nex8.net/cs/openx Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js Message: Unrecognized feature: 'web-share'.
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/238306/images/maxresdefault%20(7).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://endoftheamericandream.com/wp-content/uploads/2023/01/Snip20230130_21-600x401.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(298).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/KXjeKc16gZO61W46nptWmd66_small.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/779955/images/CROSSING%20OVER_1165_5_N_CCK%20-%20AT_Page_1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://worldufophotosandnews.org/wp-content/uploads/2023/01/ARTICLE-KEN-PFEIFER-1-30-23-disc-beam-night-7287-1024x569.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.philadelphia-acupuncture.com/wp-content/uploads/Rabbit.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a.tribalfusion.com
a1.beforeitsnews.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ajax.beforeitsnews.com
ap.lijit.com
beforeitsnews.com
c.mgid.com
c1.adform.net
cdn.id5-sync.com
cdn.mgid.com
cdn.onesignal.com
cdn2.customads.co
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
cms.quantserve.com
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.nex8.net
cs.spotimmedia.com
csync.loopme.me
customads.co
de.tynt.com
dis.criteo.com
dps.jp.cinarra.com
eus.rubiconproject.com
events-ssc.33across.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
i.imgflip.com
i.ytimg.com
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
iili.io
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
img.beforeitsnews.com
img.youtube.com
ipac.ctnsnet.com
jnn-pa.googleapis.com
jp-u.openx.net
jsc.mgid.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
m.beforeitsnews.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
pexoenne.site
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rddywd.com
rtb-usw.mfadsrvr.com
rtb.openx.net
rumble.com
s-img.mgid.com
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.tradingview.com
s.tribalfusion.com
s3-symbol-logo.tradingview.com
s3.tradingview.com
secure-assets.rubiconproject.com
secure.adnxs.com
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
sp.rmbl.ws
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
static-3.bitchute.com
static.doubleclick.net
static.tradingview.com
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-volution.ai
sync.inmobi.com
sync.mathtag.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tags.rd.linksynergy.com
tg.socdm.com
token.rubiconproject.com
translate.google.com
translate.googleapis.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vid.vidoomy.com
www.google-analytics.com
www.google.co.nz
www.google.com
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.jamesredpillsamerica.com
www.ournewearthnews.com
www.tradingview-widget.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
cs.nex8.net
jnn-pa.googleapis.com
103.229.10.171
103.229.205.243
103.231.98.194
103.231.98.195
103.231.98.196
103.231.98.197
104.16.199.73
104.18.225.52
104.18.226.52
104.18.25.173
104.18.255.14
104.19.133.78
104.21.14.185
104.21.235.70
104.22.74.138
104.254.148.252
104.254.151.36
104.65.228.208
107.178.244.193
107.178.254.65
109.206.161.21
119.9.108.191
124.146.215.47
13.107.42.14
13.114.237.69
13.213.182.200
13.224.250.27
13.224.250.55
13.227.254.26
13.227.254.35
13.250.207.233
13.33.33.107
13.33.33.47
13.35.8.4
138.199.46.75
139.162.23.100
141.95.33.111
141.95.98.64
141.95.98.65
142.250.4.155
142.251.10.119
142.251.12.103
142.251.12.94
142.251.12.95
15.197.193.217
151.101.194.49
151.139.128.10
162.241.30.109
169.197.150.7
172.217.194.155
172.217.194.95
172.253.118.113
172.67.138.44
172.67.14.110
172.67.178.15
172.67.38.106
172.98.57.100
18.136.168.53
18.138.18.111
182.161.73.146
185.184.8.90
185.84.60.29
195.5.165.20
20.127.253.7
209.191.163.152
209.58.165.102
220.150.223.50
23.106.127.39
23.106.127.52
23.227.139.243
23.227.152.10
23.9.185.218
3.1.117.253
34.102.253.54
34.117.239.71
34.142.175.23
34.98.67.3
35.186.193.173
35.190.30.115
35.190.60.146
35.212.212.222
35.213.12.39
35.213.93.179
35.214.223.115
35.227.252.103
35.244.159.8
35.75.149.219
37.157.2.237
44.205.120.122
50.116.239.135
51.79.234.101
51.83.220.94
52.220.170.179
52.220.229.2
52.46.143.56
52.74.162.2
52.94.223.37
54.179.181.113
64.120.110.136
64.233.170.157
64.233.170.94
67.199.150.86
67.202.105.24
67.202.105.31
67.202.105.34
69.173.144.165
69.173.158.64
74.118.186.45
74.125.24.113
74.125.24.132
74.125.24.156
74.125.24.93
74.125.24.95
74.125.24.97
74.125.68.139
74.125.68.149
8.43.72.97
80.77.87.161
89.187.162.137
89.207.22.108
98.98.134.242
0079d8d288d7e5ef50e36ee74007f2cb14587d0c6ec5a562a51f1169e93864ae
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
081f3a775da78fb0f0dd654588eab34ddc295bb132ba467c8eee7b29db1a2507
0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da99f1d4a2e33f27d13a30d06141b123f6034f176d66f5f26b6a38878eff98b
0f9f2b58db56d54a8e8f6aba63e75e33aa19c58fcedd4bbf8602aeddb1d9b746
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a
1203270d5f5d2060abe9b8741ad7fc4fec12e40db681ae916f3ed4b19e6992ae
12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1
13f0593a5d13fb5749e110899dbe6e2e4e7d807f3958e15b937cc6f0001764f2
14c51f0de90f3f9528679d1b7477a76aec15be7e3c8bc0848fa490483e3d405b
152af5c675f49905d731e13e60ce44bb199be2f1102ca1ddaf8434783435fae2
15b595d88258b8c2174c610e0a8e1ba14bb57c612e2194572578f5032ddb04f0
163d5c11f834ccff3bb12178c3b98f97881877007464cceba82f66c2668b43d6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18bd4c224b539f2b6a48dd6b9a3b797b3cbdfefdfeb4161e4863b2f06bc247a5
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
19ed19926b766c727ed0ea992d95836e977bfeeac37521b1e6bc6bf83434eaca
1e39fbaf69594ed7df217d88b6e405c5c6497269f6a5becc04e6ca8078a57d84
1ed1b3057133066e90a0d34d9b7969f9e078a55a6d8798189f6f207fde7cf3f9
1fd6e71deba74429cc0cf0d92b1d1dce528999ad70cab50af7becd3f51aa66ae
200a946e5791d7badbd24083107892396943aa46f63fbd8001948ab2afe3866e
24a5def112a50a4851378065e3b8c8d5718ea46fb62bc32e04960803605e6b80
2680103fe495e1c8fbf6bb2076961cf8cbfce94884ed4af5d7222a1706362e6c
2703952e60425a622517c94e25a8de3f8cde240112f72f14eb39656ead0d93a8
278b01bc2cfecd3a9e5510870083a524aa44d6195fd7ad827899ee674e41b02d
293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643
2a22332dedb5e29ae5495a962ce5d26a13f5306ee16db3a656e64c6fbd8be499
2a2a485a12877fea07455a904403772cd14d17015280daa9f88882d21f5d8873
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b0c92532e3e5e738b0e48f44255367171f4e9cbf727221f69e642a1da5b6692
2d113108c7509fce2ed86e98a1840c8aeb271f932ad8dcf603127b20d4393a98
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
2f3eba1194c88bed5aea71a0e612cac14a5f13af4b072395d3327a462a050325
2f4225701dabeb409f09d5ff3bba85993d7ef0c399ccf2dd9daa609300d23992
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31257fdc7fa342a349e0e054c694570eba2bd8e05f44444def4021d549ed8153
31568e93727ea81019c4ad3ee96535f2999688c83e5612c45096a0a576a31701
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
342003704250e79d6104077de0924bd489b5edd0a5fa2736398480f5883f3627
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
35756cfdc99cea57d1bebba0304db1a4657bbfae0366c0bf15b1e48bdf113e9f
3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d
370a59263a79542e45b906d533eee3a047abe89219f1c11c720a84c72fac144c
37fb772b3006671ad34131440d74acc325c72c629d4322d43b4d7752e1fb7422
39bfedc970a003d6ec90bcf8544220ad285c773d9b07d08b9233ea28d72f406d
3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde
3d79e6d28a26a87e74ff12d499d15e64b7cb391977e4c3b292b893167119295b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4621bdd70b2671207f6730e46b084bf3dfde8fa4500600c3e085596e13bc4a
3e6cd25df04ebc9b9101d7f131cc765c10a3f88dabc2487e1a06f48ce8a767b6
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee5811c76d7723bfd84473090c1a356eaaf8e383d33dfc592275a375c9197fc
3f0a964ff8cbc8c4d927de92c5ba56136ed13b39696b118555e452b64f310b3a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c
4a726be2f2c71e83ac3a30833a22ee41fe2653aeedc4ef4699dc68ab85467d90
4a72c41a68044e9d76bb083dadf61957352acc0204fe96ddae9b72b8330324dc
4b2c8d414700933213b9eb6361fbd2ed548aedc9ba2629fb51d220d29c77c115
4c5482525141cafe3826dd5c62639094fe6053531a9b93af37c3c396c2681d6d
4d4a5500923a659d39bd547d72f37372f7e97ab0cae00e9f25cf431095a7420a
4d635319e018f14e522b0c483578cb3c528aa645b95e3a80122051d34e1ea19e
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
4fb50a8cd69d0904f2651010f47f1716179579821acf15dbc313de2f1969f908
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
568a3bd629dc7eeab71e353ce4289db0653c58aebb57d92959d812c2e54748d0
56f068f84f80c321e052fd3e2b2a56032832e9d76fe8332bbf5ac8a083a6d33e
58edc25ba1976b550899f5f02fe9344f4f5fccfd573a379df3451e743f8a8c06
595b20e4f7c976953427e0f71480a3681af71fd7fb61df1f785c40a98bf14b8a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bf1ff7c861b303af85db79af26f29bd653f3a16fe257b9c2614d46e8b85f683
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6159f32f1b79a94b26c2c580fdd4ffdfc91af5334f46c4d8b2a1597925fb2e78
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
621102dfaff08df0016e6e7fe5705131a168361769089e158388ddb515e1fd93
62344df9409dbdd519e83de5ad4d26e6a5791f5a237076ec8a0295596b60902a
642dbae86cac1cdb3ec7335358c89e077a11b5d28bdc51dd706216af312e7dc7
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
67168c8a8ca17557c3257968fc5794d9c4d11f03b751cabd0427464f178c5282
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6840b50612138317ff854a1a65ab25037a659cd64329b8806ecbf7c43e0ee585
6a194ace54f5bfe33571be8873a85b98bfa9f7e7b7e9afc9e6fd9a354b23dd17
6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf
6ac7ed5eff9362a031e0c6020cb5e0421c7908dc82c73e40c56c12f26ede064e
6baa953e15a3b8c9ea11599c20b1ea9b494c3c8e76b3fee6434ff014a2933ca8
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
6bf8c19e86df162bb8cac54007fe68416c267b46112bd4b8061f666f09af7584
6c25f2f8465e707f379f76845e598a90c3672ac227048ef1d6cc9d6f9955573e
6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4
6d244c3a001932cb98a9d09bf7b61991903f417f41b3c4ba72757b95b72faa84
6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
6e9a7da361305d9aafe70f454854ac8e196eedf4a581c21f047e4d57793b2b1f
707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
7692705e89a59b78f69c719f9b22dfb4978de5fc56f3ee54a81cc85379b8ba19
76d2bd4832614d4ac0742c3cbc98065f3e9296443ec4e89327ebbdf6ed8ea1aa
76e330cd2f514570ec77ff9ccb39f72966c87acc599074eac3f92510b8e82685
787486f12ff3fac81aa633e6bd17085d5ba21c6b4af40cb007becc7b7ab5a60b
7908c2f4b89146df43567c37fef2bfcb60e7cbad27f8e6650c5d6f94388778b0
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7bb2c889df4d7f0fcef15a3b32ecca9db3c45cb5358ddce59d45c485e53b4f7a
7d26554630e4c1de221e4877bc42d91eefa269b7da4f59c99cb2ebff84d33470
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db
827846bf37c1ddb30e84958ef807853bf1d2482b3629927c1034f84b85f32bf3
82a94571106e21c6fbbf598a46dfd8b8ddf685764263203a245f701421afdac6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f6f0ff6f18d1d07996d5c81ef5d08270dff8a1e5a377e7bbaaa2e9f11878f1
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84586075ffc5cd4d1773d6a6449cdfe77d7243cec07c44b9d248a834029cced5
86a5809b685b63f4e433900f801fcb8a0f47e64ad6579c99e4a792c1a05ae2d4
8953492dba77df435e5fbcd568b638fe049279d04fa0403f859d33e72fea74e8
8a46105885c5a86da7684c935f2647f6dd95b168d24968484041c704525fbd31
8aa95615bbafb1effbf79aafb1fda2d80b5a171cad3984a444601020dcae20a0
8d5add779cce664e4f319e2d19523efca6ba8b843263445736a9fadf5dc227d6
8ee3e1c1fe9cf8bc9804cf8b46b91f77d322c1d3fa7c1fb3dacd56f919bd4ca8
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9051831ff582e53f05d7e37603148c7a292966e6ec582a68448319f1dc9d7558
90f8a2925757274095820998715aedb4a44ecb2693c37cee2dd4a22e3a3e464d
92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc
93b57f76f3d1a80a33364a661335bf34b1b7384096d336d8ceca0b0a1a61898f
95690d5c4fe1189d2d0387554c0b23c5d4e16d047db5d7a4154b9c4e83f86bad
963e8f3a4445ad949ba7d22f576988862f6f6dd41dcdfd105534de80690262ac
968223d9a08ecd504af62126c91de12e96fe95e2a3c00853d9b1a268dd6af653
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e2c1ab047d958a6e7a35fd6a9fd3221ebcec1f14ee47cfc15f67d9818bcdb4
9a80ffe6a1148d46499fc36fe3038660e65abdc0a855d19175f43ed230c9bede
9b9fe71606636a37b6f7fb74e8ea572130d0f61dbcd92fe3ae40e80425f56fb2
9c94a48b42770fd8cf43f8dadc4882c5b147395e4bcced53656d74e7a7a31cc9
9cc6ec239f234d5a18b64d69e6d302015311830e98901815992b422fe553c3a8
9d9f69b458097c709f4c00bebf9040036f09ac49fb8f6543755dbb36227a7041
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e0fa7875e28ffdbb397955dbc336b800dd39e14f19c19e63e753e4740c46f80
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d7b8a6237561de8a6c9369317d85f5d62d83b26847b181ddeef13c5ac3ea6b
a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a
a1ff24b814482924167dfbfe5c4a325873bc9f795fca59455fe685407a41de94
a20b7d1ce9191eb91e7865d5792d5464ce35f112fda577d96eba93c719cd29ca
a2979f4d14ee6099d5a7bc437925cb7dee1b78af94cd8f3fd6170eb1f22608df
a47600637704c2c05ee69a3cd348a9c9a76f8a8f655899efeff70266ffb10fc9
a5068464290b2b7404e5f67f0bbbcabfc046b1e6d635430e91e77d96461c95ec
a5c807a458355b365245808e8120e21f1f14c4ccca0aa8628b9e3cd852bd24fd
a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9
a7e44100eab9ff10eaf86232be5858183f50e27488f572f4899c71a60f73107d
a8a0d2847710e51c816f6973ff5cb3e11dc41ebe5648331789a92b973f8dc0a7
a8d20640918fd8f22fcde8e3b3b0e0395ff10e795b091147b651b390c596ff1d
a9d447abcc72abe7d4c47bbef66f0ce21b3a596e9713c650ff7fd84ce9c94986
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab3ff9607ac81a029cc864e1412fadc4a2415fbf699cb204f282fa39e74bf1d4
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ad60e82991479b97628d23059388eee30e8ef242a8c5f66ca91e4b177e1a6261
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c665a48935e569faa4ef79acead93d56282e86f16e3947229ed0530a9b4efb
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
b614742cb337e048cb308629deec2f68ffa868742c8954bab91b19dcd5f8b2a2
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2
b90f49608405a475e70f1584188847569c6ae875e12579ac2930a8013a80da3a
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
bc57c6dc0d222d504e89e06f7fdfc3ce6b9531a59cc150f15fb2bb07d3b178ef
bc65c6721af6fef8b02dca12cd466a18150acbe66203f45d76782f210194867e
c00dde69b0c0314bfa0b2b8b80045aae3043c5addb34d8d35946e5103bd51b9d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2523c13014e41785ad9af2c2a9892272cd99fd290a0bdca036ae43a5a7ff48f
c589c7f1b9c73d8c3a073c49d14d7acc7d8af6e2bee79ed841cf07ec635c851f
c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7
c683e1ded44f6112b3b438fac52304ce7767dba7b4868e65743d7f027f41c3f2
c785098fc813e82b53e7f3d9481dac324593ee84f738d62f621788fd597f91bd
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
c8cecd290135a3ed2ed8c6f705cbfa175f0a5a42de2a2ea345339e3508b4d80e
c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb19fbbe887b10fc39e63ba83f2da46f1c24f2d7e965a5cba217c0db9099d136
cc5d2d679b4c0b8a35064a931d10f02e0700b6c780631d7af6c57542562a13d4
cef4288d352bd527b814a99f80bd33c9ce0ab956520a685aeb41da83e9f41705
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd8b6f4dd8f2008cab7ca0af02768311a7665495030d97899e2e1f0e89b0335
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d1b8a0fc8cd1e1cee4a88d59f5787fdd243f2fbf583f809d5c8d5028ea2b1162
d1d495b7355894adc6b8a9b99c1d17a290fe1439734692714d379526ef461b04
d1e8543cd877843279ac02134e1f872a27b3f137c532d94bae93f454096305de
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619
d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3
d56fb9669433f27dfc5a69b1124f29b55f8610bcd4c31757f657036360bd215f
d99c9be202642d5e4b2b019f557e98293ac1247f14003bd67d6dddb5d5af0d69
da445f75f00cf68c3907ecf1546f65491093e94b8ba6d0e4e2a6c9d9970162c4
db06812489da502d3fbf8ed1f8dc9ffbbb8694dcbddc09103271f1896b64e9a7
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391
dc7565898a5fb68b4a99e0e8245c9929179e1cc57400f6264709fc059772f69d
dcd6a1853d499f914e87951f7eebc017762acd55a1aab5436e9a2ca1a2b8fd95
dfe1ba6bf7ed007c1cde8f6f8824e37f404676b85c5caf01646195a8d7ed3f4f
e1a1f62823d42a8f4bdfa245c2ee3dbb6a5163f140c3b97846eb2ae658066fe9
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e533d7e61b0197daff947d931e3b5bc458a4f9659e2b968fe08277e3a5232faf
e5d6533cc6507f59277611b3ec319f9953fdd9f39ec6562640fb647cac4ee1f1
e5e8dfcc31f7d778690a794e2e53ed59dc8ed4912f8e25d6d948031e748495f4
e794e1adb51c34a3d7575a12edaba5ab34b9388e3ab94295fc23162090eb3517
eb18dd3629c5ea729e1ba5aba3a1bfbc19b7158118b0d0ba7cac059a59834640
eb7a524cd9d970f7fd2f5e9599f3bcb3b5fb9c641b1f92c372a30cdd83911ab1
ec6d37e254162f59be8cc87b3460548733a4958849afbb0d64d67a114e2f6c7c
eca1d35f3411e618bf4da24ffabeb298f0dcb7b729255a442be6fe842b311ec5
ecc2a2a04b695832f8cd8291974b14a216726c7764b0ce03809803dd6a293053
ed4a27ada55f520a2fe36a4a3bbc0f1a14651a058a4842a98f7a5e8807c9bfec
edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eedda45be3c48912f2e0a2c7d947c1cca93370fbe26ac15e505f96a31b4bad46
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14d028ac7f7b7592441757801b1a860210c9d0b3842a2fd0ac209127410f1ba
f297139122eae436f4821d0b6ca590c1d0119f900cf1e6fa93dbc355f92250e0
f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897
f3b85842f1435a024c577c49e634cfdfc799a7d3fb19e8909d1bdd29017ad912
f4ad46c860488f3ea1c3392717c6fdbc645eac58538d1afa36f0f978f9bec57e
f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0
f670413d2ae1a2ae6adb0f76cf9a23e52e96324d60f3c10658a9bfe558a6513d
f8121d1ed327726347e9785871364755c8cc93a021f8f135102b54e5f1a3bef6
f889c27015d4eb32a74d57f4fd5d3b67327065c7f7e021188e23a3b7d8ba7bdc
f89021b55a1e5bc2cf6feb86724f463fa3dafe6176330edd4285b47d13253798
f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92
f8ca543be24fae0bffafd7ab5c7904ea9154be1069dcc0d93d3129744a0aed35
f90057fc184b6c8eae37528418032d0c50678fd1ad00261808c71fbbe1cb1856
fc364ee65e0bda411208a30fab628586d1456f6206616124ffd6d218dde441b8
fc93f930396c1e55d7d0ebce7db81b3b9f12fbaa3e4b7fe184787ba9c16b6dfd
fd404b53d99788cd2d8340f9f45ca2677f99ba01bc7c1a2b6f676dc4a4a88558
fdc924b3a76a3ad764d3afacd9b9ed4d95f6d0757770c2b697145d560ad570f1
fde8b5c1a6312c50315dc391477111fe9082b4ed9d9ea11cc30e3586aa8769c5
fe19334709cd41c6c626aa65d242a3c096e5ef4d92097fc19fc27ab73d31d50a

beforeitsnews.com Open in urlscan Pro 104.22.74.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

399 Requests

81 %HTTPS

0 %IPv6

93 Domains

142 Subdomains

89 IPs

11 Countries

7925 kBTransfer

20690 kBSize

146 Cookies

16 Outgoing links

Redirected requests

399 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
104.22.74.138 Public Scan

Screenshot
Live screenshot

Full Image

399
Requests

81 %
HTTPS

0 %
IPv6

93
Domains

142
Subdomains

89
IPs

11
Countries

7925 kB
Transfer

20690 kB
Size

146
Cookies

399 HTTP transactions
4 data transactions