politicalhaven.forumotion.com Open in urlscan Pro
94.23.159.185  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

• https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634583289017-946864607543-006380-014-002078%26biddername%3D55%26key%3D%24UID HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1634583289017-946864607543-006380-014-002078%2526biddername%253D55%2526key%253D%2524UID HTTP 302
• https://sync.aniview.com/cookiesyncendpoint?auid=1634583289017-946864607543-006380-014-002078&biddername=55&key=3989399798673801033

Request Chain 89

• https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
• https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPdf010c7e-3044-11ec-816b-020dbce2a38e HTTP 302
• https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPdf010c7e-3044-11ec-816b-020dbce2a38e&verify=true HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBkZjAxMGM3ZS0zMDQ0LTExZWMtODE2Yi0wMjBkYmNlMmEzOGU%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_hm=VVBkZjAxMGM3ZS0zMDQ0LTExZWMtODE2Yi0wMjBkYmNlMmEzOGU%3D&google_tc= HTTP 302
• https://pixel.advertising.com/ups/57304/sync?uid=CAESEPMoxUzIa98Nbj-GsnRfEa4&google_cver=1 HTTP 302
• https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPMoxUzIa98Nbj-GsnRfEa4&google_cver=1&apid=UPdf010c7e-3044-11ec-816b-020dbce2a38e

Request Chain 90

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
• https://ups.analytics.yahoo.com/ups/55953/sync?uid=67cafc2d-f65c-48bd-9c13-78ce0b13b2bc&_origin=1&gdpr=1&gdpr_consent=

Request Chain 91

• https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YW3C_QAKEaJICgAR HTTP 302
• https://pixel.advertising.com/ups/55986/sync?uid=YW3C_QAKEaJICgAR&_origin=0&gdpr=0&gdpr_consent=&_test=YW3C_QAKEaJICgAR HTTP 302
• https://ups.analytics.yahoo.com/ups/55986/sync?uid=YW3C_QAKEaJICgAR&_origin=0&gdpr=0&gdpr_consent=&_test=YW3C_QAKEaJICgAR&apid=UPdf010c7e-3044-11ec-816b-020dbce2a38e

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Show response politicalhaven.forumotion.com/	57 KB 15 KB	228ms 184ms	Document text/html	94.23.159.185 OVH
General Check archive.org Show headers Download Go to Full URL https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash e4c057299641b903e4f600ee08804f326a52c9361d3950b35a1631c84738f03a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers :method GET :authority politicalhaven.forumotion.com :scheme https :path /t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Mon, 18 Oct 2021 18:54:48 GMT content-type text/html; charset=utf-8 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" cache-control no-cache pragma no-cache expires Mon, 18 Oct 2021 00:00:00 GMT last-modified Mon, 18 Oct 2021 18:54:48 GMT vary User-Agent content-security-policy upgrade-insecure-requests x-content-type-options nosniff x-xss-protection 1 access-control-allow-origin * content-encoding gzip
GET H2	200	2-ltr.css politicalhaven.forumotion.com/	160 KB 57 KB	110ms 108ms	Stylesheet text/css	94.23.159.185 OVH
General Check archive.org Show headers Download Go to Full URL https://politicalhaven.forumotion.com/2-ltr.css Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 432817401f4c1bf65bf5d5f1bf2b85b17d1f691233af8c09a43c4457ff8e651b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers :path /2-ltr.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority politicalhaven.forumotion.com referer https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:48 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 18 Oct 2021 00:00:00 GMT vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=315360000 content-security-policy upgrade-insecure-requests content-length 58154 x-xss-protection 1 x-cache-ma HIT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.7.2/	93 KB 34 KB	79ms 24ms	Script text/javascript	142.250.185.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f10.1e100.net Software sffe / Resource Hash 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 10:09:45 GMT content-encoding gzip x-content-type-options nosniff age 31502 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33845 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="hosted-libraries-pushers" expires Tue, 18 Oct 2022 10:09:45 GMT
GET H2	200	en.js Show response illiweb.com/rs3/32/frm/lang/	70 KB 18 KB	74ms 27ms	Script application/x-javascript	172.67.150.97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://illiweb.com/rs3/32/frm/lang/en.js Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.150.97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17886699c8b998854eff1f7a05b87b29f54bb0f00272e2f8cbb82f1bdf52e5db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2867978 cf-polished origSize=71221 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block x-cache-ne EXPIRED last-modified Tue, 20 Apr 2021 12:25:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qAIIXQf0O9RQk730UrNK6XmW%2BeQJxbFkK5H1WLJbmUgbt98A2NC1cJu5ow1BZB31FfaWwffSUw2%2F2uZN9Zf4%2FITCxvzhJyNbp%2BGj8q%2BUmu0IfuQYMSObH3oByZRmA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * cache-control max-age=31536000 x-cache-pr EXPIRED cf-ray 6a03fa2b3bb332ab-CDG expires Thu, 15 Sep 2022 14:15:09 GMT
GET H2	200	stub Show response cache.consentframework.com/js/pa/24697/c/IxWav/	1 KB 1 KB	86ms 37ms	Script text/javascript	104.26.4.102 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cache.consentframework.com/js/pa/24697/c/IxWav/stub Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.102 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9298971a5bdb7470b87aa2bf89d39c6b13fd2f486d38c87b057b94ce54eb98bc Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT content-encoding br cf-cache-status HIT last-modified Mon, 18 Oct 2021 18:02:54 GMT server cloudflare age 3113 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YgnwKlRdTzYHqjWIGGk6RC88UCzAy%2BUejjR4O%2FPICsbIpPWamaKq11cg1DIiS2xu%2FEGBe7z2DntBgkvuKYMeoObBQhklzVcSM2%2BLL9brmEA9kRHXzdVq2JhICwF1MBM1lKsqo0A8hBYBLcO"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 cache-control max-age=3600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15724800; includeSubDomains; preload cf-ray 6a03fa2b3d5940cc-LHR
GET H/1.1	200 OK	cmp Show response choices.consentframework.com/js/pa/24697/c/IxWav/	448 KB 128 KB	87ms 32ms	Script text/javascript	212.83.160.162 Online SAS
General Check archive.org Show headers Download Go to Full URL https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.83.160.162 , France, ASN12876 (Online SAS, FR), Reverse DNS 212-83-160-162.rev.poneytelecom.eu Software nginx/1.11.3 / Resource Hash b2a5b9a99fd25e603ddbc493dc2b6d69c8a94d238fa62bb116eb955bcc7553a7 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:54:47 GMT Content-Encoding gzip Server nginx/1.11.3 Transfer-Encoding chunked Connection keep-alive Content-Type text/javascript; charset=UTF-8 Cache-Control private, max-age=3600 Strict-Transport-Security max-age=15724800; includeSubDomains; preload
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/	119 KB 39 KB	47ms 18ms	Script text/javascript	178.250.2.130 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT content-encoding gzip last-modified Mon, 04 Oct 2021 12:34:27 GMT server nginx etag W/"615af4d3-1dd0f" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 19 Oct 2021 18:54:47 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	95 KB 38 KB	79ms 29ms	Script application/javascript	142.250.186.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-144337024-1 Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f8.1e100.net Software Google Tag Manager / Resource Hash ba514c150be59bf229ffacfa7154119de1764e08cbfb555bcca965cd5a5b6ab7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38561 x-xss-protection 0 last-modified Mon, 18 Oct 2021 18:23:51 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 18 Oct 2021 18:54:47 GMT
GET H2	200	jquery.cookie.js Show response illiweb.com/rs3/32/frm/jquery/cookie/	1011 B 1 KB	71ms 25ms	Script application/x-javascript	172.67.150.97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://illiweb.com/rs3/32/frm/jquery/cookie/jquery.cookie.js Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.150.97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2867999 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block x-cache-ne MISS last-modified Wed, 09 Sep 2020 09:40:28 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNFBYDaaflp%2FCIc1HCLR6iQQjMFHbYmf%2FvQnXuttpekzRRGxXzbWjyBk4W9aqCbq9NpokGAKYoB8jfQJ6rsFzzHuwcb%2BsNR6bf5INDdb4VBCL4EbSzdF9m14fJgT5A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * cache-control max-age=31536000 x-cache-pr MISS cf-ray 6a03fa2b3bb732ab-CDG expires Thu, 15 Sep 2022 14:14:48 GMT
GET H2	200	FA_Embed.js Show response illiweb.com/rs3/32/frm/embed/	277 B 481 B	72ms 26ms	Script application/x-javascript	172.67.150.97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://illiweb.com/rs3/32/frm/embed/FA_Embed.js Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.150.97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 432bb74f6f65f0b392e4b531804bf529db2f58fa1868537599097f408c02b481 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2867999 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block x-cache-ne MISS last-modified Tue, 20 Apr 2021 14:17:00 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teDEUg0JhSlTxpo1HgH8mCKi4NAP1WhdDlIwjO6LxIfGK4U6906OA38cM4RGD%2F25fa4DX2HmercUII1%2BCxBj2iwoO2%2BVowIgd5P3EdnD9FUKY242WACJjODFO%2Biljw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * cache-control max-age=31536000 x-cache-pr MISS cf-ray 6a03fa2b3bb832ab-CDG expires Thu, 15 Sep 2022 14:14:48 GMT
GET H2	200	FAToolbar.js Show response illiweb.com/rs3/32/frm/jquery/toolbar/	25 KB 7 KB	72ms 26ms	Script application/x-javascript	172.67.150.97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://illiweb.com/rs3/32/frm/jquery/toolbar/FAToolbar.js Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.150.97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ff8044afebdbbbbb5a559611b54329cb4a5b0b63e5eaff1316eda2863092780 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2867999 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block x-cache-ne MISS last-modified Wed, 05 May 2021 12:01:16 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4GUQnXQV231vqsU7skOQKcnaYVumhSRkENoM%2F68cro9y3hzzxxGt3mlRVzuKewby01h3JUrx0vM5sbo8jV3l9xCzHGbCHvjc9UXTakxZnITPcPky2dVsD02fHjr%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * cache-control max-age=31536000 x-cache-pr MISS cf-ray 6a03fa2b3bb932ab-CDG expires Thu, 15 Sep 2022 14:14:48 GMT
GET H2	200	twemoji.min.js Show response twemoji.maxcdn.com/	15 KB 5 KB	32ms 6ms	Script application/javascript	23.111.9.57 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://twemoji.maxcdn.com/twemoji.min.js Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.57 Phoenix, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 637282f23b8352c04ecc9dd7b4e1ffb23f8102517d010afaa447b2fb889b689e Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-fastly-request-id 7505524065ba4c2424e06ce60bfb631e4d9b49a1 date Mon, 18 Oct 2021 18:54:47 GMT content-encoding gzip x-cache HIT powered-by MaxCDN last-modified Tue, 01 Jun 2021 07:52:48 GMT server NetDNA-cache/2.2 x-github-request-id 7B8A:6AC6:D8D1CF:E55596:6165DD54 etag W/"60b5e750-3bc8" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=2592000 permissions-policy interest-cohort=() x-origin-cache HIT x-proxy-cache MISS expires Wed, 17 Nov 2021 18:54:47 GMT
GET H2	200	empty.gif 2img.net/i/	43 B 594 B	101ms 46ms	Image image/gif	104.26.14.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://2img.net/i/empty.gif Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.14.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 475800 cf-polished status=not_needed strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 43 x-xss-protection 1; mode=block last-modified Mon, 09 May 2016 08:45:50 GMT server cloudflare etag "57304e3e-2b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWbyIxHPnCwnzo6WzAVo2nkVDSW6MFjFtro%2F%2FwlFeMvz%2BM5XVjIfpf8uVpDc7PoF4oDDGNHuZ4XIB4pM27uhBUV2A97a9nJ4Ao4gTipWwCTMa1PyzcukHWwQ"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 accept-ranges bytes cf-ray 6a03fa2c18dd53e6-LHR cf-bgj imgq:100,h2pri
GET H2	200	video-loader.js Show response cdn.avantisvideo.com/avm/js/	31 KB 11 KB	46ms 8ms	Script application/javascript	143.204.98.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.avantisvideo.com/avm/js/video-loader.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback= Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.120 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-120.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id 0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT content-encoding gzip last-modified Tue, 20 Apr 2021 09:58:31 GMT server AmazonS3 age 8841 etag W/"cb2b3e45ae50a1cfc9646f528ea92b50" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront) date Mon, 18 Oct 2021 16:27:27 GMT x-amz-cf-pop FRA50-C1 x-amz-cf-id FrngX7XkCviP7UqSd36I8KKwMrxXURY6uGiTJgM93cpoUcUkFf-Gng==
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 20 KB	87ms 25ms	Script text/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-144337024-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Oct 2021 16:38:54 GMT server Golfe2 age 470 date Mon, 18 Oct 2021 18:46:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Mon, 18 Oct 2021 20:46:57 GMT
GET H2	200	loader.js Show response cdn.taboola.com/libtrc/forumotion-en/	247 KB 27 KB	27ms 7ms	Script application/javascript	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/forumotion-en/loader.js Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash b9c311e85dfa60155eda6eeb8416ef4023dad5c4f06e4feb3cb9d687d13617c5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id X7f8RDSLo5Ja_OuxOPX54.ztbI1sFs0f content-encoding gzip etag "e60591605c031b9dc46c7b9765efc3ef" age 25295 x-cache HIT content-length 26936 x-amz-id-2 khGpzalG7fKr2VCVaLYTZ/jEMVDLWCtSqaCh/vmrF2IbGzVGtsbK+xb1b6y9Fq01xe7XCPt9EDA= x-served-by cache-hhn4021-HHN last-modified Mon, 18 Oct 2021 11:52:56 GMT server AmazonS3 x-timer S1634583288.679536,VS0,VE1 date Mon, 18 Oct 2021 18:54:47 GMT vary Accept-Encoding x-amz-request-id H38M9R49DJANB3RE via 1.1 varnish cache-control private,max-age=14401 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 71 x-cache-hits 1
GET H2	200	index.php Show response adstune.com/ap/ Frame 04EA	981 B 1 KB	105ms 55ms	Document text/html	104.21.74.105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adstune.com/ap/index.php?lang=en&dim=728x90 Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.74.105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a50d1755b8c3f9aea5c08fe911d70b71d9dccd626aff10cb19ec5a5bca6f9ea6 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority adstune.com :scheme https :path /ap/index.php?lang=en&dim=728x90 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://politicalhaven.forumotion.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ Response headers date Mon, 18 Oct 2021 18:54:47 GMT content-type text/html; charset=UTF-8 x-content-type-options nosniff x-xss-protection 1; mode=block access-control-allow-origin * x-cache-ne HIT strict-transport-security max-age=63072000; includeSubDomains; preload cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" set-cookie __cf_bm=5grCLXx4_mpG3zF.LxmZ1rijMXK8cM3KSgYJ4x5cjKw-1634583287-0-AfbYelg3vKM1HkPXxSI6md+7TIRhqvI3//sGemfHnCIEwzJOB4T8olNmMVqKT68thyt2KnKuB5ZrgdAAFbhQR3E=; path=/; expires=Mon, 18-Oct-21 19:24:47 GMT; domain=.adstune.com; HttpOnly; Secure; SameSite=None report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Diit4Lt16Bhs7Q8VpGw%2BrF6bywcOZP7p4KATni4lRQ7EIaTat25iHuDGyycCn%2FlbwVm%2BojWIXHUAf7PuJvckgaw4O8GcZvl5hRLUW6OQ24gRO%2FiimcJ0idLSS5Na5w%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a03fa2c38c5edeb-CDG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	empty.gif 2img.net/i/fa/	42 B 334 B	71ms 44ms	Image image/gif	104.26.14.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://2img.net/i/fa/empty.gif Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/2-ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.14.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 531239 cf-polished status=not_needed strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 42 x-xss-protection 1; mode=block last-modified Sat, 01 Jan 2005 00:00:00 GMT server cloudflare etag "41d5e800-2a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyIOzNChEcXcBcezrVRLNlnHh%2FwqfocMGVNJdWl3Q32CFVV%2F%2BZ%2BDBsAXtxRJ3XsRSlASf6ESJ4TdxjwsvoxCGSXv3bqGUuGwrdcOC%2FpbWSq5ZfmKvy8cusVe"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 accept-ranges bytes cf-ray 6a03fa2c18e353e6-LHR cf-bgj imgq:100,h2pri
GET H2	200	bg_header.gif 2img.net/i/fa/prosilver/	682 B 1 KB	69ms 42ms	Image image/gif	104.26.14.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://2img.net/i/fa/prosilver/bg_header.gif Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/2-ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.14.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6cdfe222dd349c5abe81b9b8c535d16c1c5d6b04950651558ca41d4078e30d00 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 531238 cf-polished status=not_needed strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 682 x-xss-protection 1; mode=block last-modified Sat, 01 Jan 2005 00:00:00 GMT server cloudflare etag "41d5e800-2aa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sA%2BB1%2BrB0xgn%2FUP6C94ORkTDv0cnMKLMozWZVkr2EbAtUVAuMi6g31s1msppbkY362c0HY4eKPSdsnnSkt9ygI0ex7I%2Fbk9DL39U0AVRUzzOUJw%2Bel4vfppE"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 accept-ranges bytes cf-ray 6a03fa2c18de53e6-LHR cf-bgj imgq:100,h2pri
GET H2	200	corners_left.gif 2img.net/i/fa/prosilver/	55 B 344 B	69ms 43ms	Image image/gif	104.26.14.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://2img.net/i/fa/prosilver/corners_left.gif Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/2-ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.14.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3c89e05bf4302b8521538f38f4117d88f59e34a3251b9daa330a1ac1bbfe23b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 531238 cf-polished status=not_needed strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 55 x-xss-protection 1; mode=block last-modified Sat, 01 Jan 2005 00:00:00 GMT server cloudflare etag "41d5e800-37" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHXqx%2FMCmJtu%2FvHcyJWIP%2Fgl%2FMF%2FfpYfNJhPXLqmyjnzRDyFzlmyS9dRkmcF1Egqu45mjTI5%2B6sfzFTNgLHcRWPbcMZKkQKl7uixwXBYdmPOWtPvCN9R0xMW"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 accept-ranges bytes cf-ray 6a03fa2c18e153e6-LHR cf-bgj imgq:100,h2pri
GET H2	200	corners_right.gif 2img.net/i/fa/prosilver/	54 B 361 B	71ms 44ms	Image image/gif	104.26.14.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://2img.net/i/fa/prosilver/corners_right.gif Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/2-ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.14.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e004ee77cdd0e83653c2bd53ed833fe6a25d73e2371ece3d081f1c2b16de2478 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 531238 cf-polished status=not_needed strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 54 x-xss-protection 1; mode=block last-modified Mon, 16 May 2016 11:00:36 GMT server cloudflare etag "5739a854-36" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C137reKPFaC8nCQZzcJtRXynp%2F5I8QZmZbnumcjdzED0Qju16HwDnVfSMGhluR98zeLEz%2B04tx%2FvXYu3gk3AUIvNWXQUuEQLnyTm8Wr8diXf2fkDS0cU%2F1Kp"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 accept-ranges bytes cf-ray 6a03fa2c18e053e6-LHR cf-bgj imgq:100,h2pri
GET H2	200	sprite_prosilver_navbar.png 2img.net/i/fa/	3 KB 3 KB	71ms 45ms	Image image/png	104.26.14.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://2img.net/i/fa/sprite_prosilver_navbar.png Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/2-ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.14.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 913bbda58746d2834fa514a1960eddd741c0dad41288fdcca43afb0203fde631 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 531238 cf-polished status=not_needed strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 2994 x-xss-protection 1; mode=block last-modified Mon, 16 May 2016 11:01:50 GMT server cloudflare etag "5739a89e-bb2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRjJBc0Eg%2BgKtEUFVpspjyHE9E1bcEDw8p6WJTs8SqLUwltT4RXTnlyqa2Cdl8z%2FkBtqn07cyjnf7783t84cjAP36tsLjVYpBXK0Urc4tqXKkjLsWP8c%2Ffpc"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 accept-ranges bytes cf-ray 6a03fa2c18e253e6-LHR cf-bgj imgq:100,h2pri
GET H2	200	bg_button.gif 2img.net/i/fa/prosilver/	174 B 462 B	64ms 43ms	Image image/gif	104.26.14.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://2img.net/i/fa/prosilver/bg_button.gif Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/2-ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.14.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e8a79a702c74305fd3a2a0e10d8fadc1752d72ea159b0a4b25825acf3ef42ad Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 531223 cf-polished status=not_needed strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 174 x-xss-protection 1; mode=block last-modified Sat, 01 Jan 2005 00:00:00 GMT server cloudflare etag "41d5e800-ae" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JBZy9%2Fl9yKVKjGsedDMw3C1ZxW%2B9IjvpjMv9g17309hKkAcvuDxkfFc35ESVbKAlqN8sFdyVX62rK1CZM9Nr1kB7wpxzK9wfsV8hKXxLVd5ufN6ZERzfeig"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 accept-ranges bytes cf-ray 6a03fa2c18da53e6-LHR cf-bgj imgq:100,h2pri
GET H2	200	haven_10.jpg i.servimg.com/u/f65/20/30/67/40/	65 KB 66 KB	86ms 34ms	Image image/jpeg	172.67.131.103 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.servimg.com/u/f65/20/30/67/40/haven_10.jpg Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.131.103 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88393dc0833fd04f758c5e8272a01b1178fc9358bd011e4e389b5e8127a53287 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1093250 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 66611 x-xss-protection 1; mode=block last-modified Wed, 17 Mar 2021 23:32:32 GMT server cloudflare etag "60529190-10433" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KB%2FSLBPLi7Yq0Vme59Jea%2F1ddzvCQNh0Dz%2Bt3OvN4MIyaCh%2FJ6r4Rfc9e6YZ%2F8zXvFuRe%2Brzul7YBc8Y%2Bn1TH2xdQTM7JJjEa%2FFkNfaYLHTKFApteF4DBaPPBfJbCvll"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=31536000 accept-ranges bytes cf-ray 6a03fa2c5ed640e9-LHR expires Thu, 06 Oct 2022 03:13:57 GMT
GET H2	200	sprite_icons.png 2img.net/i/fa/	1 KB 2 KB	45ms 45ms	Image image/png	104.26.14.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://2img.net/i/fa/sprite_icons.png Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/2-ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.14.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b621467f74054e2999a7e213edf26895f9639e255f7c11b2047509fd0879f6c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 531239 cf-polished status=not_needed strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1459 x-xss-protection 1; mode=block last-modified Mon, 16 May 2016 11:01:49 GMT server cloudflare etag "5739a89d-5b3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1F66L%2FsIiyojkdzHvyToIVQKgKgrTG2%2Fe%2FXba%2BrjnJCvAg8O2TUhWsaDMA42p%2FJYhyMZay9eOhZP72oPV9d5gMNcRuNFBPc38g0dReB9uwUmhwKtgePWqP1g"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 accept-ranges bytes cf-ray 6a03fa2c18e553e6-LHR cf-bgj imgq:100,h2pri
GET H2	200	53-39.jpg 2img.net/u/4115/44/71/46/avatars/	24 KB 24 KB	148ms 148ms	Image image/jpeg	104.26.14.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://2img.net/u/4115/44/71/46/avatars/53-39.jpg Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.14.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36f18b689ec79094f55c79b659978adb337d2b2e4ce5feffdaa090070cec3df4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 24231 x-xss-protection 1; mode=block last-modified Mon, 14 Jun 2021 18:47:48 GMT server cloudflare etag "60c7a454-5ea7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wtIMGCZkuq%2BZDiobLLDBVlmmWc3qD0jHkPOCLh%2BNPO9XWpUuT9U14Yx7Aksn7Hkt11Y1%2BCx9yBUD6baR17Ool55lqBjCWlI7oOCNaOCSGk9BMbqW8AMvReO"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes cf-ray 6a03fa2c392653e6-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	143 KB 50 KB	115ms 54ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 2c85db4653cf968b38cb67c76d479401c5f8be83910f42be8a3465859ce24e59 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 50941 x-xss-protection 0 server cafe etag 9378684769864536750 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Mon, 18 Oct 2021 18:54:47 GMT
GET H2	200	vglnk.js Show response cdn.viglink.com/api/	81 KB 28 KB	72ms 24ms	Script text/javascript	104.16.160.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.viglink.com/api/vglnk.js Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.160.13 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT content-encoding gzip cf-cache-status HIT age 940495 cf-ray 6a03fa2c8dc8c4d1-DUS content-length 28567 x-amz-id-2 ptbA00CuV/bZqj0ahYDMdW1LOzqKO3y6TSYpkNHgYjoEZR7sy/MEi0cbJnTcVIJe3dou0FOA+1s= last-modified Wed, 02 Dec 2020 18:57:12 GMT server cloudflare etag "072eaf64a771815874455704fca9301b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id JR6A86Y4TCVV27Z5 cache-control public, max-age=604800 accept-ranges bytes content-type text/javascript expires Mon, 25 Oct 2021 18:54:47 GMT
GET H2	200	toolbar.png 2img.net/i/fa/i/toolbar/	11 KB 11 KB	26ms 26ms	Image image/png	104.26.14.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://2img.net/i/fa/i/toolbar/toolbar.png Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/2-ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.14.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be829da434dbe7a5719faeb28277229a36314202fb4553b4e87b12298100a133 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 531229 cf-polished origSize=11066 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 10894 x-xss-protection 1; mode=block last-modified Mon, 16 May 2016 08:34:44 GMT server cloudflare etag "57398624-2b3a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtH4%2FeEEUm7htkaPF3vThZgQC8piHTsCLnLtQMr8uV7bTk0p7cp2JPTDEk5pG8Wh3HTLGP6uwznwfHQisRwADVWQoNtwMLeWmUfOQyWajb1kk1SFPZTdEEpx"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 accept-ranges bytes cf-ray 6a03fa2c494c53e6-LHR cf-bgj imgq:100,h2pri
GET H2	200	pa0.png 2img.net/i/fa/i/toolbar/	1 KB 1 KB	24ms 23ms	Image image/png	104.26.14.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://2img.net/i/fa/i/toolbar/pa0.png Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/2-ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.14.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d9ec80f2c1316c1d793007aa535ad6f381cce1ed7446881a768b9baee45972b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 531205 cf-polished origSize=1087 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1084 x-xss-protection 1; mode=block last-modified Mon, 16 May 2016 08:34:43 GMT server cloudflare etag "57398623-43f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07y2roEFfNuw0LPGoG%2FA0EkNuqP0aQ9gZguGKDKzFDKxoyJ5UKxpOEprJrhx3OPwPvvrdBuZv2y5Hb8OD0MrNmYTfFVzNnvt%2BiH%2FBAhfadZAZ1MDMdA6zDF7"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 accept-ranges bytes cf-ray 6a03fa2c494d53e6-LHR cf-bgj imgq:100,h2pri
GET H2	200	connect.js Show response connect.topicit.net/scripts/	3 KB 2 KB	69ms 25ms	Script application/javascript	172.67.158.56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://connect.topicit.net/scripts/connect.js Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.158.56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4033 cf-polished origSize=5437 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 27 Aug 2019 14:04:48 GMT server cloudflare etag W/"5d653880-153d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjeKBAedj%2F7gRLjvtYfL4RsXPvfaTXGSB%2BMS%2BbNh23I9n6NN1b3z%2FsyUH9MKIK5pJDWUn7qiRJ54uTOaQYzlZnXTF%2FdQ4FrUE3N0y4feTkJaXu42Bkk%2F9Dgz%2Bw%2Bg3q8zUZ8jN%2FDX"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=86400 cf-ray 6a03fa2c9bc8ee89-CDG cf-bgj minify
GET H2	200	abc.txt Show response static.avantisvideo.com/data/	21 KB 6 KB	57ms 18ms	XHR text/plain	143.204.98.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.avantisvideo.com/data/abc.txt Requested by Host: cdn.avantisvideo.com URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.41 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-41.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash fb4f96191bf722206b3b8c2088db4abbee686fedfa2017a61e4e5c1c390045c9 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers date Mon, 18 Oct 2021 09:05:57 GMT content-encoding gzip last-modified Mon, 18 Oct 2021 08:15:45 GMT server AmazonS3 age 35331 etag W/"ddfd431b0ef2b7070e3a840df5a95bff" vary Accept-Encoding,Origin access-control-allow-methods GET content-type text/plain access-control-allow-origin https://politicalhaven.forumotion.com access-control-allow-credentials true x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 x-amz-cf-id Uix0-vPy2z19Mfdf3wzJZTpIb3wdwcrh_H6FulXVTvg9QoI7-1ld7Q== via 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
GET H2	200	impl.20211018-3-RELEASE.js Show response cdn.taboola.com/libtrc/	593 KB 121 KB	13ms 13ms	Script application/javascript	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20211018-3-RELEASE.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/forumotion-en/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3-br / Resource Hash 6695c801cf8148c84afdf77d344d5be45623f8af561ebf2e6b912f1ea25eb4e8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id Xs0hQr95c.1tPGGGyOmoSUnfUE3uB_dQ content-encoding br etag "ac1fd6dbfb2257b5d28a7cf1485e10f4" age 25822 x-cache HIT content-length 123547 x-amz-id-2 TBFVunRDKumJMfZ/dAipgiQB7rPB9RLWeB7FHWHk5ckXysTntcnb7z+JXsz+Pj8HAkmDIFv4Al0= x-served-by cache-hhn4021-HHN last-modified Mon, 18 Oct 2021 11:44:25 GMT server AmazonS3-br x-timer S1634583288.751685,VS0,VE0 date Mon, 18 Oct 2021 18:54:47 GMT vary Accept-Encoding x-amz-request-id KD1S3N1T5VSV87FA via 1.1 varnish cache-control private,max-age=31536000 accept-ranges bytes content-type application/javascript abp 86 x-cache-hits 21991
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 216 B	30ms 29ms	XHR text/plain	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&a=437872538&t=pageview&_s=1&dl=https%3A%2F%2Fpoliticalhaven.forumotion.com%2Ft2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations&ul=en-us&de=UTF-8&dt=Bombshell%20lawsuit%20charges%20vaccine%20deaths%20being%20concealed%20Insider%20reports%20at%20least%2045%2C000%20dead%20from%20COVID%20vaccinations&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1099949514&gjid=243004332&cid=1805141060.1634583288&tid=UA-144337024-1&_gid=1019311709.1634583288&_r=1&gtm=2ouad0&z=1881308030 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://politicalhaven.forumotion.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	check Show response choices.consentframework.com/api/v1/public/profile/	17 B 599 B	42ms 42ms	Fetch application/json	212.83.160.162 Online SAS
General Check archive.org Show headers Download Go to Full URL https://choices.consentframework.com/api/v1/public/profile/check?origin=https://politicalhaven.forumotion.com Requested by Host: choices.consentframework.com URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.83.160.162 , France, ASN12876 (Online SAS, FR), Reverse DNS 212-83-160-162.rev.poneytelecom.eu Software nginx/1.11.3 / Resource Hash ab140244cd2fd2892fec183c503c0f9522f9935f5e6c5ace01e92924a7e2e90e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:54:47 GMT Server nginx/1.11.3 Strict-Transport-Security max-age=15724800; includeSubDomains; preload Access-Control-Allow-Methods GET,OPTIONS Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://politicalhaven.forumotion.com Cache-Control private, max-age=86400 Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin Content-Length 17 X-Xss-Protection 0
GET H2	200	u_d.html Show response cdn1.avantisvideo.com/connect/ Frame CBBC	42 KB 15 KB	23ms 8ms	Document text/html	143.204.98.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn1.avantisvideo.com/connect/u_d.html Requested by Host: cdn.avantisvideo.com URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.120 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-120.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038 Request headers :method GET :authority cdn1.avantisvideo.com :scheme https :path /connect/u_d.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://politicalhaven.forumotion.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ Response headers content-type text/html last-modified Tue, 30 Mar 2021 10:01:49 GMT x-amz-version-id Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q server AmazonS3 content-encoding gzip date Mon, 18 Oct 2021 11:19:14 GMT etag W/"f5694815436f3e426c35d9ae8274ad04" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id DKlhpPgVSXjGt-MXoviYZo-C5JyNWb9iqEVScR43hUGhXSWRH1T8Fg== age 27334
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 472 B	72ms 24ms	XHR text/plain	66.102.1.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-144337024-1&cid=1805141060.1634583288&jid=1099949514&gjid=243004332&_gid=1019311709.1634583288&_u=YEBAAUAAAAAAAC~&z=184953226 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.102.1.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS wb-in-f156.1e100.net Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 18 Oct 2021 18:54:47 GMT content-type text/plain access-control-allow-origin https://politicalhaven.forumotion.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame 04EA	95 KB 38 KB	67ms 33ms	Script application/javascript	142.250.186.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-121629819-1 Requested by Host: adstune.com URL: https://adstune.com/ap/index.php?lang=en&dim=728x90 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f8.1e100.net Software Google Tag Manager / Resource Hash 896bdc4f9035749d798c78d821fc0ac5a33b837270d4046f3bc857dc52289eb6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://adstune.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38561 x-xss-protection 0 last-modified Mon, 18 Oct 2021 18:23:51 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 18 Oct 2021 18:54:47 GMT
GET H3	200	mag-forumotion-2.png adstune.com/ap/en/728x90/ Frame 04EA	11 KB 11 KB	48ms 27ms	Image image/png	104.21.74.105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://adstune.com/ap/en/728x90/mag-forumotion-2.png Requested by Host: adstune.com URL: https://adstune.com/ap/index.php?lang=en&dim=728x90 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.74.105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2e3dd46bc9df3afc99bcda7d3b599257a31e67645384f2a2d572d0de848dcd2 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://adstune.com/ap/index.php?lang=en&dim=728x90 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7903488 strict-transport-security max-age=63072000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 10966 x-xss-protection 1; mode=block last-modified Mon, 09 Oct 2017 09:26:26 GMT server cloudflare etag "59db40c2-2ad6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAZtgSEZAUKCs97xGVRznLo9HIPwrL4ISEj4%2BcxWwt%2BdaHV7biwbdehjRr4SuuWlERd19EPVpNys5lXx0Zu1H2A2vLsYXZ2EDDGYV8TlbypeFlH%2BpgxiW%2B4mfACafw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 6a03fa2d28bc3b6d-CDG expires Tue, 19 Jul 2022 07:29:59 GMT
POST H/1.1	200 OK	ping Show response api.viglink.com/api/	242 B 704 B	132ms 36ms	XHR text/javascript	52.209.52.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.viglink.com/api/ping Requested by Host: cdn.viglink.com URL: https://cdn.viglink.com/api/vglnk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.52.64 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-52-64.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash 4d1cc9f1542c5432aa6f834962b4a808046f38d7328452a2d63d03061eeb0647 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Pragma no-cache Date Mon, 18 Oct 2021 18:54:47 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Access-Control-Allow-Origin https://politicalhaven.forumotion.com Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/javascript;charset=UTF-8 Content-Length 242 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	user Show response choices.consentframework.com/api/v1/public/consent-string/	50 B 408 B	55ms 19ms	Fetch application/json	212.83.160.162 Online SAS
General Check archive.org Show headers Download Go to Full URL https://choices.consentframework.com/api/v1/public/consent-string/user Requested by Host: choices.consentframework.com URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.83.160.162 , France, ASN12876 (Online SAS, FR), Reverse DNS 212-83-160-162.rev.poneytelecom.eu Software nginx/1.11.3 / Resource Hash ba21dddd05987d4ee5834d4e72ab8c676a2d7d0387cb0f6632f7b6a0b80e94a2 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:54:47 GMT Server nginx/1.11.3 Strict-Transport-Security max-age=15724800; includeSubDomains; preload Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers content-type Content-Length 50 Expires Tue, 19 Oct 2021 18:54:47 GMT
OPTIONS H2	204	geoip avm.avantisvideo.com/api/v1/ Frame	0 0	189ms 152ms	Preflight	143.204.98.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://avm.avantisvideo.com/api/v1/geoip Protocol H2 Server 143.204.98.101 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-101.fra50.r.cloudfront.net Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://cdn1.avantisvideo.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Mon, 18 Oct 2021 18:54:47 GMT content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-dns-prefetch-control off expect-ct max-age=0 x-frame-options SAMEORIGIN strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen x-content-type-options nosniff x-permitted-cross-domain-policies none referrer-policy no-referrer x-xss-protection 0 vary Origin access-control-allow-origin https://cdn1.avantisvideo.com access-control-allow-credentials true access-control-allow-methods GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers content-type x-cache Miss from cloudfront via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id Sqroh4ymJEFGPQ4rh61OFLOxmUNG2txYwdJLLY8jGshVKm-gzxbVJw==
GET H2	200	geoip Show response avm.avantisvideo.com/api/v1/ Frame CBBC	122 B 875 B	154ms 154ms	XHR application/json	143.204.98.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://avm.avantisvideo.com/api/v1/geoip Requested by Host: cdn1.avantisvideo.com URL: https://cdn1.avantisvideo.com/connect/u_d.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.101 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-101.fra50.r.cloudfront.net Software / Resource Hash ffdf41a4451bcab05c99913fd41890210327a9354731ae8f4b9407dd30354538 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://cdn1.avantisvideo.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/json Response headers content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront) x-content-type-options nosniff x-permitted-cross-domain-policies none x-amz-cf-pop FRA50-C1 x-dns-prefetch-control off x-cache Miss from cloudfront vary Origin content-length 122 x-xss-protection 0 referrer-policy no-referrer x-frame-options SAMEORIGIN date Mon, 18 Oct 2021 18:54:48 GMT expect-ct max-age=0 strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen content-type application/json; charset=utf-8 access-control-allow-origin https://cdn1.avantisvideo.com access-control-allow-credentials true x-amz-cf-id JmcgCOjzPzE-HDa7Pts5CxoYOhiSKRsnREuyXrRiC2njg47Hor02vA==
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/ Frame BC4B	10 KB 5 KB	78ms 24ms	Document text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20211013/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://politicalhaven.forumotion.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Sun, 17 Oct 2021 21:27:24 GMT expires Sun, 31 Oct 2021 21:27:24 GMT content-type text/html; charset=UTF-8 etag 9069739545958607985 x-content-type-options nosniff content-encoding gzip server cafe content-length 4691 x-xss-protection 0 age 77243 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	native_render.js Show response superonclick.com/script/	4 KB 2 KB	77ms 26ms	Script application/javascript	172.67.189.120 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://superonclick.com/script/native_render.js Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.189.120 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-goog-hash crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ== date Mon, 18 Oct 2021 18:54:47 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3596 x-guploader-uploadid ADPycdtRSpJ6lzJyWzxo5QGz_uojW_ye99pGR7Fm4oGMjkqzJhviCCy4ES0N1khS0FwbjUQox-8yKu95FqS6mqAAe1SESPVOOg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 13 Feb 2019 10:15:50 GMT server cloudflare etag W/"8b801d68c6f63f9ef8a9a7aa484b9c75" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNGhrICZ3BP7J3z%2Bri2hxFdY3dOxGLCHRgq39oubWWnUssjlmdjOr%2BRabglDINe9A5o5PBwSeor7XNmQLHbJkhEFBxuo1l%2F40xpu2Z5K70F4e8rwq5PSsZbxtx%2BcfJijuKFl"}],"group":"cf-nel","max_age":604800} x-goog-generation 1550052950916101 access-control-allow-origin * content-type application/javascript cache-control public, max-age=14400 x-goog-stored-content-length 4285 cf-ray 6a03fa2da870002a-LHR expires Mon, 18 Oct 2021 18:54:51 GMT
GET H2	200	native_server.js Show response superonclick.com/script/	9 KB 3 KB	78ms 27ms	Script application/javascript	172.67.189.120 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://superonclick.com/script/native_server.js Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.189.120 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-goog-hash crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw== date Mon, 18 Oct 2021 18:54:47 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3596 x-guploader-uploadid ABg5-UxGqIENyRS6NjZ9zWziuBrKt-52xQuwqR2HX2i-OMmULdjJX4QIvt-mpQFY20XxbXDdUQwi5tNyHF6rmbsdii8 x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 13 Feb 2019 10:15:52 GMT server cloudflare etag W/"51d87e9ebd831fccab6a016079a60793" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZo3u9eOtznEaQ6DV3RhJISHh7%2F79MNvEH8ZIRwRIA00UyqC2KosVdh2GhSYTyajr5036HCit%2BiW8HvYSBpa5yWKibhSOVrtIzzmJeQUGLuIACsH3Nj7KLXJW1oDUTmxQIa2"}],"group":"cf-nel","max_age":604800} x-goog-generation 1550052952705094 access-control-allow-origin * content-type application/javascript cache-control public, max-age=14400 x-goog-stored-content-length 9260 cf-ray 6a03fa2da872002a-LHR expires Mon, 18 Oct 2021 18:54:51 GMT
GET H/1.1	200 OK	tcstring Show response choices.consentframework.com/api/v1/public/v2/	25 B 573 B	22ms 21ms	Fetch application/json	212.83.160.162 Online SAS
General Check archive.org Show headers Download Go to Full URL https://choices.consentframework.com/api/v1/public/v2/tcstring Requested by Host: choices.consentframework.com URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.83.160.162 , France, ASN12876 (Online SAS, FR), Reverse DNS 212-83-160-162.rev.poneytelecom.eu Software nginx/1.11.3 / Resource Hash 6d24890b5608b6d182f02198897f50f220a40b66a08751a443ac714bf6f86602 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:54:47 GMT Server nginx/1.11.3 Strict-Transport-Security max-age=15724800; includeSubDomains; preload Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://politicalhaven.forumotion.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin Content-Length 25 X-Xss-Protection 0
GET H2	200	ga-audiences www.google.com/ads/	42 B 522 B	97ms 47ms	Image image/gif	142.250.186.36 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-144337024-1&cid=1805141060.1634583288&jid=1099949514&_u=YEBAAUAAAAAAAC~&z=141098522 Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 522 B	96ms 45ms	Image image/gif	142.250.74.195 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-144337024-1&cid=1805141060.1634583288&jid=1099949514&_u=YEBAAUAAAAAAAC~&z=141098522 Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Mon, 18 Oct 2021 18:54:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H/1.1	200 OK	consent-string choices.consentframework.com/api/v1/public/ Frame	0 0	18ms 18ms	Preflight	212.83.160.162 Online SAS
General Check archive.org Show headers Download Go to Full URL https://choices.consentframework.com/api/v1/public/consent-string Protocol HTTP/1.1 Server 212.83.160.162 , France, ASN12876 (Online SAS, FR), Reverse DNS 212-83-160-162.rev.poneytelecom.eu Software nginx/1.11.3 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://politicalhaven.forumotion.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx/1.11.3 Date Mon, 18 Oct 2021 18:54:47 GMT Content-Length 0 Connection keep-alive Access-Control-Allow-Headers content-type Access-Control-Allow-Origin * Strict-Transport-Security max-age=15724800; includeSubDomains; preload
POST H/1.1	200 OK	consent-string Show response choices.consentframework.com/api/v1/public/	237 B 556 B	45ms 25ms	Fetch application/json	212.83.160.162 Online SAS
General Check archive.org Show headers Download Go to Full URL https://choices.consentframework.com/api/v1/public/consent-string Requested by Host: choices.consentframework.com URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.83.160.162 , France, ASN12876 (Online SAS, FR), Reverse DNS 212-83-160-162.rev.poneytelecom.eu Software nginx/1.11.3 / Resource Hash 822f6c644ab1aac8d172a3f378fe564371158c38c1bddbe05e66f110c5a66997 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers Accept application/json Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/json Response headers Date Mon, 18 Oct 2021 18:54:48 GMT Server nginx/1.11.3 Strict-Transport-Security max-age=15724800; includeSubDomains; preload Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers content-type Content-Length 237
GET H/1.1	200 OK	GS.d Show response js.cookieless-data.com/	0 535 B	72ms 22ms	Script text/plain	51.158.29.13 Online SAS
General Check archive.org Show headers Download Go to Full URL https://js.cookieless-data.com/GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fpoliticalhaven.forumotion.com%2Ft2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations&r=&rand=1634583287960&gdpr=1&gdpr_consent=CPOSZ2vPOSZ2vBcAIBDEBxCgAAAAAH_AAAYgIDwAAQHgUAALAAeABUADIAHAAQAAkABjADQANQAeAA-gCIAIoATAAngBWAC-AGIAOYAfgBCACYAFKAP0AgYBCACLAFLAKuAXUAwIBogDXgG0APIAj0BMQC8wGCAMkAcoAAA&globalscope=false&cookieless_optout=0&tbp=true Requested by Host: choices.consentframework.com URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.158.29.13 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 51-158-29-13.rev.poneytelecom.eu Software nginx/1.11.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Mon, 18 Oct 2021 18:54:48 GMT Server nginx/1.11.3 Strict-Transport-Security max-age=15724800; includeSubDomains; preload P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 0 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT
POST H/1.1	200 OK	user-action Show response choices.consentframework.com/api/v1/public/	0 270 B	21ms 21ms	Fetch	212.83.160.162 Online SAS
General Check archive.org Show headers Download Go to Full URL https://choices.consentframework.com/api/v1/public/user-action Requested by Host: choices.consentframework.com URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.83.160.162 , France, ASN12876 (Online SAS, FR), Reverse DNS 212-83-160-162.rev.poneytelecom.eu Software nginx/1.11.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers Accept application/json Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/json Response headers Access-Control-Allow-Origin * Date Mon, 18 Oct 2021 18:54:48 GMT Server nginx/1.11.3 Connection keep-alive Access-Control-Allow-Headers content-type Content-Length 0 Strict-Transport-Security max-age=15724800; includeSubDomains; preload
OPTIONS H/1.1	200 OK	user-action choices.consentframework.com/api/v1/public/ Frame	0 0	36ms 20ms	Preflight	212.83.160.162 Online SAS
General Check archive.org Show headers Download Go to Full URL https://choices.consentframework.com/api/v1/public/user-action Protocol HTTP/1.1 Server 212.83.160.162 , France, ASN12876 (Online SAS, FR), Reverse DNS 212-83-160-162.rev.poneytelecom.eu Software nginx/1.11.3 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://politicalhaven.forumotion.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx/1.11.3 Date Mon, 18 Oct 2021 18:54:47 GMT Content-Length 0 Connection keep-alive Access-Control-Allow-Headers content-type Access-Control-Allow-Origin * Strict-Transport-Security max-age=15724800; includeSubDomains; preload
GET H3	200	analytics.js Show response www.google-analytics.com/ Frame 04EA	48 KB 19 KB	21ms 20ms	Script text/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-121629819-1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://adstune.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Oct 2021 16:38:54 GMT server Golfe2 age 470 date Mon, 18 Oct 2021 18:46:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Mon, 18 Oct 2021 20:46:57 GMT
GET H/1.1	200 OK	sync.js Show response api.viglink.com/api/	43 B 390 B	34ms 33ms	Script image/gif	52.209.52.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.viglink.com/api/sync.js?key=0d80ae9fe71cec9484f682bd59232f9e Requested by Host: cdn.viglink.com URL: https://cdn.viglink.com/api/vglnk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.52.64 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-52-64.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Mon, 18 Oct 2021 18:54:47 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Cache-Control no-cache, no-store Connection keep-alive Content-Type image/gif;charset=UTF-8 Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	sync.gif api.viglink.com/api/	43 B 390 B	91ms 31ms	Image image/gif	52.209.52.64 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://api.viglink.com/api/sync.gif?key=0d80ae9fe71cec9484f682bd59232f9e Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.52.64 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-52-64.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Mon, 18 Oct 2021 18:54:47 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Cache-Control no-cache, no-store Connection keep-alive Content-Type image/gif;charset=UTF-8 Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT
POST H/1.1	200 OK	domains Show response api.viglink.com/api/	41 B 502 B	57ms 32ms	XHR text/javascript	52.209.52.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.viglink.com/api/domains Requested by Host: cdn.viglink.com URL: https://cdn.viglink.com/api/vglnk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.52.64 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-52-64.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash 3b15c3b5947a862573ec7df3036b34c5cc2ee03f3cda91d610ff83504089cb26 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Pragma no-cache Date Mon, 18 Oct 2021 18:54:47 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Access-Control-Allow-Origin https://politicalhaven.forumotion.com Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/javascript;charset=UTF-8 Content-Length 41 Expires Thu, 01 Jan 1970 00:00:00 GMT
POST H/1.1	200 OK	domains Show response api.viglink.com/api/	42 B 503 B	54ms 31ms	XHR text/javascript	52.209.52.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.viglink.com/api/domains Requested by Host: cdn.viglink.com URL: https://cdn.viglink.com/api/vglnk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.52.64 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-52-64.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash 3ce6ef62e62e4b3dd115e43efc2ef304913fc47b567fe95985de5b80a79d0cd8 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Pragma no-cache Date Mon, 18 Oct 2021 18:54:47 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Access-Control-Allow-Origin https://politicalhaven.forumotion.com Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/javascript;charset=UTF-8 Content-Length 42 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame AF4C	291 B 590 B	49ms 16ms	Document text/html	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=politicalhaven.forumotion.com&gdpr=1&gdpr_consent= Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority gum.criteo.com :scheme https :path /syncframe?origin=publishertag&topUrl=politicalhaven.forumotion.com&gdpr=1&gdpr_consent= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://politicalhaven.forumotion.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ Response headers cache-control private, max-age=0 content-type text/html; charset=utf-8 content-encoding gzip vary Accept-Encoding strict-transport-security max-age=31536000 cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp server-processing-duration-in-ticks 341 date Mon, 18 Oct 2021 18:54:47 GMT content-length 321
GET H2	200	identify.html Show response ufpcdn.com/script/ Frame 220E	2 KB 2 KB	182ms 145ms	Document text/html	104.21.46.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ufpcdn.com/script/identify.html?frmt=0 Requested by Host: superonclick.com URL: https://superonclick.com/script/native_server.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.210 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a Request headers :method GET :authority ufpcdn.com :scheme https :path /script/identify.html?frmt=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://politicalhaven.forumotion.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ Response headers date Mon, 18 Oct 2021 18:54:48 GMT content-type text/html last-modified Tue, 15 May 2018 06:39:25 GMT cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" set-cookie __cf_bm=72ZYd0WaMI88hqllptGNy65ZtxfvzykSiT6yd8X0wKw-1634583288-0-AdunAZfNRcJxxsNkeG5W3okyfqZ+fcNsuoyTnA3uLe+btv8X6AzKjClXcTbZh5HgZ0CokbnROkraCsl4rwuDP0Y=; path=/; expires=Mon, 18-Oct-21 19:24:48 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsGWwY%2FuU5OgmIhloH1ynx4gOPRvQ9hxB1VvRBlmfUqz59JOqBBfnGnVANIJEvlRx%2Bo7NDrRalHA1fXfm7Yf8FTOqEfYt1BzqG5EJyGbKHF%2B31Tdqw4uUSB8nehI"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a03fa2f2ac6edbf-CDG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	video-loader2.1-cr.js Show response cdn.avantisvideo.com/js/	135 KB 40 KB	16ms 16ms	Script application/javascript	143.204.98.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?tagId=24&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback= Requested by Host: cdn.avantisvideo.com URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.120 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-120.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 7547cc4136d85f6f707a7bec1d8460125224661fe2eed9d4e06b2120db4eb50e Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:56:47 GMT content-encoding gzip last-modified Mon, 18 Oct 2021 07:56:42 GMT server AmazonS3 age 39482 etag W/"7f4b31b74ea05bb6f172063654aab640" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id aFbl1EItinc5qlnE52nOcWj36Ovekj0Z via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 content-type application/javascript x-amz-cf-id G4RRcfQTICUFEXhPsdd06rrrgqeW5bfR8IgsAGSG8OUvfSCgs6EYpQ==
POST H2	204	/ events1.avantisvideo.com/	0 35 B	765ms 402ms	Ping text/plain	52.42.241.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events1.avantisvideo.com/ Requested by Host: cdn.avantisvideo.com URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?tagId=24&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-42-241-136.us-west-2.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 18 Oct 2021 18:54:48 GMT
POST H2	204	/ events1.avantisvideo.com/	0 34 B	765ms 403ms	Ping text/plain	52.42.241.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events1.avantisvideo.com/ Requested by Host: cdn.avantisvideo.com URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?tagId=24&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-42-241-136.us-west-2.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 18 Oct 2021 18:54:48 GMT
GET H2	200	t Show response avm.avantisvideo.com/api/v1/tag/f4ae7e78-7270-4715-b468-988c541b35d8/24/desktop/generate/	1 KB 1 KB	158ms 158ms	XHR text/plain	143.204.98.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://avm.avantisvideo.com/api/v1/tag/f4ae7e78-7270-4715-b468-988c541b35d8/24/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fpoliticalhaven.forumotion.com%2Ft2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations&eu=true&country=DE&hour=18&amp=false Requested by Host: cdn.avantisvideo.com URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?tagId=24&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.101 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-101.fra50.r.cloudfront.net Software / Resource Hash 047e790252f7e309aae82377429ee5cfb08c1eebeeaaf8f8fdb5424c3bc653b4 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/json Response headers date Mon, 18 Oct 2021 18:54:48 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none x-amz-cf-pop FRA50-C1 x-dns-prefetch-control off x-cache Miss from cloudfront vary Accept-Encoding, Origin x-xss-protection 0 access-control-allow-origin https://politicalhaven.forumotion.com referrer-policy no-referrer x-frame-options SAMEORIGIN expect-ct max-age=0 strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen content-type text/plain; charset=utf-8 via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront) access-control-allow-credentials true content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-amz-cf-id LrGPmYxDrMhZmgYGMZq4hATYQpqg-qmUijhh1zrJNTQRY2vjVM7K1Q==
OPTIONS H2	204	t avm.avantisvideo.com/api/v1/tag/f4ae7e78-7270-4715-b468-988c541b35d8/24/desktop/generate/ Frame	0 0	157ms 156ms	Preflight	143.204.98.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://avm.avantisvideo.com/api/v1/tag/f4ae7e78-7270-4715-b468-988c541b35d8/24/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fpoliticalhaven.forumotion.com%2Ft2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations&eu=true&country=DE&hour=18&amp=false Protocol H2 Server 143.204.98.101 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-101.fra50.r.cloudfront.net Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://politicalhaven.forumotion.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Mon, 18 Oct 2021 18:54:48 GMT content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-dns-prefetch-control off expect-ct max-age=0 x-frame-options SAMEORIGIN strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen x-content-type-options nosniff x-permitted-cross-domain-policies none referrer-policy no-referrer x-xss-protection 0 vary Origin access-control-allow-origin https://politicalhaven.forumotion.com access-control-allow-credentials true access-control-allow-methods GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers content-type x-cache Miss from cloudfront via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id 85z1q9sXjhfrHSG-3jrfwQDA2q1-uiOgr9rBAz69f2rmxQlcPHzQJg==
GET H2	204	native.php Show response discovernative.com/script/	0 71 B	191ms 139ms	Script text/plain	130.211.31.231 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://discovernative.com/script/native.php?nwpsv=1&r=3133087&cbrandom=0.8011119350504021&cbWidth=1600&cbHeight=1200&cbtitle=Bombshell%20lawsuit%20charges%20vaccine%20deaths%20being%20concealed%20Insider%20reports%20at%20least%2045%2C000%20dead%20from%20COVID%20vaccinations&cbref=&cbdescription=Attorney%20Thomas%20Renz%20filed%20a%20lawsuit%20in%20federal%20court%20in%20Alabama%20on%20July%2019%20that%20alleges%20a%20massive%20government%20cover-up%20of%20vaccination-related%20U.S.%20deaths%20that%20n&cbkeywords=&cbiframe=0&&ufp=1609394538590086322898839226&callback=jsonp462235 Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.31.231 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 231.31.211.130.bc.googleusercontent.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers access-control-allow-origin * date Mon, 18 Oct 2021 18:54:48 GMT via 1.1 google server openresty alt-svc clear
GET H2	204	native.php Show response discovernative.com/script/	0 39 B	185ms 141ms	Script text/plain	130.211.31.231 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://discovernative.com/script/native.php?nwpsv=1&r=3133087&cbrandom=0.9748345924566839&cbWidth=1600&cbHeight=1200&cbtitle=Bombshell%20lawsuit%20charges%20vaccine%20deaths%20being%20concealed%20Insider%20reports%20at%20least%2045%2C000%20dead%20from%20COVID%20vaccinations&cbref=&cbdescription=Attorney%20Thomas%20Renz%20filed%20a%20lawsuit%20in%20federal%20court%20in%20Alabama%20on%20July%2019%20that%20alleges%20a%20massive%20government%20cover-up%20of%20vaccination-related%20U.S.%20deaths%20that%20n&cbkeywords=&cbiframe=0&&ufp=1609394538590086322898839226&callback=jsonp863102 Requested by Host: politicalhaven.forumotion.com URL: https://politicalhaven.forumotion.com/t2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.31.231 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 231.31.211.130.bc.googleusercontent.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers access-control-allow-origin * date Mon, 18 Oct 2021 18:54:48 GMT via 1.1 google server openresty alt-svc clear
GET H/1.1	200 OK	adb.js Show response play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/	2 B 739 B	42ms 7ms	Script text/javascript	184.30.25.105 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js Requested by Host: cdn.avantisvideo.com URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?tagId=24&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 184.30.25.105 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-25-105.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:54:48 GMT X-GUploader-UploadID ABg5-UzUkWRww0k5Ai-hLO-bDwJAUb2bBvXwUvB0k0383nEP_9A-gxErzN1Ql4IW8fDBAjbKTdAH5D-BjY6LepBdlrs x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity Connection keep-alive Content-Length 2 Last-Modified Thu, 14 May 2020 13:22:36 GMT Server UploadServer ETag "56f785241d0ed9fe51a8170b9dd50272" x-goog-hash crc32c=cz4mSA== x-goog-generation 1589462556858294 Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Type Cache-Control public, max-age=1800 x-goog-stored-content-length 2 Accept-Ranges bytes Content-Type text/javascript Expires Mon, 18 Oct 2021 19:24:48 GMT
GET H2	200	aniview.js Show response player.aniview.com/script/6.1/	26 KB 10 KB	23ms 7ms	Script application/javascript	184.30.25.105 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://player.aniview.com/script/6.1/aniview.js Requested by Host: cdn.avantisvideo.com URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?tagId=24&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback= Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 184.30.25.105 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-25-105.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 210d11bb8beb520986aa100625ed71d2c1ce5a3a0c9a13424f63beff2b455db2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:48 GMT content-encoding gzip x-guploader-uploadid ADPycdu_z7YkehF-dCHd5akZdH-v1p8euM7WqAW-W46D-Kgd5REJfjYwQnlpnSIrg0LIb2zVRjSY3tUrlkPqQ9BarC0 x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip content-length 9373 last-modified Wed, 13 Oct 2021 06:18:19 GMT server UploadServer etag "180aaee8a3ab237c0545ec39de0864e2" vary Accept-Encoding x-goog-hash crc32c=XN1MZA==, md5=GAqu6KOrI3wFRew53ghk4g== content-language en access-control-allow-origin * x-goog-generation 1634105899115066 access-control-expose-headers Content-Type cache-control public, max-age=300 x-goog-stored-content-length 9373 accept-ranges bytes content-type application/javascript expires Mon, 18 Oct 2021 18:59:48 GMT
GET H2	200	AVmanager.js Show response player.aniview.com/script/6.1/ Frame EBCD	361 KB 102 KB	7ms 7ms	Script application/javascript	184.30.25.105 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/aniview.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 184.30.25.105 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-25-105.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 4be248af2533387777c0841dbe22c2da3d19217cee48ae7c68063ba2966f1d77 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:48 GMT content-encoding gzip x-guploader-uploadid ADPycds-YtlbBJv2QJARUbxWzAzMVWCcXYWe7En0xUNaKmOAn8G1zzpH98c8yGFCVmdULL8nqDY9vumr90FBk2C_qHg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip content-length 103423 last-modified Wed, 13 Oct 2021 06:17:51 GMT server UploadServer etag "e88cbf5213e55dde489911c70aa5ec91" vary Accept-Encoding x-goog-hash crc32c=4L5KPg==, md5=6Iy/UhPlXd5ImRHHCqXskQ== content-language en access-control-allow-origin * x-goog-generation 1634105871199372 access-control-expose-headers Content-Type cache-control public, max-age=300 x-goog-stored-content-length 103423 accept-ranges bytes content-type application/javascript expires Mon, 18 Oct 2021 18:59:48 GMT
GET H2	200	track track1.aniview.com/	0 71 B	279ms 92ms	Image text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?r=politicalhaven.forumotion.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.1.2.78&apppkg=&fv=3&proto=https&pid=5e9f0c29a576362f3045e018&cid=6062eba3daf8b2564923fbe6&stagid=&stplid=&e=inventory&vi=100&cb=1634583288755 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:48 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H2	200	/ Show response go1.aniview.com/api/adserver/tag/	6 KB 2 KB	296ms 100ms	XHR application/json	34.227.70.203 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fpoliticalhaven.forumotion.com%2Ft2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e9f0c29a576362f3045e018&AV_CHANNELID=6062eba3daf8b2564923fbe6&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=politicalhaven.forumotion.com&AV_DADPOS=3&d36=6.1.2.78&avtoken=288755&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1634583288768 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.227.70.203 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-227-70-203.compute-1.amazonaws.com Software / Resource Hash 46d41ab307a2f3a7778ea4b76176600951cdb589918de287547a0fa821ce400b Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:49 GMT content-encoding gzip vary Accept-Encoding content-type application/json access-control-allow-origin https://politicalhaven.forumotion.com cache-control no-cache access-control-allow-credentials true expires Thu, 07 Oct 2021 05:08:09 GMT
POST H2	204	/ events1.avantisvideo.com/	0 34 B	242ms 242ms	Ping text/plain	52.42.241.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events1.avantisvideo.com/ Requested by Host: cdn.avantisvideo.com URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?tagId=24&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-42-241-136.us-west-2.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 18 Oct 2021 18:54:48 GMT
GET H2	200	cookiesyncendpoint Show response sync.aniview.com/ Frame 0FB1 Redirect Chain https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634583289017-946864607543-006380-014-002078%26biddername%3D55%26key%3D%24UID https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1634583289017-946864607543-006380-014-002078%2526biddername%253D55%2526key%253D%... https://sync.aniview.com/cookiesyncendpoint?auid=1634583289017-946864607543-006380-014-002078&biddername=55&key=3989399798673801033	0 217 B	282ms 94ms	Document text/plain	18.208.104.24 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://sync.aniview.com/cookiesyncendpoint?auid=1634583289017-946864607543-006380-014-002078&biddername=55&key=3989399798673801033 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.208.104.24 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-208-104-24.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :method GET :authority sync.aniview.com :scheme https :path /cookiesyncendpoint?auid=1634583289017-946864607543-006380-014-002078&biddername=55&key=3989399798673801033 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://politicalhaven.forumotion.com/ accept-encoding gzip, deflate, br cookie aniC=1634583289017-946864607543-006380-014-002078 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ Response headers date Mon, 18 Oct 2021 18:54:49 GMT content-length 0 set-cookie 2_C_55=3989399798673801033; Path=/; Domain=aniview.com; Expires=Tue, 19 Oct 2021 18:54:49 GMT; Secure; SameSite=None 2_C_55=3989399798673801033; Path=/; Expires=Tue, 19 Oct 2021 18:54:49 GMT; Secure; SameSite=None Redirect headers Server nginx/1.17.9 Date Mon, 18 Oct 2021 18:54:49 GMT Content-Type text/html; charset=utf-8 Content-Length 0 Connection keep-alive Cache-Control no-store, no-cache, private Pragma no-cache Expires Sat, 15 Nov 2008 16:00:00 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" X-XSS-Protection 0 Access-Control-Allow-Credentials true Access-Control-Allow-Origin * Location https://sync.aniview.com/cookiesyncendpoint?auid=1634583289017-946864607543-006380-014-002078&biddername=55&key=3989399798673801033 AN-X-Request-Uuid a66fdb97-1503-4713-b2e5-bd7e7fc7884f Set-Cookie uuid2=3989399798673801033; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 16-Jan-2022 18:54:49 GMT; Domain=.adnxs.com; Secure; HttpOnly X-Proxy-Origin 216.131.111.33; 216.131.111.33; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
GET H2	200	avpb3.js Show response player.aniview.com/script/6.1/ Frame EBCD	303 KB 95 KB	7ms 7ms	Script application/javascript	184.30.25.105 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://player.aniview.com/script/6.1/avpb3.js Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 184.30.25.105 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-25-105.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash ac7b9f46edcec0a88c11c18bf0a08879953bfd042486c0a2a7c58426df25088c Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:49 GMT content-encoding gzip x-guploader-uploadid ADPycduZw_i5ti7yyLKbGdH9e-AJSyuIrZowyBkvpjZIzG5xPvNYPc7k0NfjV4IddG3zqY2hEr64JKpFnz7rIG1wp5Y x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip content-length 96232 last-modified Wed, 13 Oct 2021 06:16:58 GMT server UploadServer etag "ad7ef38cf13e26516d10222fcdb4ead3" vary Accept-Encoding x-goog-hash crc32c=vtLYAw==, md5=rX7zjPE+JlFtECIvzbTq0w== content-language en access-control-allow-origin * x-goog-generation 1634105818129804 access-control-expose-headers Content-Type cache-control public, max-age=300 x-goog-stored-content-length 96232 accept-ranges bytes content-type application/javascript expires Mon, 18 Oct 2021 18:59:49 GMT
GET H/1.1	200 OK	ptv Show response ib.adnxs.com/	27 B 720 B	94ms 59ms	XHR application/xml	185.33.221.13 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ptv?id=20611851&referrer=https%3A%2F%2Fpoliticalhaven.forumotion.com%2Ft2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations&us_privacy=1---&cbb=4583289074&imp_id=cdc11b3b-ec89-455d-be8c-5bb2fa479781 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Mon, 18 Oct 2021 18:54:49 GMT X-Proxy-Origin 216.131.111.33; 216.131.111.33; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid d066407d-adef-404e-ac25-e528a9692048 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://politicalhaven.forumotion.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/xml; charset=utf-8 Content-Length 27 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	s2s Show response s2s.aniview.com/api/adserver/	1 B 242 B	404ms 207ms	XHR text/plain	18.232.243.29 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s2s.aniview.com/api/adserver/s2s?auc_id=5407227a9671edea7570d22f82da0dd6_17231503&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1634583289017-946864607543-006380-014-002078&AV_URL=https%3A%2F%2Fpoliticalhaven.forumotion.com%2Ft2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e9f0c29a576362f3045e018&AV_CHANNELID=6062eba3daf8b2564923fbe6&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=politicalhaven.forumotion.com&AV_DADPOS=3&d36=6.1.2.78&avtoken=288755&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=4583289075&tgt=0&&AV_VI=0&AV_VID=0 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.232.243.29 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-232-243-29.compute-1.amazonaws.com Software / Resource Hash 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:49 GMT content-encoding gzip vary Accept-Encoding content-type text/plain access-control-allow-origin https://politicalhaven.forumotion.com cache-control no-cache access-control-allow-credentials true expires Thu, 07 Oct 2021 05:08:09 GMT
GET H2	200	track track1.aniview.com/	0 70 B	94ms 93ms	Image text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=politicalhaven.forumotion.com&rs=politicalhaven.forumotion.com&sid=59991&t=1634583289&cip=216.131.111.33&sn=&tgt=0&osv=10&bv=93.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e9f0c29a576362f3045e018&test=&aafaid=&proto=https&uid=1634583289017-946864607543-006380-014-002078&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.78&cb=6036700948&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e9f0c29a576362f3045e018&nid=59918a0e073ef4782e4e347f&pcid=6062eba3daf8b2564923fbe6&ncid=5eddfc30bd3abf3f625df637&pasid=6062ef0a4e5d38241c6c5b0a&e=request&cb=1634583289077&asid=5ede0342ec425f250b51b999%2C5eddfec4a4cc80499356846b%2C5fb11aa06c67e97c675ffedc&ofpr=0.88%2C0.42%2C&fpo=%2C%2C Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:49 GMT cache-control max-age=0, no-cache, no-store content-length 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	138 B 988 B	50ms 16ms	XHR application/json	185.33.221.13 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/avpb3.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash c1a1020aecaff583542557641d5a1992644fea299b914dc3e56e267d1c2b5083 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 18 Oct 2021 18:54:49 GMT X-Proxy-Origin 216.131.111.33; 216.131.111.33; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 6f7876f5-30cb-4e3c-8759-dd11a11bee33 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://politicalhaven.forumotion.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 138 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	204 No Content	openrtb Show response ads.adaptv.advertising.com/rtb/	0 230 B	246ms 201ms	XHR application/json	18.195.244.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/avpb3.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.244.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-244-174.eu-central-1.compute.amazonaws.com Software adaptv/1.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://politicalhaven.forumotion.com access-control-allow-credentials true server adaptv/1.0 Connection keep-alive content-length 0 content-type application/json
POST H2	204	/ events1.avantisvideo.com/	0 34 B	175ms 175ms	Ping text/plain	52.42.241.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events1.avantisvideo.com/ Requested by Host: cdn.avantisvideo.com URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?tagId=24&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-42-241-136.us-west-2.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 18 Oct 2021 18:54:49 GMT
GET H/1.1	200 OK	ptv Show response ib.adnxs.com/	27 B 875 B	14ms 13ms	XHR application/xml	185.33.221.13 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ptv?id=20611851&referrer=https%3A%2F%2Fpoliticalhaven.forumotion.com%2Ft2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations&us_privacy=1---&cbb=4583289501&imp_id=8c2b42cb-6f67-479b-8744-0d966117226b Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Mon, 18 Oct 2021 18:54:49 GMT X-Proxy-Origin 216.131.111.33; 216.131.111.33; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid d046b89d-c3b2-41c3-935a-bda4ba061600 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://politicalhaven.forumotion.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/xml; charset=utf-8 Content-Length 27 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	s2s Show response s2s.aniview.com/api/adserver/	1 B 241 B	110ms 110ms	XHR text/plain	18.232.243.29 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s2s.aniview.com/api/adserver/s2s?auc_id=5407227a9671edea7570d22f82da0dd6_17231503&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1634583289017-946864607543-006380-014-002078&AV_URL=https%3A%2F%2Fpoliticalhaven.forumotion.com%2Ft2429-bombshell-lawsuit-charges-vaccine-deaths-being-concealed-insider-reports-at-least-45000-dead-from-covid-vaccinations&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e9f0c29a576362f3045e018&AV_CHANNELID=6062eba3daf8b2564923fbe6&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=politicalhaven.forumotion.com&AV_DADPOS=3&d36=6.1.2.78&avtoken=288755&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=4583289501&tgt=0&&AV_VI=0&AV_VID=0 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.232.243.29 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-232-243-29.compute-1.amazonaws.com Software / Resource Hash 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:49 GMT content-encoding gzip vary Accept-Encoding content-type text/plain access-control-allow-origin https://politicalhaven.forumotion.com cache-control no-cache access-control-allow-credentials true expires Thu, 07 Oct 2021 05:08:09 GMT
GET H2	200	track track1.aniview.com/	0 70 B	93ms 92ms	Image text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=politicalhaven.forumotion.com&rs=politicalhaven.forumotion.com&sid=59991&t=1634583289&cip=216.131.111.33&sn=&tgt=0&osv=10&bv=93.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e9f0c29a576362f3045e018&test=&aafaid=&proto=https&uid=1634583289017-946864607543-006380-014-002078&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.78&cb=6036700948&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e9f0c29a576362f3045e018&nid=59918a0e073ef4782e4e347f&pcid=6062eba3daf8b2564923fbe6&ncid=5eddfc30bd3abf3f625df637&pasid=6062ef0a4e5d38241c6c5b0a&e=request&cb=1634583289501&asid=5ede0342ec425f250b51b999%2C5eddfec4a4cc80499356846b%2C5fb11aa06c67e97c675ffedc&ofpr=0.88%2C0.42%2C&fpo=%2C%2C Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:54:49 GMT cache-control max-age=0, no-cache, no-store content-length 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	138 B 988 B	20ms 20ms	XHR application/json	185.33.221.13 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/avpb3.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash b310b04cb8b12186ceeb7ff33a93f59e291465c866bf20e862c4e8a13407ecf7 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 18 Oct 2021 18:54:49 GMT X-Proxy-Origin 216.131.111.33; 216.131.111.33; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 82dded09-d6f7-444d-aa04-47ac75b9f42a Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://politicalhaven.forumotion.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 138 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	204 No Content	openrtb Show response ads.adaptv.advertising.com/rtb/	0 230 B	191ms 191ms	XHR application/json	18.195.244.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/avpb3.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.244.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-244-174.eu-central-1.compute.amazonaws.com Software adaptv/1.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://politicalhaven.forumotion.com access-control-allow-credentials true server adaptv/1.0 Connection keep-alive content-length 0 content-type application/json
POST H2	204	/ events1.avantisvideo.com/	0 34 B	175ms 175ms	Ping text/plain	52.42.241.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events1.avantisvideo.com/ Requested by Host: cdn.avantisvideo.com URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?tagId=24&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-42-241-136.us-west-2.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 18 Oct 2021 18:54:49 GMT
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame EE17	52 KB 17 KB	25ms 6ms	Document text/html	151.101.65.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/avpb3.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.65.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://politicalhaven.forumotion.com/ Accept-Encoding gzip, deflate, br Cookie uuid2=3989399798673801033 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ Response headers Connection keep-alive Content-Length 17053 Server nginx/1.18.0 (Ubuntu) Content-Type text/html Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag W/"5fc7ff8f-cf34" Expires Fri, 01 Oct 2021 05:08:47 GMT Cache-Control max-age=86402 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Date Mon, 18 Oct 2021 18:54:49 GMT Age 49681 X-Served-By cache-lga21949-LGA, cache-hhn4065-HHN X-Cache HIT, HIT X-Cache-Hits 1, 921361 X-Timer S1634583290.893161,VS0,VE0 Vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 5C80	52 KB 17 KB	26ms 8ms	Document text/html	151.101.65.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/avpb3.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.65.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://politicalhaven.forumotion.com/ Accept-Encoding gzip, deflate, br Cookie uuid2=3989399798673801033 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ Response headers Connection keep-alive Content-Length 17053 Server nginx/1.18.0 (Ubuntu) Content-Type text/html Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag W/"5fc7ff8f-cf34" Expires Fri, 01 Oct 2021 05:08:47 GMT Cache-Control max-age=86402 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Date Mon, 18 Oct 2021 18:54:49 GMT Age 49681 X-Served-By cache-lga21949-LGA, cache-hhn4022-HHN X-Cache HIT, HIT X-Cache-Hits 1, 919822 X-Timer S1634583290.893235,VS0,VE0 Vary Accept-Encoding
GET H/1.1	204 No Content	sync ups.analytics.yahoo.com/ups/57304/ Redirect Chain https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPdf010c7e-3044-11ec-816b-020dbce2a38e https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPdf010c7e-3044-11ec-816b-020dbce2a38e&verify=true https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBkZjAxMGM3ZS0zMDQ0LTExZWMtODE2Yi0wMjBkYmNlMmEzOGU%3D https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_hm=VVBkZjAxMGM3ZS0zMDQ0LTExZWMtODE2Yi0wMjBkYmNlMmEzOGU%3D&google_tc= https://pixel.advertising.com/ups/57304/sync?uid=CAESEPMoxUzIa98Nbj-GsnRfEa4&google_cver=1 https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPMoxUzIa98Nbj-GsnRfEa4&google_cver=1&apid=UPdf010c7e-3044-11ec-816b-020dbce2a38e	0 1 KB	13ms 12ms	Image text/plain	3.126.56.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPMoxUzIa98Nbj-GsnRfEa4&google_cver=1&apid=UPdf010c7e-3044-11ec-816b-020dbce2a38e Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-56-137.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:54:50 GMT Server ATS/7.1.2.138 Connection keep-alive Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPMoxUzIa98Nbj-GsnRfEa4&google_cver=1&apid=UPdf010c7e-3044-11ec-816b-020dbce2a38e date Mon, 18 Oct 2021 18:54:50 GMT content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	204 No Content	sync ups.analytics.yahoo.com/ups/55953/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 https://ups.analytics.yahoo.com/ups/55953/sync?uid=67cafc2d-f65c-48bd-9c13-78ce0b13b2bc&_origin=1&gdpr=1&gdpr_consent=	0 234 B	25ms 16ms	Image text/plain	3.126.56.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55953/sync?uid=67cafc2d-f65c-48bd-9c13-78ce0b13b2bc&_origin=1&gdpr=1&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-56-137.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:54:50 GMT Server ATS/7.1.2.138 Connection keep-alive Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers pragma no-cache date Mon, 18 Oct 2021 18:54:49 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://ups.analytics.yahoo.com/ups/55953/sync?uid=67cafc2d-f65c-48bd-9c13-78ce0b13b2bc&_origin=1&gdpr=1&gdpr_consent= cache-control private,no-cache, must-revalidate content-type text/html content-length 267
GET H/1.1	204 No Content	sync ups.analytics.yahoo.com/ups/55986/ Redirect Chain https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_... https://pixel.advertising.com/ups/55986/sync?uid=YW3C_QAKEaJICgAR&_origin=0&gdpr=0&gdpr_consent=&_test=YW3C_QAKEaJICgAR https://ups.analytics.yahoo.com/ups/55986/sync?uid=YW3C_QAKEaJICgAR&_origin=0&gdpr=0&gdpr_consent=&_test=YW3C_QAKEaJICgAR&apid=UPdf010c7e-3044-11ec-816b-020dbce2a38e	0 1 KB	17ms 17ms	Image text/plain	3.126.56.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55986/sync?uid=YW3C_QAKEaJICgAR&_origin=0&gdpr=0&gdpr_consent=&_test=YW3C_QAKEaJICgAR&apid=UPdf010c7e-3044-11ec-816b-020dbce2a38e Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-56-137.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://politicalhaven.forumotion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:54:50 GMT Server ATS/7.1.2.138 Connection keep-alive Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/55986/sync?uid=YW3C_QAKEaJICgAR&_origin=0&gdpr=0&gdpr_consent=&_test=YW3C_QAKEaJICgAR&apid=UPdf010c7e-3044-11ec-816b-020dbce2a38e date Mon, 18 Oct 2021 18:54:50 GMT content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
POST H2	200	track Show response track1.aniview.com/	0 94 B	301ms 101ms	XHR text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://track1.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=politicalhaven.forumotion.com&rs=politicalhaven.forumotion.com&sid=59991&t=1634583289&cip=216.131.111.33&sn=&tgt=0&osv=10&bv=93.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e9f0c29a576362f3045e018&test=&aafaid=&proto=https&uid=1634583289017-946864607543-006380-014-002078&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.78&cb=6036700948&d9=0000&AV_WIDTH=400&AV_HEIGHT=225 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://politicalhaven.forumotion.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Mon, 18 Oct 2021 18:54:54 GMT cache-control max-age=0, no-cache, no-store content-length 0