beforeitsnews.com Open in urlscan Pro
172.67.14.110 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://beforeitsnews.com/
Submission: On September 03 via manual (September 3rd 2022, 12:00:33 pm UTC) from US — Scanned from AU

Summary HTTP 420 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 99 IPs in 10 countries across 105 domains to perform 420 HTTP transactions. The main IP is 172.67.14.110, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com. The Cisco Umbrella rank of the primary domain is 171738.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2022. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	172.67.14.110 172.67.14.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	74.125.24.95 74.125.24.95	15169 (GOOGLE) (GOOGLE)
1	18.155.68.14 18.155.68.14	16509 (AMAZON-02) (AMAZON-02)
4	172.253.118.119 172.253.118.119	15169 (GOOGLE) (GOOGLE)
28	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.42.82 104.21.42.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.10.97 142.251.10.97	15169 (GOOGLE) (GOOGLE)
14	74.125.24.94 74.125.24.94	15169 (GOOGLE) (GOOGLE)
5	104.21.21.110 104.21.21.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	77.81.165.130 77.81.165.130	59854 (TLH-AS Pa...) (TLH-AS Pasaj SCARILOR Nr 2)
10	104.18.255.14 104.18.255.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	138.199.46.66 138.199.46.66	60068 (CDN77 ^_^) (CDN77 ^_^)
8	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
3	142.250.4.102 142.250.4.102	15169 (GOOGLE) (GOOGLE)
1	20.43.160.189 20.43.160.189	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	192.0.72.23 192.0.72.23	2635 (AUTOMATTIC) (AUTOMATTIC)
1	104.21.234.213 104.21.234.213	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.15.8 104.21.15.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.132.113 172.67.132.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.79.195.246 45.79.195.246	63949 (LINODE-AP...) (LINODE-AP Linode)
1	18.155.68.37 18.155.68.37	16509 (AMAZON-02) (AMAZON-02)
1	142.250.4.156 142.250.4.156	15169 (GOOGLE) (GOOGLE)
2	172.67.138.44 172.67.138.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.22.74.138 104.22.74.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.88.47 13.33.88.47	16509 (AMAZON-02) (AMAZON-02)
6	142.251.12.102 142.251.12.102	15169 (GOOGLE) (GOOGLE)
25	13.33.33.102 13.33.33.102	16509 (AMAZON-02) (AMAZON-02)
2	35.190.30.115 35.190.30.115	15169 (GOOGLE) (GOOGLE)
6	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.72.44.196 23.72.44.196	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	107.151.8.10 107.151.8.10	55081 (24SHELLS) (24SHELLS)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
10 10	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	23.106.127.39 23.106.127.39	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
8 12	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
8 14	103.231.98.197 103.231.98.197	62713 (AS-PUBMATIC) (AS-PUBMATIC)
13 17	142.251.12.155 142.251.12.155	15169 (GOOGLE) (GOOGLE)
5 6	103.231.98.194 103.231.98.194	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 8	103.231.98.195 103.231.98.195	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 5	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
3 3	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.3 34.98.67.3	15169 (GOOGLE) (GOOGLE)
1 1	80.77.87.161 80.77.87.161	46636 (NATCOWEB) (NATCOWEB)
6 7	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1	23.195.152.23 23.195.152.23	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	141.95.98.68 141.95.98.68	16276 (OVH) (OVH)
5 5	54.251.50.135 54.251.50.135	16509 (AMAZON-02) (AMAZON-02)
4	74.125.24.156 74.125.24.156	15169 (GOOGLE) (GOOGLE)
2	13.33.33.39 13.33.33.39	16509 (AMAZON-02) (AMAZON-02)
3	172.217.194.155 172.217.194.155	15169 (GOOGLE) (GOOGLE)
3	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
21	54.192.150.108 54.192.150.108	16509 (AMAZON-02) (AMAZON-02)
5	172.217.194.105 172.217.194.105	15169 (GOOGLE) (GOOGLE)
1	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
6	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2 2	104.19.173.108 104.19.173.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 15	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
1	23.227.146.18 23.227.146.18	55081 (24SHELLS) (24SHELLS)
2	139.99.49.250 139.99.49.250	16276 (OVH) (OVH)
1 1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
1	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
1 2	64.120.110.136 64.120.110.136	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
4 5	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	209.191.163.210 209.191.163.210	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
7 7	104.254.151.120 104.254.151.120	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	89.187.162.142 89.187.162.142	60068 (CDN77 ^_^) (CDN77 ^_^)
2	67.199.150.81 67.199.150.81	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 6	23.15.148.136 23.15.148.136	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	207.198.113.205 207.198.113.205	13768 (COGECO-PEER1) (COGECO-PEER1)
1 7	18.139.80.166 18.139.80.166	16509 (AMAZON-02) (AMAZON-02)
3	64.120.110.139 64.120.110.139	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
3 7	52.20.226.248 52.20.226.248	14618 (AMAZON-AES) (AMAZON-AES)
3	198.206.157.242 198.206.157.242	399668 (E-PLANNING-) (E-PLANNING-)
1 1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	204.93.150.152 204.93.150.152	23352 (SERVERCEN...) (SERVERCENTRAL)
5 6	185.84.60.21 185.84.60.21	198622 (ADFORM) (ADFORM)
6 6	103.229.205.243 103.229.205.243	30419 (MEDIAMATH...) (MEDIAMATH-INC)
7 15	67.199.150.86 67.199.150.86	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	18.138.18.111 18.138.18.111	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.100.194 104.18.100.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	169.62.67.163 169.62.67.163	36351 (SOFTLAYER) (SOFTLAYER)
1 2	46.137.228.209 46.137.228.209	16509 (AMAZON-02) (AMAZON-02)
1 1	103.229.10.211 103.229.10.211	16509 (AMAZON-02) (AMAZON-02)
1 1	52.74.162.2 52.74.162.2	16509 (AMAZON-02) (AMAZON-02)
2 2	35.213.93.179 35.213.93.179	15169 (GOOGLE) (GOOGLE)
3 5	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	106.10.236.37 106.10.236.37	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
1 1	34.111.151.213 34.111.151.213	15169 (GOOGLE) (GOOGLE)
2 2	50.31.142.191 50.31.142.191	23352 (SERVERCEN...) (SERVERCENTRAL)
2 2	23.213.140.214 23.213.140.214	16625 (AKAMAI-AS) (AKAMAI-AS)
6 6	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
7	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
6	34.117.239.71 34.117.239.71	15169 (GOOGLE) (GOOGLE)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
3	13.33.88.90 13.33.88.90	16509 (AMAZON-02) (AMAZON-02)
1	212.129.3.113 212.129.3.113	12876 (Online SAS) (Online SAS)
1	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2	202.131.200.84 202.131.200.84	17941 (BIT-ISLE ...) (BIT-ISLE Equinix Japan Enterprise K.K.)
2 2	50.116.239.135 50.116.239.135	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	124.146.215.42 124.146.215.42	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 1	13.33.88.31 13.33.88.31	16509 (AMAZON-02) (AMAZON-02)
2 2	13.33.88.71 13.33.88.71	16509 (AMAZON-02) (AMAZON-02)
2	54.251.128.63 54.251.128.63	16509 (AMAZON-02) (AMAZON-02)
1	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	3.113.231.86 3.113.231.86	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	139.162.38.30 139.162.38.30	63949 (LINODE-AP...) (LINODE-AP Linode)
2 2	13.250.200.154 13.250.200.154	16509 (AMAZON-02) (AMAZON-02)
3 3	74.118.186.44 74.118.186.44	26120 (RHYTHMONE) (RHYTHMONE)
1 1	74.118.186.45 74.118.186.45	() ()
2 2	3.1.14.27 3.1.14.27	16509 (AMAZON-02) (AMAZON-02)
1 2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1 2	172.64.152.245 172.64.152.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.5.165.20 195.5.165.20	() ()
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
1 2	119.9.108.191 119.9.108.191	45187 (RACKSPACE...) (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong)
4 5	107.178.244.193 107.178.244.193	15169 (GOOGLE) (GOOGLE)
1 1	34.102.253.54 34.102.253.54	15169 (GOOGLE) (GOOGLE)
2 2	104.254.150.241 104.254.150.241	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	89.207.22.76 89.207.22.76	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	54.64.204.44 54.64.204.44	16509 (AMAZON-02) (AMAZON-02)
1 1	106.10.236.147 106.10.236.147	() ()
1	52.13.231.254 52.13.231.254	() ()
1 2	18.140.27.177 18.140.27.177	() ()
1	172.217.194.101 172.217.194.101	() ()
5	104.18.226.52 104.18.226.52	() ()
3	74.125.130.95 74.125.130.95	() ()
24	142.250.4.190 142.250.4.190	() ()
1	104.22.25.87 104.22.25.87	() ()
3	142.251.10.149 142.251.10.149	() ()
3	74.125.130.132 74.125.130.132	() ()
420	99

45 172.67.14.110 (United States)

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-14.sin52.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.118.119 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f119.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.42.82 (None, )

ASN13335 (CLOUDFLARENET, US)

borirait.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.21.21.110 (None, )

ASN13335 (CLOUDFLARENET, US)

www.ournewearthnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.81.165.130 (Bucharest, Romania)

ASN59854 (TLH-AS Pasaj SCARILOR Nr 2, RO)
PTR: c3130.tlh.ro

amg-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.255.14 (None, )

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.46.66 (Singapore, Singapore)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-46-66.datapacket.com

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.4.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f102.1e100.net

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.43.160.189 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

external-content.duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

justusaknight.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.234.213 (None, )

ASN13335 (CLOUDFLARENET, US)

iili.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.15.8 (None, )

ASN13335 (CLOUDFLARENET, US)

settingbrushfires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.132.113 (United States)

ASN13335 (CLOUDFLARENET, US)

www.prepperfortress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.195.246 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: rumormillnews.com

www.rumormillnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-37.sin52.r.cloudfront.net

cdn2.customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.138.44 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.74.138 (None, )

ASN13335 (CLOUDFLARENET, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-47.sin2.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.12.102 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 13.33.33.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-102.sin2.r.cloudfront.net

static.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.30.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.30.190.35.bc.googleusercontent.com

customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.151.8.10 (Piscataway, United States)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.223.40.198 (United States) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.161.21 (Netherlands) 2 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.39 (Singapore, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 69.173.158.64 (Singapore, Singapore) 8 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 103.231.98.197 (Japan) 8 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.12.155 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.231.98.194 (Japan) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.231.98.195 (Japan) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.60.146 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.254.65 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.161 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.213.12.39 (Tokyo, Japan) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.195.152.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.98.68 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.251.50.135 (Singapore, Singapore) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-50-135.ap-southeast-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.33.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-39.sin2.r.cloudfront.net

cdn1.customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 54.192.150.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-108.sin2.r.cloudfront.net

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.194.105 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.173.108 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.227.139.243 (Piscataway, United States) 2 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.spotim.market	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.146.18 (Piscataway, United States)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.120.110.136 (Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.253.211 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.191.163.210 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.254.151.120 (Los Angeles, United States) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.162.142 (Singapore, Singapore)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-162-142.cdn77.com

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.150.81 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.15.148.136 (Singapore, Singapore) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.205 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.139.80.166 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-80-166.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.120.110.139 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: ads.us.e-planning.net

u-sin01.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.20.226.248 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-226-248.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.206.157.242 (New York, United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net

s.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.93.150.152 (Arlington Heights, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.AP-anycast1.cachefly.net

i.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.84.60.21 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.229.205.243 (Singapore) 6 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 67.199.150.86 (Los Angeles, United States) 7 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.138.18.111 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com

cm.ambientdsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.100.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.62.67.163 (United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: a3.43.3ea9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.137.228.209 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-228-209.ap-southeast-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.10.211 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.74.162.2 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.93.179 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 209.54.182.161 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 106.10.236.37 (Singapore, Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: o1.ycpi.vip.sg3.yahoo.com

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.191 (Lincolnwood, United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.213.140.214 (Singapore, Singapore) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-140-214.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 67.202.105.22 (United States) 6 redirects

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com

events-ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.88.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-90.sin2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.129.3.113 (France)

ASN12876 (Online SAS, FR)
PTR: 212-129-3-113.rev.poneytelecom.eu

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.116.239.135 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.42 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.31 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-31.sin2.r.cloudfront.net

cr-p3.ladsp.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.88.71 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-71.sin2.r.cloudfront.net

cr-pall.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.251.128.63 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-128-63.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.113.231.86 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-231-86.ap-northeast-1.compute.amazonaws.com

dps.jp.cinarra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.38.30 (Singapore, Singapore) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1451-30.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.250.200.154 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-200-154.ap-southeast-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.118.186.44 (Serangoon, Singapore) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.118.186.45 (None, ) 1 redirects

ASN- ()

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.1.14.27 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-14-27.ap-southeast-1.compute.amazonaws.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.152.245 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (None, )

ASN- ()

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.9.108.191 (Central, Hong Kong) 1 redirects

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.178.244.193 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.254.150.241 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.207.22.76 (Singapore, Singapore) 2 redirects

ASN41041 (VCLK-EU-SE, US)
PTR: sin01-login-ds.dotomi.com

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.64.204.44 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-204-44.ap-northeast-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 106.10.236.147 (None, ) 1 redirects

ASN- ()

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.13.231.254 (None, )

ASN- ()

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.140.27.177 (None, ) 1 redirects

ASN- ()

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.101 (None, )

ASN- ()

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.226.52 (None, )

ASN- ()

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.130.95 (None, )

ASN- ()

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.4.190 (None, )

ASN- ()

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.25.87 (None, )

ASN- ()

content.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.10.149 (None, )

ASN- ()

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.130.132 (None, )

ASN- ()

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	pubmatic.com 24 redirects ads.pubmatic.com — Cisco Umbrella Rank: 448 image8.pubmatic.com — Cisco Umbrella Rank: 593 image2.pubmatic.com — Cisco Umbrella Rank: 859 image4.pubmatic.com — Cisco Umbrella Rank: 845 image6.pubmatic.com — Cisco Umbrella Rank: 606 simage2.pubmatic.com — Cisco Umbrella Rank: 677 simage4.pubmatic.com — Cisco Umbrella Rank: 1145	110 KB
48	tradingview.com s3.tradingview.com — Cisco Umbrella Rank: 18560 s.tradingview.com — Cisco Umbrella Rank: 23641 static.tradingview.com — Cisco Umbrella Rank: 17559 s3-symbol-logo.tradingview.com — Cisco Umbrella Rank: 18898	282 KB
47	beforeitsnews.com beforeitsnews.com — Cisco Umbrella Rank: 171738 img.beforeitsnews.com — Cisco Umbrella Rank: 326873 m.beforeitsnews.com — Cisco Umbrella Rank: 323518 ajax.beforeitsnews.com — Cisco Umbrella Rank: 204766 a1.beforeitsnews.com	963 KB
34	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7557 c.mgid.com — Cisco Umbrella Rank: 5185 cdn.mgid.com — Cisco Umbrella Rank: 9606 servicer.mgid.com — Cisco Umbrella Rank: 7656 s-img.mgid.com — Cisco Umbrella Rank: 4427 cm.mgid.com — Cisco Umbrella Rank: 2052	332 KB
27	doubleclick.net 13 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 85 static.doubleclick.net	43 KB
27	youtube.com img.youtube.com — Cisco Umbrella Rank: 3056 www.youtube.com	2 MB
19	rubiconproject.com 11 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 319 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 922 eus.rubiconproject.com — Cisco Umbrella Rank: 551 token.rubiconproject.com — Cisco Umbrella Rank: 686 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 844	29 KB
15	adtelligent.com 1 redirects s.adtelligent.com — Cisco Umbrella Rank: 5257 sync.adtelligent.com — Cisco Umbrella Rank: 4563	7 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	138 KB
12	33across.com 6 redirects ssc-cms.33across.com — Cisco Umbrella Rank: 941 events-ssc.33across.com — Cisco Umbrella Rank: 2223	4 KB
12	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 721 tags.crwdcntrl.net — Cisco Umbrella Rank: 1206 bcp.crwdcntrl.net — Cisco Umbrella Rank: 805	22 KB
12	openx.net 4 redirects rtb.openx.net — Cisco Umbrella Rank: 1493 us-u.openx.net — Cisco Umbrella Rank: 377 jp-u.openx.net — Cisco Umbrella Rank: 11040	2 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 www.googleapis.com — Cisco Umbrella Rank: 36 translate.googleapis.com jnn-pa.googleapis.com	190 KB
10	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1312 r.casalemedia.com — Cisco Umbrella Rank: 813 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 430 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 515	8 KB
10	adsrvr.org 10 redirects match.adsrvr.org — Cisco Umbrella Rank: 336	6 KB
10	imgflip.com i.imgflip.com — Cisco Umbrella Rank: 27116	878 KB
9	adnxs.com 9 redirects ib.adnxs.com — Cisco Umbrella Rank: 225 secure.adnxs.com — Cisco Umbrella Rank: 435	8 KB
9	e-planning.net 1 redirects ads.us.e-planning.net — Cisco Umbrella Rank: 5136 u-sin01.e-planning.net — Cisco Umbrella Rank: 152359 s.e-planning.net — Cisco Umbrella Rank: 7024 i.e-planning.net — Cisco Umbrella Rank: 7442	5 KB
8	rmbl.ws sp.rmbl.ws — Cisco Umbrella Rank: 24874	252 KB
7	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 614 cm.adform.net — Cisco Umbrella Rank: 1538 dmp.adform.net	3 KB
7	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2021	8 KB
7	criteo.com gum.criteo.com — Cisco Umbrella Rank: 387 dis.criteo.com — Cisco Umbrella Rank: 696	2 KB
7	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 288	3 KB
6	mathtag.com 6 redirects sync.mathtag.com — Cisco Umbrella Rank: 452	3 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 translate.google.com	68 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	40 KB
5	onesignal.com cdn.onesignal.com onesignal.com	83 KB
5	tapad.com 4 redirects pixel.tapad.com — Cisco Umbrella Rank: 438	658 B
5	amazon-adsystem.com 3 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 269	4 KB
5	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468 ups.analytics.yahoo.com — Cisco Umbrella Rank: 270 ads.yahoo.com — Cisco Umbrella Rank: 2202 cms.analytics.yahoo.com	4 KB
5	360yield.com 5 redirects ad.360yield.com — Cisco Umbrella Rank: 670	1 KB
5	rlcdn.com 3 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 328 id.rlcdn.com — Cisco Umbrella Rank: 542	852 B
5	id5-sync.com 1 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 1167 id5-sync.com — Cisco Umbrella Rank: 471	18 KB
5	customads.co cdn2.customads.co — Cisco Umbrella Rank: 116799 customads.co — Cisco Umbrella Rank: 86787 cdn1.customads.co — Cisco Umbrella Rank: 103305	84 KB
5	ournewearthnews.com www.ournewearthnews.com — Cisco Umbrella Rank: 368463	2 MB
4	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 125	101 KB
3	ggpht.com yt3.ggpht.com	3 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 538	2 KB
3	sitescout.com 3 redirects pixel.sitescout.com — Cisco Umbrella Rank: 3224 pixel-sync.sitescout.com — Cisco Umbrella Rank: 579	2 KB
3	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1441	993 B
3	pippio.com 3 redirects pippio.com — Cisco Umbrella Rank: 743	732 B
3	amg-news.com amg-news.com	2 MB
2	eyeota.net 1 redirects ps.eyeota.net	2 KB
2	dotomi.com 2 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3105	743 B
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1063	856 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 798 s.tribalfusion.com — Cisco Umbrella Rank: 2081	1 KB
2	taboola.com 1 redirects trc.taboola.com — Cisco Umbrella Rank: 705 match.taboola.com — Cisco Umbrella Rank: 2716	560 B
2	adgrx.com 2 redirects cm.adgrx.com — Cisco Umbrella Rank: 1425	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 736	2 KB
2	ladsp.com 2 redirects cr-pall.ladsp.com — Cisco Umbrella Rank: 3577	1 KB
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 747	959 B
2	ad-m.asia sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2723	486 B
2	bluekai.com 2 redirects stags.bluekai.com — Cisco Umbrella Rank: 497 tags.bluekai.com — Cisco Umbrella Rank: 492	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 558	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2329	965 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 849	1 KB
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 463	410 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 566	746 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 619	1 KB
2	tynt.com 1 redirects ic.tynt.com — Cisco Umbrella Rank: 4143 de.tynt.com — Cisco Umbrella Rank: 1427	3 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 749	2 KB
2	adtarget.com.tr 1 redirects s.console.adtarget.com.tr — Cisco Umbrella Rank: 16820 sync.console.adtarget.com.tr — Cisco Umbrella Rank: 15855	1 KB
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 889	600 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com — Cisco Umbrella Rank: 7503	786 B
2	e-volution.ai 2 redirects sync.e-volution.ai — Cisco Umbrella Rank: 2440	918 B
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 650	687 B
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 103896	1 KB
2	prepperfortress.com www.prepperfortress.com	44 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	84 KB
1	zeotap.com content.zeotap.com	19 KB
1	krxd.net beacon.krxd.net	337 B
1	gumgum.com rtb.gumgum.com — Cisco Umbrella Rank: 1034	209 B
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 3780	467 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 869	44 B
1	iprom.net core.iprom.net	279 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	527 B
1	appier.net 1 redirects gocm.c.appier.net — Cisco Umbrella Rank: 2217	395 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 24075	459 B
1	cinarra.com dps.jp.cinarra.com — Cisco Umbrella Rank: 20221	220 B
1	ladsp.jp 1 redirects cr-p3.ladsp.jp — Cisco Umbrella Rank: 25452	227 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1016	849 B
1	cookieless-data.com js.cookieless-data.com — Cisco Umbrella Rank: 7222	535 B
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1678	365 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 370	572 B
1	spotim.market sync.spotim.market — Cisco Umbrella Rank: 1832	318 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 417	541 B
1	ambientdsp.com 1 redirects cm.ambientdsp.com — Cisco Umbrella Rank: 25973	650 B
1	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 5082
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 9590	257 B
1	google.com.au www.google.com.au — Cisco Umbrella Rank: 24351	501 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 2117	620 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 534	627 B
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 1550	651 B
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 3946	391 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 875	347 B
1	idealmedia.io cm.idealmedia.io — Cisco Umbrella Rank: 17017	100 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 112	57 KB
1	rumormillnews.com www.rumormillnews.com — Cisco Umbrella Rank: 637086	37 KB
1	settingbrushfires.com settingbrushfires.com — Cisco Umbrella Rank: 681766	65 KB
1	iili.io iili.io — Cisco Umbrella Rank: 75494	13 KB
1	wordpress.com justusaknight.files.wordpress.com — Cisco Umbrella Rank: 458504	574 KB
1	duckduckgo.com external-content.duckduckgo.com — Cisco Umbrella Rank: 6093	19 KB
1	bitchute.com static-3.bitchute.com — Cisco Umbrella Rank: 85592	16 KB
1	borirait.site borirait.site — Cisco Umbrella Rank: 297017	42 KB
0	nex8.net Failed cs.nex8.net Failed
420	105

	Domain	Requested by
29	beforeitsnews.com	beforeitsnews.com
25	static.tradingview.com	s.tradingview.com static.tradingview.com
24	www.youtube.com	beforeitsnews.com www.youtube.com
21	s3-symbol-logo.tradingview.com	s.tradingview.com
17	cm.g.doubleclick.net	13 redirects eus.rubiconproject.com us-u.openx.net bcp.crwdcntrl.net
15	simage2.pubmatic.com	7 redirects ads.pubmatic.com s.adtelligent.com
15	cm.mgid.com	jsc.mgid.com beforeitsnews.com s.adtelligent.com ads.pubmatic.com
15	img.beforeitsnews.com	beforeitsnews.com
14	image8.pubmatic.com	8 redirects ads.pubmatic.com s.adtelligent.com
13	sync.adtelligent.com	1 redirects s.adtelligent.com ads.pubmatic.com ads.us.e-planning.net s.console.adtarget.com.tr
10	match.adsrvr.org	10 redirects
10	i.imgflip.com	beforeitsnews.com
8	www.gstatic.com	translate.googleapis.com www.youtube.com www.gstatic.com
8	sp.rmbl.ws	beforeitsnews.com
7	jnn-pa.googleapis.com	www.youtube.com
7	dsum-sec.casalemedia.com	1 redirects r.casalemedia.com
7	a.audrte.com	3 redirects ads.us.e-planning.net a.audrte.com
7	sync.crwdcntrl.net	1 redirects ads.us.e-planning.net s.adtelligent.com bcp.crwdcntrl.net
7	ib.adnxs.com	7 redirects
7	x.bidswitch.net	6 redirects beforeitsnews.com
7	pixel.rubiconproject.com	3 redirects beforeitsnews.com eus.rubiconproject.com
6	events-ssc.33across.com	de.tynt.com eus.rubiconproject.com us-u.openx.net
6	ssc-cms.33across.com	6 redirects
6	sync.mathtag.com	6 redirects
6	gum.criteo.com	ads.pubmatic.com
6	image4.pubmatic.com	4 redirects ads.pubmatic.com
6	image2.pubmatic.com	5 redirects ads.pubmatic.com
6	s-img.mgid.com	beforeitsnews.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com beforeitsnews.com s.tradingview.com
6	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com www.youtube.com
6	jsc.mgid.com	beforeitsnews.com jsc.mgid.com
5	pixel.tapad.com	4 redirects s.adtelligent.com
5	s.amazon-adsystem.com	3 redirects eus.rubiconproject.com r.casalemedia.com
5	token.rubiconproject.com	5 redirects
5	c1.adform.net	4 redirects ads.pubmatic.com
5	rtb.openx.net	4 redirects us-u.openx.net
5	www.google.com	beforeitsnews.com www.youtube.com
5	ad.360yield.com	5 redirects
5	www.ournewearthnews.com	beforeitsnews.com
4	us-u.openx.net	de.tynt.com us-u.openx.net
4	eus.rubiconproject.com	s.adtelligent.com eus.rubiconproject.com de.tynt.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com
4	id5-sync.com	1 redirects cdn.id5-sync.com
4	idsync.rlcdn.com	3 redirects beforeitsnews.com
4	ads.pubmatic.com	jsc.mgid.com s.adtelligent.com ads.pubmatic.com
4	i.ytimg.com	beforeitsnews.com www.youtube.com
3	yt3.ggpht.com	www.youtube.com
3	static.doubleclick.net	www.youtube.com
3	onesignal.com	cdn.onesignal.com
3	translate.googleapis.com	translate.googleapis.com
3	sync.1rx.io	3 redirects
3	jp-u.openx.net	us-u.openx.net
3	tags.crwdcntrl.net	s.e-planning.net tags.crwdcntrl.net
3	s.e-planning.net	ads.us.e-planning.net
3	u-sin01.e-planning.net	ads.us.e-planning.net r.casalemedia.com
3	lb.eu-1-id5-sync.com	cdn.id5-sync.com
3	stats.g.doubleclick.net	customads.co www.google-analytics.com
3	pippio.com	3 redirects
3	servicer.mgid.com	jsc.mgid.com
3	img.youtube.com	beforeitsnews.com
3	amg-news.com	beforeitsnews.com
2	cdn.onesignal.com	beforeitsnews.com cdn.onesignal.com
2	ps.eyeota.net	1 redirects
2	pubmatic-match.dotomi.com	2 redirects
2	secure.adnxs.com	2 redirects
2	uipglob.semasio.net	1 redirects s.adtelligent.com
2	cm.adgrx.com	2 redirects
2	pm.w55c.net	2 redirects
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	cr-pall.ladsp.com	2 redirects
2	ad.turn.com	2 redirects
2	sync-dsp.ad-m.asia	us-u.openx.net ads.pubmatic.com
2	simage4.pubmatic.com	ads.pubmatic.com
2	b1sync.zemanta.com	2 redirects
2	a.sportradarserving.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	um.simpli.fi	2 redirects
2	p.adsymptotic.com	1 redirects ads.pubmatic.com
2	sync-tm.everesttech.net	2 redirects
2	pixel.sitescout.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	image6.pubmatic.com	ads.pubmatic.com
2	ap.lijit.com	2 redirects
2	ads.us.e-planning.net	1 redirects s.adtelligent.com
2	onetag-sys.com	s.adtelligent.com
2	csync.loopme.me	2 redirects
2	cdn1.customads.co	customads.co
2	rtb-usw.mfadsrvr.com	2 redirects
2	sync.e-volution.ai	2 redirects
2	creativecdn.com	2 redirects
2	s.adtelligent.com	cm.mgid.com s.adtelligent.com
2	customads.co	cdn2.customads.co
2	cdn.mgid.com	beforeitsnews.com
2	c.mgid.com	jsc.mgid.com beforeitsnews.com
2	rddywd.com	beforeitsnews.com
2	www.prepperfortress.com	beforeitsnews.com
2	www.googletagmanager.com	beforeitsnews.com static.tradingview.com
1	content.zeotap.com	ads.pubmatic.com
1	a1.beforeitsnews.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	dmp.adform.net	1 redirects
1	beacon.krxd.net	bcp.crwdcntrl.net
1	cms.analytics.yahoo.com	1 redirects
1	rtb.gumgum.com	s.adtelligent.com
1	ads.playground.xyz	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	match.taboola.com	ads.pubmatic.com
1	trc.taboola.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	gocm.c.appier.net	1 redirects
1	ipac.ctnsnet.com	1 redirects
1	dps.jp.cinarra.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	cr-p3.ladsp.jp	1 redirects
1	tg.socdm.com	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	sync.console.adtarget.com.tr	1 redirects
1	cm.adform.net	s.console.adtarget.com.tr
1	js.cookieless-data.com	s.e-planning.net
1	tags.bluekai.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	stags.bluekai.com	1 redirects
1	dmp.brand-display.com	1 redirects
1	ssum-sec.casalemedia.com	r.casalemedia.com
1	ads.yahoo.com	eus.rubiconproject.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	sync.spotim.market	eus.rubiconproject.com
1	ups.analytics.yahoo.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	cm.ambientdsp.com	1 redirects
1	i.e-planning.net	ads.us.e-planning.net
1	r.casalemedia.com	ads.us.e-planning.net
1	ssum.casalemedia.com	1 redirects
1	vid.vidoomy.com	s.adtelligent.com
1	a4p.adpartner.pro	1 redirects
1	de.tynt.com	s.adtelligent.com
1	ic.tynt.com	1 redirects
1	s.console.adtarget.com.tr	s.adtelligent.com
1	www.google.com.au	beforeitsnews.com
1	sync.inmobi.com	1 redirects
1	contextual.media.net	beforeitsnews.com
1	id.rlcdn.com	beforeitsnews.com
1	cs.admanmedia.com	1 redirects
1	tags.rd.linksynergy.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	cm.idealmedia.io	beforeitsnews.com
1	cdn.id5-sync.com	jsc.mgid.com
1	s.tradingview.com	s3.tradingview.com
1	ajax.beforeitsnews.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	cdn2.customads.co	beforeitsnews.com
1	m.beforeitsnews.com	beforeitsnews.com
1	www.rumormillnews.com	beforeitsnews.com
1	settingbrushfires.com	beforeitsnews.com
1	iili.io	beforeitsnews.com
1	justusaknight.files.wordpress.com	beforeitsnews.com
1	external-content.duckduckgo.com	beforeitsnews.com
1	static-3.bitchute.com	beforeitsnews.com
1	borirait.site	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
0	cs.nex8.net Failed	us-u.openx.net
420	166

This site contains links to these domains. Also see Links.

Domain
www.herbanomics.com
www.tradingview.com
forum.beforeitsnews.com
www.youtube.com
widgets.mgid.com
www.mgid.com
traitslab.com
brainberries.co
herbeauty.co
telegram.org
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-14` - `2023-05-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.tradingview.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
amg-news.com cPanel, Inc. Certification Authority	`2022-08-18` - `2022-11-16`	3 months	crt.sh
static-3.bitchute.com R3	`2022-07-23` - `2022-10-21`	3 months	crt.sh
sp.rmbl.ws R3	`2022-07-31` - `2022-10-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.duckduckgo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-11-26`	a year	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-28` - `2023-01-28`	a year	crt.sh
www.rumormillnews.com R3	`2022-07-18` - `2022-10-16`	3 months	crt.sh
*.customads.co Amazon	`2021-10-29` - `2022-11-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
tradingview.com Amazon	`2022-04-09` - `2023-05-08`	a year	crt.sh
static.tradingview.com Amazon	`2022-06-23` - `2023-07-22`	a year	crt.sh
customads.co GTS CA 1D4	`2022-08-24` - `2022-11-22`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-07-31` - `2022-10-29`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-07-28` - `2022-10-26`	3 months	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2022-07-27` - `2022-10-25`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
ads.us.e-planning.net R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-09-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.audrte.com Amazon	`2022-02-24` - `2023-03-24`	a year	crt.sh
*.e-planning.net R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
i.e-planning.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-23` - `2023-02-03`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.cookieless-data.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-23` - `2023-03-22`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
events-ssc.33across.com GTS CA 1D4	`2022-07-21` - `2022-10-19`	3 months	crt.sh
sync-dsp.ad-m.asia GlobalSign GCC R3 DV TLS CA 2020	`2022-07-21` - `2023-08-22`	a year	crt.sh
*.jp.cinarra.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-14` - `2023-06-13`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.iprom.net R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh

This page contains 53 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: B21945BE0745ABC362D10D8F23D33659
Requests: 168 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20228312
Frame ID: E06855D2AE834D05F66F0D605EFF2A53
Requests: 4 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: 658716A59957C5A639A0CDE0875B4E84
Requests: 50 HTTP requests in this frame

Frame: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 6C15BECB7822E604454B9ADA07783E12
Requests: 4 HTTP requests in this frame

Frame: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: FD0D2D1C290173E773B9A63D7E9353A5
Requests: 4 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1662206420182776323313
Frame ID: B446F88A67F5E047E6C6878EB8D795F6
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=754484
Frame ID: 761D4E9DCD5A406A4FFF5E9CE6F9E921
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html
Frame ID: B7D3ECC4518848A98949A792DCF83185
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: AC2EE73FF23CE69335F4FD1EB20F6CE1
Requests: 13 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=968bf5de-6e97-4c97-aee3-ddd63bc15521
Frame ID: 65F835135FFD5F4554B50DCA7E4A5698
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 9329DCFE11FD65E18F9062E7E2BD6F95
Requests: 2 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: CA6AACB01E70D92A90B6BB2AED6994C6
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: EFF01F4356D475E6AB32F990AC9A703D
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 4C48AA7E0FDF0E67C8E511B76B5A4C76
Requests: 5 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: B5EA7758347437CE73C09916488152AC
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 3D655113C0F8E24BC047F03D97434E9D
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 023F95FECCDB8F93F41915C6F05A9ED8
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: AC02EAD1EFCC922E4F09A56023DAC596
Requests: 1 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D&s=190243&C=1
Frame ID: 354022A46130014E5C9A8583BF36E0F3
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: B5B50EE121B0C7050DC216CA3D946935
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7494DC50-8E6C-407B-8BC7-36E85E157FAE
Frame ID: 4F72D397952B25A51427A1BADEC36581
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:53bb6313-41d7-4b00-991d-c051071492f9&gdpr=0&gdpr_consent=
Frame ID: 68286B8DBFFF2332B36ED7AF0B785C50
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxNB1wAEcP_UZQBN&gdpr=0&gdpr_consent=&_test=YxNB1wAEcP_UZQBN
Frame ID: E805E931C7FEC19E469D9D59C028D1EE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wx4slej0xgb
Frame ID: CC2FD072191BD0567678DF1AF58CF2DF
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=7494DC50-8E6C-407B-8BC7-36E85E157FAE
Frame ID: 8BDB496FED585ACE3E98C49957CB7BDD
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: 3B48032A397E4619D448EC3BA1CE708A
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: C1866CE37AD35A28D7A7DC7DC4175B95
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AHfNCXQJMAFWuogX
Frame ID: ACB9DCC559B4EA6D0631A8E50F38F23A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 35775413E3A99A1077C86EF0AE849307
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: F0268B47218DEBD93BF21FE378577165
Requests: 12 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: D1A025A7BF127FA858EFE7D6F6B83C01
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: E7FB08D493AD7D293E70E1F2F1D2BF1B
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 14E7AD47AD1176635BD8A51D18E16F2F
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=7494DC50-8E6C-407B-8BC7-36E85E157FAE
Frame ID: 72E7CBBA4859E846624CC09D095039BD
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 81F42C102D47FA4D7C26EC1E8B8D7C6A
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: EAD82A081B41F4A95A8981B1912EA1A1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hFvMu99p1OurP45&gdpr=0&gdpr_consent=
Frame ID: D1B2A4B03A292EDCE01DDE76ABA15DAA
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 533D495A48E22440F2B10B86FFF50814
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ff8790b2-2b7f-11ed-b4ed-9640dae0e33a
Frame ID: ACD2AC59D0201B7743FA5041FA3607FB
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3ee33fbb-754d-4d27-ac3c-9340d4e4307d-tucta0cc75a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: DED4CBCBBE0F19870021119F04278EAF
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 28D0E0E3403BCCDF0F552F07A76B0C6C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 80C7BA22D46F0A379E49DE2C005C725F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: 582A29D6706B305B9804A680D68048D1
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: B70AE390A0CAD07546C8B3272C5FF7C1
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 594533FE14ECEB5E2B4FC898CF66238E
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=7494DC50-8E6C-407B-8BC7-36E85E157FAE
Frame ID: 78D41D8CA8ED9FA2899EBBA5B91B8DE2
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 2397149FE1C181FF2900442F11B02864
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C38%2C106%2C80%2C2&c=15238
Frame ID: D3469298B71A0E2B6FA35ED916538276
Requests: 7 HTTP requests in this frame

Frame: https://www.youtube.com/embed/yCKiWo-JLb8
Frame ID: A73C5049F96398357A22932FED5EC797
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EVj4aW_X3Zc
Frame ID: 7C0AE5B814EDF4A4285537C0C7C7B051
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/-ywsy5Imapc
Frame ID: 4C7356CB6495F23589B23A9203FE5BB6
Requests: 19 HTTP requests in this frame

Frame: data://truncated
Frame ID: 9EDC2A164182A469D40F850A5E063267
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 26A73A69437D974CB4B9ED4DDBAEBF69
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before It's News | People Powered News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

420
Requests

79 %
HTTPS

0 %
IPv6

105
Domains

166
Subdomains

99
IPs

10
Countries

10947 kB
Transfer

20711 kB
Size

161
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Ticker Tape

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720413

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://traitslab.com/movies/love-scenes-actors-regretted-filming/

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/10-fun-facts-about-squid-game-you-didnt-know-about/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/entertainment/top-10-curvaceous-celebrities-in-africa/

Search URL Search Domain Scan URL

URL: https://traitslab.com/tv/why-you-never-hear-about-conjoined-twins-abby-and-brittany-hensel-anymore/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/10-big-historical-mysteries-that-will-probably-never-be-solved/

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720415

Search URL Search Domain Scan URL

URL: https://herbeauty.co/lifestyle/10-most-influential-women-in-history/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 147

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=LDMWe3nl7bpfT5yyAQ1Z&pi=mgid&tc=1

Request Chain 148

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=6fa743a2-48a0-4cef-8781-82b2f587e02f&ttl=1664798420

Request Chain 149

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m83ksNi6BM05 HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=2817141643343613987&gdpr=0&gdpr_consent= HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 150

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzQ5NERDNTAtOEU2Qy00MDdCLThCQzctMzZFODVFMTU3RkFF&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzQ5NERDNTAtOEU2Qy00MDdCLThCQzctMzZFODVFMTU3RkFF&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D7494DC50-8E6C-407B-8BC7-36E85E157FAE HTTP 302
https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE

Request Chain 151

https://idsync.rlcdn.com/712107.gif?partner_uid=m83ksNi6BM05& HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKu7KxIYChQIARDDoQoaDG04M2tzTmk2Qk0wNRAAGg0I1YPNmAYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=efd46e475cd61b7da66f9f1b759a27c3064225e3bf8412641f2aa576c9b155d7791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBlZmQ0NmU0NzVjZDYxYjdkYTY2ZjlmMWI3NTlhMjdjMzA2NDIyNWUzYmY4NDEyNjQxZjJhYTU3NmM5YjE1NWQ3NzkxNDI2YjU0MTdkY2UyMRAAGgwI1YPNmAYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBlZmQ0NmU0NzVjZDYxYjdkYTY2ZjlmMWI3NTlhMjdjMzA2NDIyNWUzYmY4NDEyNjQxZjJhYTU3NmM5YjE1NWQ3NzkxNDI2YjU0MTdkY2UyMRAAGgwI1YPNmAYSBAgCEABCAEoA&google_error=3 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=4630dd2d-b24b-4eec-b825-f1160fab854b

Request Chain 152

https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D HTTP 302
https://cm.mgid.com/m?cdsp=675043&c=5d94d5bb-8942-48f9-a2f3-2f02de1dfeea

Request Chain 155

https://x.bidswitch.net/sync?dsp_id=303&user_id=m83ksNi6BM05 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=m83ksNi6BM05 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ac321931-d25f-4f40-9d8f-56bb2a02c19d&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 156

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=4d613990-fad6-48bf-95f3-927df609bf3f

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTgza3NOaTZCTTA1&muidn=m83ksNi6BM05 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTgza3NOaTZCTTA1&muidn=m83ksNi6BM05&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=m83ksNi6BM05&google_ula={guid},5&google_gid=CAESEHIt7e8nEj2vHtbxfVTLdu4&google_cver=1

Request Chain 158

https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A HTTP 302
https://cm.mgid.com/m?cdsp=718337&c=ID5-ZHMOeqX-V8LHhilxe3Lr3bdIoDOJlTK1gtPkKz48ww

Request Chain 159

https://pixel.rubiconproject.com/exchange/sync.php?p=mgid HTTP 302
https://cm.mgid.com/m?cdsp=43070&c=L7LUSCOL-V-JL0M

Request Chain 160

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=1dfebb45-e74b-4735-ae6c-47d4f640271e

Request Chain 211

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=968bf5de-6e97-4c97-aee3-ddd63bc15521

Request Chain 215

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP 307
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X

Request Chain 216

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Request Chain 217

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=9cfada2e-1e05-4e09-bff6-537439dec9dc

Request Chain 218

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=FQRQELZHOKWIL_B2QHSJG6JO

Request Chain 219

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8939661658751623204

Request Chain 220

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=1a10a256-7ad1-4bc9-adf0-c48e6466cb70

Request Chain 221

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1551876106988481962

Request Chain 222

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=1dfebb45-e74b-4735-ae6c-47d4f640271e

Request Chain 224

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
https://cm.mgid.com/m?cdsp=617666&c=014a198f7447c58f

Request Chain 227

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
https://eus.rubiconproject.com/usync.html?p=17184-d

Request Chain 230

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Df1ce10a55bd22640 HTTP 302
https://pixel.sitescout.com/dmp/pixelSync?cookieQ=1&network=EPLANNING&rurl=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Df1ce10a55bd22640 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553%26partner_url%3Dhttps%253A%252F%252Fu-sin01.e-planning.net%252Fum%253Fuid%253D745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553%2526dc%253D0abbcb4eba840e59%2526fi%253Df1ce10a55bd22640 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553%26partner_url%3Dhttps%253A%252F%252Fu-sin01.e-planning.net%252Fum%253Fuid%253D745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553%2526dc%253D0abbcb4eba840e59%2526fi%253Df1ce10a55bd22640&ct=y

Request Chain 231

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Df1ce10a55bd22640%26uid%3D%24%7BUID%7D HTTP 302
https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=f1ce10a55bd22640&uid=9cfada2e-1e05-4e09-bff6-537439dec9dc

Request Chain 233

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Df1ce10a55bd22640%26uid%3D%24UID HTTP 302
https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=f1ce10a55bd22640&uid=8939661658751623204

Request Chain 235

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D HTTP 302
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D&s=190243&C=1

Request Chain 237

https://c1.adform.net/serving/cookie/match?party=14&cid=7494DC50-8E6C-407B-8BC7-36E85E157FAE HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7494DC50-8E6C-407B-8BC7-36E85E157FAE

Request Chain 238

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:53bb6313-41d7-4b00-991d-c051071492f9&gdpr=0&gdpr_consent=

Request Chain 239

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YxNB1wAEcP_UZQBN HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxNB1wAEcP_UZQBN&gdpr=0&gdpr_consent=&_test=YxNB1wAEcP_UZQBN

Request Chain 240

https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wx4slej0xgb

Request Chain 242

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dJTcUI5sQHuLxzboXhV_rg%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 243

https://idsync.rlcdn.com/420486.gif?partner_uid=7494DC50-8E6C-407B-8BC7-36E85E157FAE HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=efd46e475cd61b7da66f9f1b759a27c3064225e3bf8412641f2aa576c9b155d7791426b5417dce21&_=2 HTTP 307
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d HTTP 302
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d&_expected_cookie=c3b28c83b2e40ff722e0674366eb4e3f

Request Chain 244

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=091b6313-41d7-4400-a5b1-0aa92842465b

Request Chain 245

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAA9Uk45m-faYpB0Edwl32k&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D7494DC50-8E6C-407B-8BC7-36E85E157FAE HTTP 302
https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE

Request Chain 246

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:AAD03D0E7B304BCBAC1BF2DCD2D7430C

Request Chain 248

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6fa743a2-48a0-4cef-8781-82b2f587e02f HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D7494DC50-8E6C-407B-8BC7-36E85E157FAE HTTP 302
https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE

Request Chain 249

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aZzC3Guel9hyzpeNOZ_eiT7Nwd9ymMPWbJqOIUU6 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7494DC50-8E6C-407B-8BC7-36E85E157FAE&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6svmn1tE2uV0moaAsVihQUG.i_LGpkY-~A&gdpr=0&gdpr_consent=

Request Chain 250

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=35e7e536-bc52-4779-9819-c50a96e3eb46&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ac321931-d25f-4f40-9d8f-56bb2a02c19d&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7612805607885766021 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 251

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8939661658751623204&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D7494DC50-8E6C-407B-8BC7-36E85E157FAE HTTP 302
https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE

Request Chain 253

https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&khaos=L7LUSCU2-1Z-6XU7 HTTP 302
https://sync.spotim.market/csync?t=a&ep=323557&extuid=

Request Chain 254

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/P_numMiLOBMXEDh58r1nB8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3267689072523275593

Request Chain 255

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdMVVNDVTItMVotNlhVNw==

Request Chain 256

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Tm5AZoviSaWhGOtcoPfHLw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Tm5AZoviSaWhGOtcoPfHLw

Request Chain 257

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7LUSCU2-1Z-6XU7

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC8pxs52RqrtcoANXT19rAU&google_cver=1

Request Chain 259

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6fa743a2-48a0-4cef-8781-82b2f587e02f&gdpr=0&gdpr_consent=&expires=30

Request Chain 260

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDE0ZDI4NDUyN2RmZTdjYjZiMGNmMzI1NDM1YTI0OTI0MjMyZGRlMQ

Request Chain 261

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7LUSCU2-1Z-6XU7&sigv=1&esig=2~6e014f3ad416634828e0a8351ce8a60692f6bc19

Request Chain 265

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YxNB1_uWBS4xVSeHaXJ-dQAAJucAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELKT_nluyTwYVX-ODVbt48o&google_cver=1

Request Chain 266

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YxNB1-uWBS4xVSeHaXJ.dQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEHxDxR9c7C-E7X5IPBvcDA&google_cver=1&google_hm=2

Request Chain 267

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6fa743a2-48a0-4cef-8781-82b2f587e02f&expiration=1664798424&gdpr=0&gdpr_consent=

Request Chain 268

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YxNB1_uWBS4xVSeHaXJ-dQAAJucAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YxNB1_uWBS4xVSeHaXJ-dQAAJucAAAAB&dcc=t

Request Chain 269

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7612805607885766021&expiration=1663416025

Request Chain 270

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=121542ab-c661-3e6e-5c0c3f68

Request Chain 271

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=091b6313-41d7-4400-a5b1-0aa92842465b

Request Chain 272

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://stags.bluekai.com/site/23178?id=4iT3UqWL99R67EkS73tt&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NDJKQZVK4KXJQ4TSURWG5CWWUZXGN2HI HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NDJKQZVK4KXJQ4TSURWG5CWWUZXGN2HI HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=4iT3UqWL99R67EkS73tt

Request Chain 274

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Request Chain 275

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1662206424251.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D

Request Chain 276

https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=93&user_id=6fa743a2-48a0-4cef-8781-82b2f587e02f&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=ac321931-d25f-4f40-9d8f-56bb2a02c19d HTTP 302
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ac321931-d25f-4f40-9d8f-56bb2a02c19d&ts=1662206425&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 277

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1662206424251.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=091b6313-41d7-4400-a5b1-0aa92842465b

Request Chain 278

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
https://tags.bluekai.com/site/17724?id=745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553 HTTP 302
https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553 HTTP 302
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553&ts=1662206426&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 279

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1662206424251.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=8939661658751623204

Request Chain 283

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=14945c88350a2366

Request Chain 286

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L7LUSCU2-1Z-6XU7 HTTP 302
https://ssc-cms.33across.com/ps/?xi=1&xu=L7LUSCU2-1Z-6XU7 HTTP 302
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L7LUSCU2-1Z-6XU7&ts=1662206426&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 290

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=enLf3Q4cxM4yDt_Wa5wx6w==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 292

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=091b6313-41d7-4400-a5b1-0aa92842465b

Request Chain 293

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3293074221158852118&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 294

https://match.adsrvr.org/track/cmf/openx?oxid=a52455e1-a79a-7de0-d47a-9361b8850b51&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6fa743a2-48a0-4cef-8781-82b2f587e02f&ttd_puid=a52455e1-a79a-7de0-d47a-9361b8850b51&gdpr=0&gdpr_consent=

Request Chain 295

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YxNB2sCo8YQAAK5wfQQAAAAA

Request Chain 296

https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
https://cr-pall.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Afbg-o4GsV2kks8ADsaW5sBw6M8AAAGDAzlASg

Request Chain 298

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK3m9NDMKaiY2OCiGZfC6NI&google_cver=1

Request Chain 304

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=368a2055f3b843b891f4d04fae5541d2 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 305

https://gocm.c.appier.net/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=q_rH4h6fCQulUX1z2kETYw HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 306

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hFvMu99p1OurP45&gdpr=0&gdpr_consent=

Request Chain 307

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1662206426616 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6623687409 HTTP 302
https://sync.1rx.io/usersync/tradedesk/6fa743a2-48a0-4cef-8781-82b2f587e02f HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e6dbed26-2ea9-45a3-b5ec-bc1f4e90b9d4-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-e6dbed26-2ea9-45a3-b5ec-bc1f4e90b9d4-004 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e6dbed26-2ea9-45a3-b5ec-bc1f4e90b9d4-004 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 308

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ff8790b2-2b7f-11ed-b4ed-9640dae0e33a

Request Chain 309

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3ee33fbb-754d-4d27-ac3c-9340d4e4307d-tucta0cc75a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 310

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 312

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0

Request Chain 314

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AAD03D0E7B304BCBAC1BF2DCD2D7430C HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 316

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7494DC50-8E6C-407B-8BC7-36E85E157FAE&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7494DC50-8E6C-407B-8BC7-36E85E157FAE&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 318

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=7494DC50-8E6C-407B-8BC7-36E85E157FAE HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=7494DC50-8E6C-407B-8BC7-36E85E157FAE HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6e5cc988-5580-4842-b06f-f6373a1d5d26%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6fa743a2-48a0-4cef-8781-82b2f587e02f&ttd_puid=6e5cc988-5580-4842-b06f-f6373a1d5d26%2C

Request Chain 319

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3221016627120924182&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 320

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8939661658751623204

Request Chain 321

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7494DC50-8E6C-407B-8BC7-36E85E157FAE&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=51ee744dee9225f&is_secure=true&networkId=17100&version=1&nuid=7494DC50-8E6C-407B-8BC7-36E85E157FAE&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNg52gD1NQANGSTgVAAAAAAA&expiration=1662292827&nuid=7494DC50-8E6C-407B-8BC7-36E85E157FAE&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 326

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-1EbsjVdE2pwE36LoCnpVN0mcQz7mfU102fY-~A&gdpr=0

Request Chain 327

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=091b6313-41d7-4400-a5b1-0aa92842465b&src=lot&gdpr=0

Request Chain 328

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=edf37ddd9a15ec15e9814c50cf8f02a&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6e5cc988-5580-4842-b06f-f6373a1d5d26%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D6e5cc988-5580-4842-b06f-f6373a1d5d26&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6fa743a2-48a0-4cef-8781-82b2f587e02f&ttd_puid=6e5cc988-5580-4842-b06f-f6373a1d5d26%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D6e5cc988-5580-4842-b06f-f6373a1d5d26 HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=6e5cc988-5580-4842-b06f-f6373a1d5d26

Request Chain 330

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=815292301 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8939661658751623204/gdpr=0/rand=815292301

Request Chain 332

https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=9ghdjDIXfSSQ7KguejbLBjFLw&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=9ghdjDIXfSSQ7KguejbLBjFLw&gdpr=0&gdpr_consent=

Request Chain 333

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=7612805607885766021 HTTP 302
https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D{PUB_USER_ID}%26p%3D560038091 HTTP 302
https://a.audrte.com/match?uid=1dfebb45-e74b-4735-ae6c-47d4f640271e&p=560038091 HTTP 302
https://a.audrte.com/p

Request Chain 334

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=9ghdjDIXfSSQ7KguejbLBjFLw&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=9ghdjDIXfSSQ7KguejbLBjFLw&gdpr=0&gdpr_consent=&google_gid=CAESEI4_D1wBJszho12d1CqvJ8Q&google_cver=1 HTTP 302
https://a.audrte.com/p

420 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
beforeitsnews.com/ 123 KB
25 KB 961ms
746ms Document
text/html 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e1509d864f7ebedfc3e373c05b4deda1a8b57e81ae7b1a8322e8d55b0bf9691

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-allow-origin: *
access-control-max-age: 3628800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 744e52f98fdba937-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 03 Sep 2022 12:00:17 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 d0TEFA1ti-Js6iM74ltdqi389Jg.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 112ms
110ms Script
application/javascript 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/d0TEFA1ti-Js6iM74ltdqi389Jg.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d01eee8af54b3ea2049757a2f70dee96fa85fcc3e701a7ba0d4c5bd2fcd91e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 7193934
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: H0M6X1BWMY4GR30T
x-amz-id-2: kIfkUbhaIkp4ECbmZEvS1akGta8uvNX05hfqSkURKnK22xiguH6dqhabii0w3bpjALtAlmfCszA=
last-modified: Sun, 12 Jun 2022 05:41:00 GMT
server: cloudflare
etag: W/"7291ca9c7b46eeb160385263b9721596"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: X3HmeONKJ9H2z.qUWNLSZloFfmqkAw0k
cf-ray: 744e52fe4d05a937-SYD

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 583ms
195ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

968223d9a08ecd504af62126c91de12e96fe95e2a3c00853d9b1a268dd6af653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 03 Sep 2022 12:00:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 03 Sep 2022 12:00:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Sep 2022 12:00:18 GMT

GET
H2 200 global-bin-rev-20220517.css
beforeitsnews.com/static/css-v3/ 16 KB
4 KB 114ms
112ms Stylesheet
text/css 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a194ace54f5bfe33571be8873a85b98bfa9f7e7b7e9afc9e6fd9a354b23dd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2605381
cf-polished: origSize=16027
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:39 GMT
server: cloudflare
etag: W/"628286bb-3e9b"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 744e52fe4d07a937-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 08 Aug 2022 11:17:36 GMT

GET
H2 200 fancybox-bin-rev-20220517.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 120ms
119ms Stylesheet
text/css 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20220517.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2604801
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:39 GMT
server: cloudflare
etag: W/"628286bb-1f5d"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 744e52fe4d08a937-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:07:19 GMT

GET
H2 200 home-bin-rev-20220517.css
beforeitsnews.com/static/css-v3/ 29 KB
7 KB 216ms
215ms Stylesheet
text/css 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20220517.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2604973
cf-polished: origSize=29354
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:39 GMT
server: cloudflare
etag: W/"628286bb-72aa"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 744e52fe4d0aa937-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:09:25 GMT

GET
H2 200 responsive-bin-rev-20220517.css
beforeitsnews.com/static/css-v3/ 20 KB
4 KB 120ms
119ms Stylesheet
text/css 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20220517.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ee5811c76d7723bfd84473090c1a356eaaf8e383d33dfc592275a375c9197fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2605587
cf-polished: origSize=21003
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:39 GMT
server: cloudflare
etag: W/"628286bb-520b"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 744e52fe4d0ca937-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:08:14 GMT

GET
H2 200 web-responsive-bin-rev-20220517.css
beforeitsnews.com/static/css-v3/ 371 B
236 B 214ms
213ms Stylesheet
text/css 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/web-responsive-bin-rev-20220517.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2604801
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:39 GMT
server: cloudflare
etag: W/"628286bb-173"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 744e52fe4d0da937-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:08:14 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
57 KB 113ms
112ms Script
application/javascript 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2605587
cf-polished: origSize=149701
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 744e52fe4d0ea937-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:08:14 GMT

GET
H2 200 global-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 12 KB
4 KB 214ms
214ms Script
application/javascript 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2604801
cf-polished: origSize=12613
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:01 GMT
server: cloudflare
etag: W/"62828695-3145"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 744e52fe4d10a937-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:08:14 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 119ms
113ms Image
image/webp 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 4546578
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 12 Jul 2023 19:52:15 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e530138cba937-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 10 KB
11 KB 640ms
217ms Script
text/javascript 18.155.68.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-14.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb51d1e5236e0daeb078e0df8e945e5a0afc06e83e0ed54281d9af4877f58df0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:05:20 GMT
via: 1.1 38f7a6091a95b3808d7a0f553df4fd56.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 11:05:00 GMT
server: AmazonS3
age: 3299
etag: "ec810cf189244421fbba88a8fb7661b4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: SIN52-P1
accept-ranges: bytes
content-length: 10745
x-amz-cf-id: qSReW2y9op6VHI5JghUeVEju5JInDAWytMSjRz0uP31dRtWyHbh1fQ==

GET
H3 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 124ms
124ms Image
image/webp 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 7962517
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 03 Jun 2023 08:07:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e5301fd31a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
550 B 118ms
117ms Image
image/webp 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2130153
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 06 Jul 2023 22:41:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e5301fd33a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/qLZvUkagdgY/ 9 KB
9 KB 591ms
195ms Image
image/jpeg 172.253.118.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/qLZvUkagdgY/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f119.1e100.net

Software

sffe /

Resource Hash

54227bdfe86fe142392ffb47b826c1369351d0e32706729a13b33a8ce033c765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8907
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Sep 2022 14:00:18 GMT

GET
H2 200 beforeitsnews.com.720413.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 317ms
107ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de45bcb98a25e03737c45b0282d1b142498e520b5749f3168761c854f2769436

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 4159
cf-polished: origSize=2325
last-modified: Wed, 08 Jun 2022 10:22:53 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3HX86DP1T6J5QYNB
x-amz-id-2: BziYaNnSjk+B+yIr4eH2+3VFpKaaQK3zsuq2UaA3vqs4RrNB4Gq9qF1xFiUrhWUtz2xZk+DfHfs=
cf-bgj: minify
server: cloudflare
etag: W/"c8ca8c91465df93ec2b2353cb4d22528"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: h2gcAzOdRLLF9QnXLtFsjl04pvq8_KVw
cf-ray: 744e53034e29a81f-SYD
expires: Sat, 03 Sep 2022 15:00:18 GMT

GET
H2 200 beforeitsnews.com.720415.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 318ms
108ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ff0b1664e2f0f0fa78dca3bcac5ffd9801d90220c7deed2153b7c06e9e05905

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 3247
cf-polished: origSize=2325
last-modified: Wed, 08 Jun 2022 10:22:49 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CK7GD508JC27WG7V
x-amz-id-2: ZPgzFWZrjJBQEGHqlk13UEnOYkBIf9Z7aOm6ULyD2cU5w+5HQL2/SrqxVWuDE/EkG6hh4U+YRGs=
cf-bgj: minify
server: cloudflare
etag: W/"932eb82033fc190930e7ca2beade011a"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: 5m3XsIWMsBOAUQb6COJZDyVcOeCyq.Ug
cf-ray: 744e53034e2ba81f-SYD
expires: Sat, 03 Sep 2022 15:00:18 GMT

GET
H3 200 tabs-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 148 B
629 B 128ms
127ms Script
application/javascript 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2604654
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:04 GMT
server: cloudflare
etag: W/"62828698-bd"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 744e52ffab96a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:07:57 GMT

GET
H2 200 12098 Show response
borirait.site/easylist/ 202 KB
42 KB 862ms
646ms Script
text/javascript 104.21.42.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borirait.site/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.42.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88687897a17783a2258d97a050b493609009a7e4db09e9697a519627af8f0a22

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"da1d39dfd34ae2189c0eb265617258a7d7362ca2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVqSy4u1%2FqwoYKyo0KEg5MLuqFq3yQkHzHfN4BWmFvqcMMZ1Typy%2F3%2Fm4cHDXhH3aWKzUO6EA4oD%2F2V%2B6y7wFIVRfgk3a5wN08R9c5wFbVLkwks6fe4IIT3UbBMuEH%2B1"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 744e53035904aacf-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jsDeferParsing-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 123ms
122ms Script
application/javascript 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f3eba1194c88bed5aea71a0e612cac14a5f13af4b072395d3327a462a050325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2605564
cf-polished: origSize=6187
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:03 GMT
server: cloudflare
etag: W/"62828697-182b"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 744e53006c27a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:07:57 GMT

GET
H3 200 uIS3tZuchjgsdVfZJ4tq9DNH3cA.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 119ms
117ms Script
application/javascript 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/uIS3tZuchjgsdVfZJ4tq9DNH3cA.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/d0TEFA1ti-Js6iM74ltdqi389Jg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea96fd7ce63932fbc9213224d869baa7def0ffbd857e9e49a810f1c7c85fae6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 7193879
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9RS7408F5DYD1ZVE
x-amz-id-2: 4TWOjzuWGGeO+5bIUtg+1wldeesZDFl9NS8eC7oIg1Y+dD06mDRgDsCwPCdc/vdmoV02tfUgzao=
last-modified: Sun, 12 Jun 2022 05:41:00 GMT
server: cloudflare
etag: W/"9c4467cd9e662b0279cdde807d82daa1"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: gaZSMZ.GDpEX.J6NBpTgInhRq7_87cCL
cf-ray: 744e53020d35a83d-SYD

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
43 KB 590ms
196ms Script
application/javascript 142.251.10.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

5a8b18b2ba7eebc250a8e4773d8f35dfedc334713d68019cb48a9e96e751c178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43621
x-xss-protection: 0
expires: Sat, 03 Sep 2022 12:00:18 GMT

GET
H3 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
633 B 119ms
118ms Image
image/webp 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1665854
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 15 Aug 2023 02:31:01 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 744e53020d36a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 search.png
beforeitsnews.com/img/b4in/ 686 B
1 KB 316ms
315ms Image
image/webp 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2604654
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 29 Jul 2023 18:04:21 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 744e53020d37a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
11 KB 580ms
193ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 15:12:35 GMT
x-content-type-options: nosniff
age: 506863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 15:12:35 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v14/ 15 KB
15 KB 609ms
222ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v14/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 09:51:24 GMT
x-content-type-options: nosniff
age: 7734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15104
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Sep 2023 09:51:24 GMT

GET
H2 200 derekjohnsonusamilitaryveterancountrybillboardcountrycharts.png
www.ournewearthnews.com/wp-content/uploads/2022/09/ 405 KB
406 KB 339ms
107ms Image
image/png 104.21.21.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ournewearthnews.com/wp-content/uploads/2022/09/derekjohnsonusamilitaryveterancountrybillboardcountrycharts.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.21.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f6b546d74233fbed8224b942f1571c5b9ef1ef6c68ba3b6d0ac48f7ec847e6b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68739
x-ezoic-cdn: Hit ds;mm;66c15d0520fdca604996587229d0e025;2-354153-0;74f9539a-e458-41a1-5026-a39da56544fb
x-middleton-display: staticcontent_sol
last-modified: Fri, 02 Sep 2022 16:34:34 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-nginx-cache: WordPress
response: 200
server: cloudflare
x-frame-options: SAMEORIGIN
x-origin-cache-control: max-age=86400
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2HAYxV%2FYyPrhlzD7sjDx1IiT7yPKNQxIEHUHZCWtVOYscU6zd4dEPk81coIoLb7z3ocfRMtAWHDC6%2FWtzgCKVrFwtyhbK4x9nGYOl%2FDbSm1NrwHO6BYqjGuNxuh6UnwkWg8yePEwsiebw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 744e5303bc38a7ed-SYD
display: staticcontent_sol

GET
H/1.1 200
OK amg-news.jpg
amg-news.com/wp-content/uploads/2022/05/ 154 KB
154 KB 1646ms
816ms Image
image/jpeg 77.81.165.130
TLH-AS Pasaj SCAR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2022/05/amg-news.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 77.81.165.130 Bucharest, Romania, ASN59854 (TLH-AS Pasaj SCARILOR Nr 2, RO),
Reverse DNS: c3130.tlh.ro
Software: nginx /
Resource Hash: 3b1d676c9e21b188ea98095a67361ba9bf3e6bf8a59ebf86b2444a1a6c9d5a27

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:19 GMT
Last-Modified: Fri, 02 Sep 2022 14:08:10 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 157808
Content-Type: image/jpeg

GET
H3 200 OIP%20(1)(90).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
13 KB 177ms
168ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(90).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a5def112a50a4851378065e3b8c8d5718ea46fb62bc32e04960803605e6b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7249192
cf-polished: origSize=13542, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12521
last-modified: Mon, 13 Sep 2021 00:31:55 GMT
server: cloudflare
etag: "613e9bfb-34e6"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 09 Jun 2023 08:15:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e53025d6ba83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 6s35lu.jpg
i.imgflip.com/ 78 KB
79 KB 441ms
210ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6s35lu.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46552d3fa970f030193828d69e9f964937b8bf98b5154007ad45d6f4735e2438

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
cf-cache-status: HIT
age: 31628
cf-polished: origSize=80824
cf-ray: 744e5303b890a8b6-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80296
x-amz-id-2: iFHfEvxBVY3mQ37R47q3D6uFE1750X01RjfLAnHj/lE16REvZ4sYOXQwAYoLkhCVaMfZH6frim8=
last-modified: Sat, 03 Sep 2022 03:08:14 GMT
server: cloudflare
etag: "56b117eb67826134a2c3ea9c03d092bd"
vary: Accept-Encoding
x-amz-request-id: KE6PV6X8AVC7NNXA
access-control-allow-origin: *
expires: Tue, 31 Aug 2032 12:00:18 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 Cnuomp4xe6U7_320x180.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 16 KB
16 KB 1397ms
684ms Image
image/jpeg 138.199.46.66
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/Cnuomp4xe6U7_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.46.66 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-138-199-46-66.datapacket.com

Software

BunnyCDN-SG-858 /

Resource Hash

c88bfeee9fe75876435148968ef09c0fa6d99f836bb0cbadb2c3e5becc72a5ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
cdn-edgestorageid: 749
x-amz-request-id: tx00000000000000afb10b5-0063121f2a-21d2756d-nyc3a
cdn-cachedat: 09/02/2022 15:20:10
cdn-pullzone: 89010
content-length: 15995
cache-control: public, max-age=31919000
server: BunnyCDN-SG-858
last-modified: Fri, 02 Sep 2022 13:56:37 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 8b738a0b055980d0df50dd0711ed7ece
accept-ranges: bytes
cdn-requestcountrycode: AU
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 N6LCf.oq1b-small-SITUATION-UPDATE-9222.jpg
sp.rmbl.ws/s8/1/N/6/L/C/ 17 KB
17 KB 310ms
102ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/N/6/L/C/N6LCf.oq1b-small-SITUATION-UPDATE-9222.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 680bdd7119f5914491d1883f5bc4e27b68c6567d30665a301f0fbf6d4a49416f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
last-modified: Fri, 02 Sep 2022 21:08:08 GMT
server: nginx
etag: "c72227adbbab63868b4caa7354ac417b"
x-hw: 1662206418.cds203.sy2.hn,1662206418.cds021.sy2.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=43265
accept-ranges: bytes
content-length: 17398

GET
H2 200 ZMPCf.oq1b-small-Ep.-2865b-Sometimes-You-Mus.jpg
sp.rmbl.ws/s8/1/Z/M/P/C/ 37 KB
38 KB 405ms
197ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/Z/M/P/C/ZMPCf.oq1b-small-Ep.-2865b-Sometimes-You-Mus.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 887c490048589e3276d19bd2c5b78626a4caf5e84c6d580c45dcdc3c8ab5284a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
last-modified: Fri, 02 Sep 2022 22:51:58 GMT
server: nginx
etag: "aaeef2cecad4d4a7c8143424923d4c3d"
x-hw: 1662206418.cds203.sy2.hn,1662206418.cds019.sy2.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=40069
accept-ranges: bytes
content-length: 38246

GET
H2 200 ZeQBf.oq1b-small-SITUATION-UPDATE-9122.jpg
sp.rmbl.ws/s8/1/Z/e/Q/B/ 25 KB
25 KB 485ms
278ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/Z/e/Q/B/ZeQBf.oq1b-small-SITUATION-UPDATE-9122.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 29ffacbdaa134fadd6aab4109e67220209788faca266b634a110658b41615d97

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
last-modified: Thu, 01 Sep 2022 17:55:25 GMT
server: nginx
etag: "42baaabfee14645f985310863d595648"
x-hw: 1662206418.cds203.sy2.hn,1662206418.cds015.sy2.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=44164
accept-ranges: bytes
content-length: 25726

GET
H2 200 6rh5ze.jpg
i.imgflip.com/ 50 KB
51 KB 172ms
171ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6rh5ze.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c78141a7f7449cdfee0d070c186f12bb53e974961e52007ab58b4190134ba878

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
cf-cache-status: HIT
age: 465600
cf-polished: origSize=51951
cf-ray: 744e5303f8b7a8b6-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51538
x-amz-id-2: OFndMPJ00+ya7YiHZhliztC5jb6vsOrb8MdBHIiWIgKMrk2Q6U6LcHmpNwnRdx44Fd6k9MEkWq0=
last-modified: Mon, 29 Aug 2022 02:31:50 GMT
server: cloudflare
etag: "a08537254f000fcfeb12b2d381f0951c"
vary: Accept-Encoding
x-amz-request-id: HG9G6ZA2KYB013BC
access-control-allow-origin: *
expires: Tue, 31 Aug 2032 12:00:18 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 1%20%20%20%20%20%20%20TOP%20thumb%20BOOM!%202022-08-31%2023-40-26_Moment.jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 35 KB
35 KB 377ms
368ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/1%20%20%20%20%20%20%20TOP%20thumb%20BOOM!%202022-08-31%2023-40-26_Moment.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e69ff7af87960b61da9b1477435fcbbed21eec5c6bc16788ec6ada3efb3ec7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 169819
cf-polished: origSize=38173, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35676
last-modified: Thu, 01 Sep 2022 12:30:23 GMT
server: cloudflare
etag: "6310a5df-951d"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 01 Sep 2023 12:38:30 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e53025d6ea83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 6s3fzp.jpg
i.imgflip.com/ 128 KB
129 KB 411ms
210ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6s3fzp.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6912dcc7488b46734313867af8275688569bc6f9d686f7f9a63b2f5ad37649df

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
cf-cache-status: HIT
age: 22296
cf-polished: origSize=132074
cf-ray: 744e5303b88ea8b6-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 131508
x-amz-id-2: 2VAiOy3vDoY+qyMO1fzF/N7jb5Ksls+2wj6cOUjNbhHmnbemHeqVXsBr+jAEPpPdzol9+rVWJGc=
last-modified: Sat, 03 Sep 2022 05:44:06 GMT
server: cloudflare
etag: "21a9370d088bdf4086d3b21be9426e4c"
vary: Accept-Encoding
x-amz-request-id: XKN3VZWPPBBF6TPM
access-control-allow-origin: *
expires: Tue, 31 Aug 2032 12:00:18 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 KXjeKc16gZO61W46nptWmd66_small.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 10 KB
11 KB 378ms
370ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/KXjeKc16gZO61W46nptWmd66_small.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a46105885c5a86da7684c935f2647f6dd95b168d24968484041c704525fbd31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2281599
cf-polished: origSize=10923, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10414
last-modified: Sat, 14 Aug 2021 16:47:10 GMT
server: cloudflare
etag: "6117f38e-2aab"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 06 Aug 2023 13:16:43 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e53025d70a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 6ru9eu.jpg
i.imgflip.com/ 97 KB
98 KB 310ms
109ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6ru9eu.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf10c965758f866e121f2f5ca0542edaf68516a3e1f5effbfdc1a1ba694f3b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
cf-cache-status: HIT
age: 204366
cf-polished: origSize=99839
cf-ray: 744e5303b88fa8b6-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 99526
x-amz-id-2: crmfzUuhFPXqVR3P4gHd9DhKpCpySYzMAoNEpRAEmgiJ/2TtL7UFDItoDuM7JqtbZQ/WbNAT8sk=
last-modified: Thu, 01 Sep 2022 03:04:05 GMT
server: cloudflare
etag: "293f45c8fd8ed4e9bf07f7f57e6fe411"
vary: Accept-Encoding
x-amz-request-id: KHX8FVSJ8SGBVGAS
access-control-allow-origin: *
expires: Tue, 31 Aug 2032 12:00:18 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 OIP%20(2)(26).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 23 KB
24 KB 379ms
370ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(2)(26).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58bd6ac05b9a699dfa8264cbde0ef9556cc22fec98a2b86331907a12f1c825df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 123175
cf-polished: origSize=24910, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23911
last-modified: Sat, 23 Jan 2021 16:37:30 GMT
server: cloudflare
etag: "600c50ca-614e"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 01 Sep 2023 17:01:08 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e53025d71a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 hqdefault(318)(2).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 15 KB
15 KB 277ms
268ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/hqdefault(318)(2).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c8288a0739ac7b9d71592f12c6da487bd2c63cc2657a561e6089f93ff1bfd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 64729
cf-polished: origSize=15544, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15130
last-modified: Mon, 04 Apr 2022 02:23:56 GMT
server: cloudflare
etag: "624a56bc-3cb8"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 02 Sep 2023 02:36:39 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e53025d72a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK Fara-titlu-Copie.png
amg-news.com/wp-content/uploads/2022/01/ 1 MB
1 MB 1640ms
832ms Image
image/png 77.81.165.130
TLH-AS Pasaj SCAR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2022/01/Fara-titlu-Copie.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 77.81.165.130 Bucharest, Romania, ASN59854 (TLH-AS Pasaj SCARILOR Nr 2, RO),
Reverse DNS: c3130.tlh.ro
Software: nginx /
Resource Hash: 70f711ef87e155826d38cf362563b3c3a902827ea2f1704cda6343a914533be1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:20 GMT
Last-Modified: Tue, 29 Mar 2022 16:48:10 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1503328
Content-Type: image/png

GET
H2 200 6rz24r.jpg
i.imgflip.com/ 74 KB
74 KB 171ms
171ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6rz24r.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87327f2a756f72d9e271cb8cffea395f4172e37702419faf7cdb73e66bc6ed30

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
cf-cache-status: HIT
age: 112353
cf-polished: origSize=75823
cf-ray: 744e5303f8b9a8b6-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75271
x-amz-id-2: 007UVzDdYyQddPOW+amkHC4t6HcS73+WIgSGLvSnAlR3zT7+0FFCkezuKzZInGV35yCY27qJkEs=
last-modified: Fri, 02 Sep 2022 04:38:56 GMT
server: cloudflare
etag: "4c7e13b924d32af2db8c77e241f9c765"
vary: Accept-Encoding
x-amz-request-id: NHEHCD0CV167S8K5
access-control-allow-origin: *
expires: Tue, 31 Aug 2032 12:00:18 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/HhL5xofjH38/ 24 KB
25 KB 809ms
415ms Image
image/jpeg 142.250.4.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/HhL5xofjH38/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

sffe /

Resource Hash

ac5e2759087c1b1e3c5fb878b96e8a188150e16fdd393ccc101a487dbe8be878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:36:02 GMT
x-content-type-options: nosniff
age: 1456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25047
x-xss-protection: 0
server: sffe
etag: "1661938601"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Sep 2022 13:36:02 GMT

GET
H2 200 /
external-content.duckduckgo.com/iu/ 17 KB
19 KB 758ms
375ms Image
image/jpeg 20.43.160.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Ftse4.mm.bing.net%2Fth%3Fid%3DOIP.Wgkn9-UTxfyKcVdRohAzRgHaEK%26pid%3DApi&f=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.43.160.189 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

8c4b4747f904e069ae8f2376f6080a2ce4d6d86a8d076e0217e66dd05142cbee

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-duckduckgo-locale: en_AU
date: Sat, 03 Sep 2022 12:00:19 GMT
referrer-policy: origin
server: nginx
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
content-disposition: inline; filename="th-1553509498"; filename*=UTF-8''th-1553509498
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
strict-transport-security: max-age=31536000
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
expires: Sun, 03 Sep 2023 12:00:19 GMT

GET
H2 200 screen-shot-2022-09-02-at-8.08.50-am.png
justusaknight.files.wordpress.com/2022/09/ 573 KB
574 KB 313ms
104ms Image
image/png 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://justusaknight.files.wordpress.com/2022/09/screen-shot-2022-09-02-at-8.08.50-am.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

713a139d1eb7768fd66828026d2749e070b09f3aac3461ee4ad362f68b6242e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT syd 23 np
date: Sat, 03 Sep 2022 12:00:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 02 Sep 2022 15:19:25 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://justusaknight.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 586661
expires: Sun, 02 Oct 2022 18:39:24 GMT

GET
H2 200 4Nbt9f.jpg
iili.io/ 13 KB
13 KB 624ms
215ms Image
image/jpeg 104.21.234.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/4Nbt9f.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75bcccbee440b0d40c7983d5af46689421bd0f039d6f1ef4b7debae516d4876b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
access-control-allow-methods: GET, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 384096
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13101
last-modified: Tue, 30 Aug 2022 01:05:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeIht6GEcMM0i5u5zuF2rXwHY4MqxkzEoM20jQH4apuGDZzvAj7RgtVzCIoaJ6XillCImpgx50t2T5GqQFygCZL%2BGqxZzMBkISJ%2BYYUXSo1gByfevtfy4njl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 744e5308aefc9fe5-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1zSBf.oq1b.2-small-Putin-just-EVISCERATED-the-.jpg
sp.rmbl.ws/s8/1/1/z/S/B/ 37 KB
37 KB 101ms
101ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/1/z/S/B/1zSBf.oq1b.2-small-Putin-just-EVISCERATED-the-.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2184bde14f366b82397206ea0e32e9de74996f0cfa3c7491830d2fe4ea957e4b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
last-modified: Thu, 01 Sep 2022 18:59:23 GMT
server: nginx
etag: "0e8c48b5efe8896f8bcd61ae2528e2c7"
x-hw: 1662206418.cds203.sy2.hn,1662206418.cds025.sy2.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=26642
accept-ranges: bytes
content-length: 38159

GET
H3 200 A_Night_Shadows2.jpg
img.beforeitsnews.com/contributor/upload/461640/images/ 14 KB
15 KB 276ms
269ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/461640/images/A_Night_Shadows2.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7659e9f8a65f752019ae2013ce697c7a502d8fc787c2c10a09697e4d95097cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 27436
cf-polished: origSize=16222, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14410
last-modified: Thu, 27 Jan 2022 06:59:56 GMT
server: cloudflare
etag: "61f242ec-3f5e"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 03 Sep 2023 04:14:05 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e53025d73a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK vlcsnap-2020-03-21-22h19m54s195-3076346643.png
amg-news.com/wp-content/uploads/2021/04/ 501 KB
501 KB 1375ms
841ms Image
image/png 77.81.165.130
TLH-AS Pasaj SCAR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2021/04/vlcsnap-2020-03-21-22h19m54s195-3076346643.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 77.81.165.130 Bucharest, Romania, ASN59854 (TLH-AS Pasaj SCARILOR Nr 2, RO),
Reverse DNS: c3130.tlh.ro
Software: nginx /
Resource Hash: 0b257edb6213c50a66843e91aba3a913a8417bfcca4d118d243df8d7acd0bda8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:20 GMT
Last-Modified: Thu, 01 Sep 2022 10:35:40 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 513143
Content-Type: image/png

GET
H2 200 5T2Bf.oq1b-small-Ep.-2864a-The-Monetary-Shif.jpg
sp.rmbl.ws/s8/1/5/T/2/B/ 47 KB
47 KB 109ms
109ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/5/T/2/B/5T2Bf.oq1b-small-Ep.-2864a-The-Monetary-Shif.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3cf0ecbe84fb7dbf8765b706c161ca740aac8d4980cf0693c315db0ef42615be

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
last-modified: Thu, 01 Sep 2022 23:24:11 GMT
server: nginx
etag: "82cef41cca4d68d10fb8496cedf65a04"
x-hw: 1662206418.cds203.sy2.hn,1662206418.cds018.sy2.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=41612
accept-ranges: bytes
content-length: 47644

GET
H3 200 unnameddddddd.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 56 KB
57 KB 272ms
264ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/unnameddddddd.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0488ee06f43c2b00eb16be7cf745e9ed686e79061d5dd3dea7d54b38aa98067

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 723402
cf-polished: origSize=60496, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57609
last-modified: Fri, 28 Aug 2020 12:19:33 GMT
server: cloudflare
etag: "5f48f655-ec50"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 08 Aug 2023 07:55:31 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e53025d74a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 hqdefault%20(3)(12).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 15 KB
15 KB 175ms
168ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/hqdefault%20(3)(12).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65dcecc3b673ec482b0eca9a415a5bb337718fdf1152443b004410f0183b2e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 141744
cf-polished: origSize=15711, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15282
last-modified: Tue, 05 Apr 2022 19:30:29 GMT
server: cloudflare
etag: "624c98d5-3d5f"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 01 Sep 2023 20:13:02 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e53025d75a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/httesxfbadw/ 49 KB
49 KB 214ms
193ms Image
image/jpeg 142.250.4.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/httesxfbadw/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

sffe /

Resource Hash

12124f07c2d7aad81b172aaf2fb86ff1d0ab1e0c1ef4eefd04abf1997995814c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:58:29 GMT
x-content-type-options: nosniff
age: 109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50032
x-xss-protection: 0
server: sffe
etag: "1662163159"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Sep 2022 12:03:29 GMT

GET
H2 200 Depositphotos_8198648_original-3671003921.jpg
settingbrushfires.com/wp-content/uploads/2022/08/ 65 KB
65 KB 324ms
106ms Image
image/jpeg 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://settingbrushfires.com/wp-content/uploads/2022/08/Depositphotos_8198648_original-3671003921.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.15.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Powered Cache
Resource Hash: fd850ac81412e1c3ef5f28a275795fe1dd319b66aaad80b87387d3add2853b4f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1603007
x-powered-by: Powered Cache
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66328
last-modified: Mon, 15 Aug 2022 22:35:25 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0u2xk8ABNyRLWw6klg7WBuFVVNqXBhCv2beGA1qERqE3E3L9wCiijb4TsRDkmyBHr1XXuO9x0Rj%2FAb3wMDvR%2FZSL%2B3cTuwVw1fBZKcFz%2FtAZ2Nx7PbVHg09nalB%2FEzDs6MeLBPR%2Fizs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 744e5308ad896a48-SYD
expires: Sat, 11 Feb 2023 22:43:31 GMT

GET
H2 200 teSCf.oq1b.2-small-Prepare-The-Rubicon-Has-Bee.jpg
sp.rmbl.ws/s8/1/t/e/S/C/ 27 KB
27 KB 103ms
102ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/t/e/S/C/teSCf.oq1b.2-small-Prepare-The-Rubicon-Has-Bee.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 616d134b8650e5097843c7e5f9caa8ae956272e12433959a8699ed3415e98c33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
last-modified: Sat, 03 Sep 2022 00:08:15 GMT
server: nginx
etag: "cd0ab17dfe3ba99ed2f05194d8c2fb97"
x-hw: 1662206419.cds203.sy2.hn,1662206419.cds205.sy2.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=44780
accept-ranges: bytes
content-length: 27521

GET
H2 200 010320trumpsoleimaniv3_960x540.jpg
www.prepperfortress.com/wp-content/uploads/2020/01/ 17 KB
17 KB 325ms
110ms Image
image/jpeg 172.67.132.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prepperfortress.com/wp-content/uploads/2020/01/010320trumpsoleimaniv3_960x540.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.132.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20dad7d6169f58bb367e7c79abc275cdcac3163518731bd24632dc6130381d49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Jan 2020 08:55:23 GMT
server: cloudflare
age: 3399
etag: "42fb-59b4c9632a453"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HQYeVC8SJ%2F2hS%2FNpzFcRzgpz%2Fq8XjCjl3%2Fcw%2Bbn9g4eAvt5Q%2F8PPCrAnRz78NW9FoP8H4dizvXaVOjQuc7P%2Fl3INLISpYIH%2FmBbYZ%2Bh8f3Doon3a3m5dLdffIKssnyjNNzd2YC9gLekSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 744e530afb31aacc-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17147

GET
H2 200 xoaBf.oq1b-small-Ep.-2863b-Knock-KnockThe-Do.jpg
sp.rmbl.ws/s8/1/x/o/a/B/ 44 KB
44 KB 102ms
101ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/x/o/a/B/xoaBf.oq1b-small-Ep.-2863b-Knock-KnockThe-Do.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a6595af8e2eeb1737fe4fe336a4b1e1ed97dd0c302042643f0da811b12d39f05

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
last-modified: Wed, 31 Aug 2022 23:18:55 GMT
server: nginx
etag: "28509231618a412be991e9b7c454e696"
x-hw: 1662206419.cds203.sy2.hn,1662206419.cds025.sy2.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=42349
accept-ranges: bytes
content-length: 45318

GET
H3 200 OIP%20(1)(87).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 28 KB
28 KB 168ms
164ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(87).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9d447abcc72abe7d4c47bbef66f0ce21b3a596e9713c650ff7fd84ce9c94986

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 407629
cf-polished: origSize=29997, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28581
last-modified: Sat, 11 Sep 2021 16:33:17 GMT
server: cloudflare
etag: "613cda4d-752d"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 29 Aug 2023 00:29:10 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e53025d76a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 FbbAf.oq1b-small-SITUATION-UPDATE-83022.jpg
sp.rmbl.ws/s8/1/F/b/b/A/ 16 KB
16 KB 130ms
129ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/F/b/b/A/FbbAf.oq1b-small-SITUATION-UPDATE-83022.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ac3ffab99e564cda39a83ee07e16190e55cc80e0045217b2d056934bdd7512c9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
last-modified: Tue, 30 Aug 2022 20:33:49 GMT
server: nginx
etag: "45d5cce55338f8d89ad91b43fec45bec"
x-hw: 1662206419.cds203.sy2.hn,1662206419.cds205.sy2.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=44362
accept-ranges: bytes
content-length: 16716

GET
H3 200 6ryw7m.jpg
i.imgflip.com/ 70 KB
70 KB 218ms
111ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6ryw7m.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f63052b5751bacb0916c2cc9494839f760ac3eddcad87d67bba4fb4fdbe04b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
cf-cache-status: HIT
age: 117054
cf-polished: origSize=72062
cf-ray: 744e530a4e0ca8c5-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71532
x-amz-id-2: rTdtw6R1aIy8ddm3OVYj6dmwTzKtilWTOBDDyFvhC1TA7KES/5R/fPL6TOz6JmjMyKj6MLcLAE8=
last-modified: Fri, 02 Sep 2022 03:23:49 GMT
server: cloudflare
etag: "e701ae5b1b5e5c0e978234a3b16d070b"
vary: Accept-Encoding
x-amz-request-id: ESZCJE23AJ8RWWAW
access-control-allow-origin: *
expires: Tue, 31 Aug 2032 12:00:19 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 brojsov-tretman-povrcem-1.jpg
www.prepperfortress.com/wp-content/uploads/2022/05/ 26 KB
26 KB 309ms
108ms Image
image/jpeg 172.67.132.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prepperfortress.com/wp-content/uploads/2022/05/brojsov-tretman-povrcem-1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.132.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2eb99367c0db7ba7905d0d98eaf833d2cbbc9b50a4afa834f106f9828b8ced7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
cf-cache-status: HIT
last-modified: Mon, 30 May 2022 15:47:09 GMT
server: cloudflare
age: 2057
etag: "679e-5e03c91a80ccb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjTnDvjRhP2%2Fq9KEo6GFq5p04D%2FwUY2dCLOtHE%2FClKq5ll4BpnJx9jz9FKtJ3FJYHRu2EM2cNat9zblRZnIAHs76ecBmsgOOUusWASQyJA5qV09ZlScotUAYe47UDGiADZ3EL1O3gn62tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 744e530afb33aacc-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26526

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/MwUpPwyyvLw/ 24 KB
24 KB 497ms
196ms Image
image/jpeg 142.250.4.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/MwUpPwyyvLw/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

sffe /

Resource Hash

29b4c2322030f7fca3f6a543aaad072bfe93b896875b0ed4ed7838b9ae26d23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24179
x-xss-protection: 0
server: sffe
etag: "1348612419"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Sep 2022 14:00:19 GMT

GET
H3 200 OIP%20(5)(62).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 13 KB
13 KB 473ms
470ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(5)(62).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71512c60aae1972336bfcd51407676f38f5dd54a8263f972745bc7f15a2f608d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 34696
cf-polished: origSize=14623, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13105
last-modified: Sat, 03 Sep 2022 02:09:08 GMT
server: cloudflare
etag: "6312b744-391f"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 03 Sep 2023 02:09:41 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e53025d77a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 6rlcfd.jpg
i.imgflip.com/ 64 KB
65 KB 503ms
410ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6rlcfd.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0446a4fedc3b34b36fcb912b75a9c40664c709f4e57f75f36833dc4e7057cca6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
cf-cache-status: HIT
age: 377156
cf-polished: origSize=66209
cf-ray: 744e530a4e0fa8c5-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65659
x-amz-id-2: Ab7CS/m7+7uqP9RjwPlgupVgDXGXrhzKNuwfeXxyLx3OyLylVm5YDF10IQo5uHbhg2pm9u1NUUQ=
last-modified: Tue, 30 Aug 2022 03:09:16 GMT
server: cloudflare
etag: "566b0ff08ed2fd88f4dacfda4f197bbd"
vary: Accept-Encoding
x-amz-request-id: 68T4YB593Y2PXKZM
access-control-allow-origin: *
expires: Tue, 31 Aug 2032 12:00:19 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 6razxl.jpg
i.imgflip.com/ 80 KB
80 KB 303ms
210ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6razxl.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0ce0f281f4e0c2fb38a80a24bfbdf344c432041d34592435bb398da5cb7aa10

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
cf-cache-status: HIT
age: 636370
cf-polished: origSize=82317
cf-ray: 744e530a4e0da8c5-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81969
x-amz-id-2: PXGYSsT4VBnCzVtylRXVgCPQuQx32zU3ygHhgftHMiX1/IJjxKrJeemgkYFDWnRaXuKzLvl2gQ8=
last-modified: Sat, 27 Aug 2022 03:08:09 GMT
server: cloudflare
etag: "5db4db1037479b45c4d324d7db6f8068"
vary: Accept-Encoding
x-amz-request-id: CT4M11GDEWSYYZ7F
access-control-allow-origin: *
expires: Tue, 31 Aug 2032 12:00:19 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 OIP%20(3)(61).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 26 KB
27 KB 474ms
471ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(3)(61).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eca1d35f3411e618bf4da24ffabeb298f0dcb7b729255a442be6fe842b311ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 151405
cf-polished: origSize=28504, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26894
last-modified: Thu, 26 Aug 2021 17:11:52 GMT
server: cloudflare
etag: "6127cb58-6f58"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 31 Aug 2023 21:50:28 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e53025d78a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 R%20(1)(67).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 93 KB
93 KB 497ms
494ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/R%20(1)(67).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3aac55c6b640f86a9bb716c3f11d71a4316733847096a8535f2885a55551230

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 692306
cf-polished: origSize=103511, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94734
last-modified: Tue, 19 Apr 2022 20:39:18 GMT
server: cloudflare
etag: "625f1df6-19457"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 26 Aug 2023 11:24:07 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 744e53025d79a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 derekjohnsonmusicviralvideousmilitarytopsecretclearance.png
www.ournewearthnews.com/wp-content/uploads/2022/08/ 221 KB
222 KB 407ms
207ms Image
image/png 104.21.21.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ournewearthnews.com/wp-content/uploads/2022/08/derekjohnsonmusicviralvideousmilitarytopsecretclearance.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.21.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2146cabb2c0eedda8220dc0633772feebebc3dead5cdf229ac50239a90ab814

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 401813
x-ezoic-cdn: Hit ds;mm;5bc470150e75f51ef61a3f289772e107;2-354153-0;20c24fa8-c401-4ecd-6667-7a0a679e3aea
x-middleton-display: staticcontent_sol
last-modified: Mon, 29 Aug 2022 20:13:55 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-nginx-cache: WordPress
response: 200
server: cloudflare
x-frame-options: SAMEORIGIN
x-origin-cache-control: max-age=86400
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fV6lTwMdXSsvUkr9XXG2THcJfdma6CPmToXRdr3I5SgN8YVyYxBV%2BugwqQ2jHdKCDaCJND94I9FPL0IbO0A%2BXprTrLjq5MazG2RLVEj2LrbxqCqHzXYFfm21GMqkH3o3KLrONnH5teZ9ww%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 744e5303bc3aa7ed-SYD
display: staticcontent_sol

GET
H3 200 Screenshot-2022-09-02-201509.png
www.ournewearthnews.com/wp-content/uploads/2022/09/ 577 KB
578 KB 314ms
206ms Image
image/png 104.21.21.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ournewearthnews.com/wp-content/uploads/2022/09/Screenshot-2022-09-02-201509.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.21.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08e9c2fb69783b04f7caed2788efe3fd3004ab945018bbb1a9faee33d8033281

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17536
x-ezoic-cdn: Hit ds;mm;3bb5c2679af12fe444250baa85c7ab3c;2-354153-0;862767ad-90c5-4ae3-4c3c-11178b106380
x-middleton-display: staticcontent_sol
last-modified: Sat, 03 Sep 2022 06:49:54 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-nginx-cache: WordPress
response: 200
server: cloudflare
x-frame-options: SAMEORIGIN
x-origin-cache-control: max-age=86400
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsBqfyqrF6rjumnVxy%2FAJzxudkP4mKSIJAcuRaPG4Alp%2BCT7d1jNdI0kd473xsBubRQUhTQBg1E43jACUJD5ZAi%2F6ACDmIrnzCfu2AwMycZReNRslRxdwxUY0tO4Y1V%2FNq5wL6VgD%2FR7yA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 744e530a69e2a973-SYD
display: staticcontent_sol

GET
H3 200 presidentdonaldtrumpusmilitaryveteran.png
www.ournewearthnews.com/wp-content/uploads/2022/08/ 160 KB
161 KB 215ms
106ms Image
image/png 104.21.21.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ournewearthnews.com/wp-content/uploads/2022/08/presidentdonaldtrumpusmilitaryveteran.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.21.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39be618a9c0572272d3c817bb5baaeccb2c5a52ac93889a3dcdf686d9b5bb7b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38705
x-ezoic-cdn: Hit ds;mm;5ebbe926d78de5331d3503b50e92e53b;2-354153-0;3a754e86-c52b-46d4-6db8-af2d71d48347
x-middleton-display: staticcontent_sol
last-modified: Sat, 27 Aug 2022 00:54:28 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-nginx-cache: WordPress
response: 200
server: cloudflare
x-frame-options: SAMEORIGIN
x-origin-cache-control: max-age=86400
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xy2f8%2BPOwcl07nOSQiuUFGophnNy%2Fwjd%2FDGSP53rSo6NkU7yxK01EGzR3TQ%2FkGQKS3ua98kCkho3rCoujX8Ei0LEL9ugncVsOlZqJJOAsexj5ByYEkjQpXu0OuSJ%2FyO%2FEHgMAnnfqc8xfw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 744e530a69e0a973-SYD
display: staticcontent_sol

GET
H2 200 benjaminfulfordquestionandanswer.png
www.ournewearthnews.com/wp-content/uploads/2022/08/ 352 KB
352 KB 410ms
209ms Image
image/png 104.21.21.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ournewearthnews.com/wp-content/uploads/2022/08/benjaminfulfordquestionandanswer.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.21.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4d8bc2edc9f5efd9006661207a14202bbb111288798f09e20240bcf810e5921

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54392
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
last-modified: Mon, 29 Aug 2022 20:39:34 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-nginx-cache: WordPress
response: 200
server: cloudflare
x-frame-options: SAMEORIGIN
x-origin-cache-control: max-age=86400
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QMJDFcRJDAO1baRDtasbkpHdwk5CbILYtN8Br45ZssNPujqpexeHQ1%2Ftq9Cz1zjUnouXG%2FmUuHV0OqTJA%2BgdNxQR3qsYC2VsED8HdrfiVi3KEomRPm1f1ToUcCClCD3Wd1Ti6w5RPLFZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 744e5303bc36a7ed-SYD
display: staticcontent_sol
expires: Sat, 03 Sep 2022 20:53:46 GMT

GET
H/1.1 200
OK witness.jpg
www.rumormillnews.com/pix/ 37 KB
37 KB 1716ms
297ms Image
image/jpeg 45.79.195.246
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rumormillnews.com/pix/witness.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.195.246 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: rumormillnews.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: ef3c7d9f652f3c117447e501a26ca093c4ae90da89f3b3b744160a854e8c05ce

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:20 GMT
Last-Modified: Sat, 03 Sep 2022 01:47:03 GMT
Server: Apache/2.4.10 (Debian)
ETag: "948d-5e7bc05f62393"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=150
Content-Length: 38029

GET
H2 200 IMG_20220705_114712_012.jpg
m.beforeitsnews.com/contributor/upload/819011/images/ 51 KB
51 KB 129ms
118ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20220705_114712_012.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c189c9130542a12b967046a42346e2a1082de9fe50297ab0bd78d5bb1036f2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5138916
cf-polished: origSize=55630, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52132
last-modified: Wed, 06 Jul 2022 00:00:28 GMT
server: cloudflare
etag: "62c4d09c-d94e"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 Jul 2023 00:00:29 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 744e530a0c3fa937-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 551ms
551ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2605761
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 04 Aug 2023 08:07:58 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 744e53027d84a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame E068 2 KB
1 KB 113ms
113ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20228312
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cbab457694e9f5e2096f84323b0d46db15c5668ceebc1593b589b13f2813754

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 6384
cf-polished: origSize=2325
last-modified: Wed, 15 Jun 2022 13:12:24 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EPKWQ9VFJVZ95XMZ
x-amz-id-2: +uspInXjipx2CNR+Xv6T6Ry5MziFnp3dbl4aYq/ul7Dgd+6hXJQx2GqvwlmhTPc91Xn4PQDEB3k=
cf-bgj: minify
server: cloudflare
etag: W/"7289bc43abe91019280f51201c58429f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: KLghKsCOEETLaqwHPgZiG5b.rcRVowO_
cf-ray: 744e5309faa4a7ff-SYD
expires: Sat, 03 Sep 2022 15:00:19 GMT

GET
H2 200 ajs.js Show response
cdn2.customads.co/_js/ 7 KB
3 KB 639ms
199ms Script
application/javascript 18.155.68.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.customads.co/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-37.sin52.r.cloudfront.net
Software: /
Resource Hash: f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 02:32:49 GMT
via: 1.1 google, 1.1 bdc887cea2b02ccd10a15dd4a890c9c2.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 23:00:14 GMT
age: 34051
etag: W/"1a40-183006ef417"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
x-amz-cf-pop: SIN52-P1
accept-ranges: bytes
content-encoding: gzip
x-amz-cf-id: 8G1mZIn-483ggGDAXy3cnuIduKnRuxc1_xLOlHN_riHl7eANBEygxA==

GET
H3 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
43 KB 544ms
543ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2604357
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 04 Aug 2023 08:07:58 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 744e53027d89a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 610ms
219ms Script
text/javascript 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

5bd3690cc1066947a93570a19f2206fef0c0f251657651c42acc9141dad6635b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57364
x-xss-protection: 0
server: cafe
etag: 1387324274067148862
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 03 Sep 2022 12:00:20 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
513 B 316ms
105ms Script
application/javascript 172.67.138.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.138.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Sep 2022 01:05:04 GMT
server: cloudflare
age: 39315
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12bVrmVPyFO0bH8wZspdPmTDZ9ycpMSUpqna1qPq8QX9u%2F%2F9VKZ8Yzx9K58cRzrXiLRqq%2Fr6lmOzkT4nF0COvgmmUdHywkWR6ozNF5I0dvEmpSRoWNdDjCvufC3G"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 744e530c1ecca892-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9

GET
H2 200 adcode.png
rddywd.com/ 43 B
534 B 308ms
106ms Image
image/gif 172.67.138.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.138.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
age: 1642
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRBkGXsFvKdOP87mCBBwD%2Bgk8Nl8p3K5yVFFcws5ztOtayQSwk5CN5gtDaoOOEMeXDs89zPdVOKL4fTgmj1JkHnKqK25y5twExsrffy1CPLAP93DBfSL1VIIMGDs"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 744e530c4b6aa876-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 204 generate_204
www.googleapis.com/ 0
40 B 195ms
191ms Image
text/plain 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f95.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 524ms
524ms Image
image/webp 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2123791
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 09 Aug 2023 18:36:47 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 744e53029d9aa83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 6ryyn8.jpg
i.imgflip.com/ 100 KB
100 KB 292ms
292ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6ryyn8.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f3b5ab8201506e21a1bb084586aed00eb9609611e4a7fe363754619e757c9b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
cf-cache-status: HIT
age: 115239
cf-polished: origSize=102604
cf-ray: 744e530baecea8c5-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 102379
x-amz-id-2: f0ItcTWUHMnuWaT8l5QTyYZz8MrRLZrs5Zp6/NN9a6V7rjWeYDiC3Qayy2SMjqcprf0KoKSDkS0=
last-modified: Fri, 02 Sep 2022 03:53:00 GMT
server: cloudflare
etag: "3485775668d99d94db38af8e93a316a8"
vary: Accept-Encoding
x-amz-request-id: W87Q8SGVH3XBY15R
access-control-allow-origin: *
expires: Tue, 31 Aug 2032 12:00:19 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 6s3cm2.jpg
i.imgflip.com/ 133 KB
133 KB 392ms
391ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6s3cm2.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ac49053fbe9bbcbd8cf4c3a67ac6429962c6bce654e13ac31c37894b2550a64

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
cf-cache-status: HIT
age: 25597
cf-polished: origSize=136404
cf-ray: 744e530baecfa8c5-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 135751
x-amz-id-2: qEhueoqGxFTaC9kofHk46AByn/VtYXMKUSWXHPOWHnqxqzd2PNAMhOLa98BFzQ7+stwnV9GidzQ=
last-modified: Sat, 03 Sep 2022 04:47:40 GMT
server: cloudflare
etag: "c065eb86a242b1ac145e0a9f89ea1c79"
vary: Accept-Encoding
x-amz-request-id: AYX0X6RNWPC6NH5R
access-control-allow-origin: *
expires: Tue, 31 Aug 2032 12:00:19 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 15 B
485 B 745ms
533ms XHR
text/html 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dca9c7971fea3e428f5b9ec24cd4c0dbd1bf0bcfedbf6883970a75fa72389b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 744e530438a4a86b-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 beforeitsnews.com.720413.es6.js Show response
jsc.mgid.com/b/e/ 264 KB
76 KB 224ms
119ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c78c0e8094a90b756326fabb418f416dd0ac55c96cbf57f1efc57fbb3883631

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 2379
cf-polished: origSize=270378
last-modified: Wed, 24 Aug 2022 10:04:57 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZJF92M00ZDS8T3ZJ
x-amz-id-2: s015fWQsFgRsdYNxws7yaIo/azx2sxmS0Vsoy3D/Tf8tLROFgPeOtkghjR9oq9rN92neGM1cNLQ=
cf-bgj: minify
server: cloudflare
etag: W/"beb82dedc229025b0d28c77242e75489"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: xLGQwECZFJqBGRSPuOPe.G1ZkZVZWQh8
cf-ray: 744e5304ac84a7ff-SYD
expires: Sat, 03 Sep 2022 15:00:18 GMT

GET
H3 200 beforeitsnews.com.720415.es6.js Show response
jsc.mgid.com/b/e/ 264 KB
76 KB 423ms
323ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 912cc155f4bb11b6d6a0b37d046f87a0e0317a10a0c05bae207319e031cff8ad

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:18 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: N8JXWVQPDBBG9N94
cf-polished: origSize=270378
cf-ray: 744e5304ac85a7ff-SYD
last-modified: Wed, 24 Aug 2022 10:04:27 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: KIWEf4C5+gFlqLPQl6yMF1a+P6Aic4BakpNdeuikhqMNfhqft4sWMWS7KWa5o4b2jLxagUchvhs=
cf-bgj: minify
server: cloudflare
etag: W/"7ffb2a975b517fff054d3a67891196c4"
vary: Accept-Encoding
x-amz-version-id: UU_sIEq69gFxAaQvN88IqyEzb10C_4Su
cache-control: public, max-age=10800
content-type: text/javascript
expires: Sat, 03 Sep 2022 15:00:18 GMT

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame 6587 21 KB
7 KB 626ms
205ms Document
text/html 13.33.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.88.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-88-47.sin2.r.cloudfront.net

Software

tv /

Resource Hash

ec3f4c6958fbbebfc1f8dea70ddca7ae891aee442fd35097bdefa8bc10ce5195

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; object-src 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://.ampproject.org/ https://.paypal.com/ https://platform.twitter.com https://*.cardinalcommerce.com/ 'nonce-lqkPAId5gRUlhL5GJNSZjA=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 41
cache-control: max-age=120
content-encoding: gzip
content-security-policy: base-uri 'none'; object-src 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://*.cardinalcommerce.com/ 'nonce-lqkPAId5gRUlhL5GJNSZjA=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'
content-type: text/html; charset=utf-8
date: Sat, 03 Sep 2022 11:59:37 GMT
expires: Sat, 03 Sep 2022 12:01:37 GMT
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
via: 1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-cf-id: -USYt0n_iIFbas3vWQaW8hleWFd4g6eccydCQXlO_N9FThny9s9w9Q==
x-amz-cf-pop: SIN2-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
BLOB 200
OK b55ee91d-7b90-48b4-a202-a6ece9a43134
https://beforeitsnews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/b55ee91d-7b90-48b4-a202-a6ece9a43134
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 26b0530c-b361-4ea4-92dc-21dd9b5d9c20
https://beforeitsnews.com/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/26b0530c-b361-4ea4-92dc-21dd9b5d9c20
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 577ms
192ms Script
text/javascript 142.251.12.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6317
date: Sat, 03 Sep 2022 10:15:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 03 Sep 2022 12:15:03 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
35 B 365ms
324ms Script
text/plain 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1662206419076892785141&uniqId=0f791&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=631341d3-172e0&pageView=1&pvid=18303392085ae4bd60d&site=310742&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 744e530d0950a81f-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content db765dfe-4227-4f4b-9a0e-135a50d8b4b3
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/db765dfe-4227-4f4b-9a0e-135a50d8b4b3
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 113ms
107ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 6139
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BQQZ016TJQM3CQAQ
x-amz-id-2: H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 744e5307eb98a81f-SYD
expires: Sun, 04 Sep 2022 12:00:19 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
909 B 112ms
106ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 1487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BQQP2P0ZGAY0CMXJ
x-amz-id-2: Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 744e5307eb97a81f-SYD
expires: Sun, 04 Sep 2022 12:00:19 GMT

GET
BLOB 200
OK 86bfcc89-3fb5-437f-8650-47c9c88da163
https://beforeitsnews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/86bfcc89-3fb5-437f-8650-47c9c88da163
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK dd697361-7a72-4eea-95e9-c102edcef8c2
https://beforeitsnews.com/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/dd697361-7a72-4eea-95e9-c102edcef8c2
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
H2 200 1 Show response
servicer.mgid.com/720413/ 1 KB
1 KB 215ms
205ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720413/1?pv=5&cbuster=1662206419182303331770&uniqId=0f791&lct=1661299200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=370&h=330&maxw_1=366&maxh_1=284&ident_p=true&cols=1&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=631341d3-172e0&pageView=1&pvid=18303392085ae4bd60d&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d6aee1fbec53b8add4d4859eb659dba8f5b80097d5bee33d426c5f3e1ffa9ac

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 744e530cf940a81f-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
BLOB 206
Partial Content d1b131dc-c33d-4eb9-917c-d84802ccf88c
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/d1b131dc-c33d-4eb9-917c-d84802ccf88c
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 1 Show response
servicer.mgid.com/720415/ 1 KB
992 B 205ms
204ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720415/1?mp4=1&ap=1&w=370&h=330&maxw_1=366&maxh_1=284&ident_p=true&cols=1&pv=5&cbuster=1662206419297416550099&uniqId=05215&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=631341d3-172e0&pageView=0&pvid=18303392085ae4bd60d&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23d1e625e25f365547889854b2ee28d498b399699a270a5ecf6c31576a482a56

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 744e530cf941a81f-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 en.4f0df7e5ab0cdd35.js Show response
static.tradingview.com/static/localization/translations/ Frame 6587 576 KB
67 KB 992ms
584ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/localization/translations/en.4f0df7e5ab0cdd35.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

77ddf8e5d885402e584364c742faffd673b60b0abdf27ceef43ba77ef98c8563

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 09:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93973
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 68351
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 02 Sep 2022 08:12:34 GMT
server: tv
etag: "6311baf2-10aff"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: 1Wol8DrtyaGfQy1UNCdf8igSePFps3m5k7J3lPrbJp4VYQt1eiReig==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.e054e66031de9d1ae796.js Show response
static.tradingview.com/static/bundles/embed/ Frame 6587 49 KB
26 KB 833ms
425ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/runtime.e054e66031de9d1ae796.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

af4c6829d7875209a7aa4b05f6073d290d86c37234937af96fa83b0e497bdbfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89654
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 26211
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 02 Sep 2022 10:41:22 GMT
server: tv
etag: "6311ddd2-6663"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: Ad7SnspOaAtSbCtKu3otPMRroKB8NCMxNuDD73OyGLPrKQzckp3Obw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 72369.9291747e1fab1074d523.js Show response
static.tradingview.com/static/bundles/embed/ Frame 6587 97 KB
33 KB 383ms
378ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/72369.9291747e1fab1074d523.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

526f595b24ddc41e5f1cd91119435c1b6d4a577aa488ef034b2895fa9ce3c723

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 10:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 349933
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 33014
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 30 Aug 2022 10:04:53 GMT
server: tv
etag: "630de0c5-80f6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: QP6AY_QwrCH5tjPzgUsqlMW0iH8R0P-KOWG6Li4hK7EBpxJQC7kGDQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 75932.cd4f83e4607134502a66.js Show response
static.tradingview.com/static/bundles/embed/ Frame 6587 45 KB
13 KB 425ms
420ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/75932.cd4f83e4607134502a66.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

11d8ab754a7bd056500e49e7f473228063c95032e33794319a5f28cfaa511cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1559894
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 13130
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 16 Aug 2022 09:48:59 GMT
server: tv
etag: "62fb680b-334a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: 2AkiDckd3XUdpThuP_ZcARJi1_5kntDmo4ipiduLhi12ii37A1_RSA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 95170.8c229ea611144b3d939d.js Show response
static.tradingview.com/static/bundles/embed/ Frame 6587 29 KB
9 KB 439ms
434ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/95170.8c229ea611144b3d939d.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

1284f3e8b0bd1cba40326776843f02447eaefa32133cccbb558699477c21723f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 06:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3043934
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 8547
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 29 Jul 2022 13:14:57 GMT
server: tv
etag: "62e3dd51-2163"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: JV246oYt1lBUn9rFh9ILC1hnFiJwLtfCMp2Rzx6lrW1NZAd3C8vHXQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 92086.087a982bd7f578b2960d.js Show response
static.tradingview.com/static/bundles/embed/ Frame 6587 29 KB
9 KB 450ms
445ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/92086.087a982bd7f578b2960d.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

9f1d01c516edad0bafcf7135f95b86d102181a3a9ae39ab2a7c9e887b401ad8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 09:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180074
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 9168
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 01 Sep 2022 08:29:32 GMT
server: tv
etag: "63106d6c-23d0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: ckUbspqiOkTbqnE4n7SzXMOamgbE16ItkFyIAWG-ADi_wUjUY_CBwA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 24209.a5ce399c8305a1871f03.js Show response
static.tradingview.com/static/bundles/embed/ Frame 6587 4 KB
2 KB 453ms
449ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/24209.a5ce399c8305a1871f03.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

bb1cd14db11ac7dbc9d30112d3a3c8fd9550b7f870bf378a3399aa51224a9167

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 06:28:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3043930
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 1288
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 29 Jul 2022 13:14:59 GMT
server: tv
etag: "62e3dd53-508"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: VgZOX7U0LcQXNpYZFSmebPDplQVwho_kt342FlJAx4QbuSdYSNwWiQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6373.32ed9c17ad0037ce6878.js Show response
static.tradingview.com/static/bundles/embed/ Frame 6587 25 KB
9 KB 465ms
461ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/6373.32ed9c17ad0037ce6878.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

7ca724e80cc5d05792851c6e8fec670c4f62a919c5ab281ee487a599d9542272

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 10:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 349933
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 8851
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 30 Aug 2022 10:04:53 GMT
server: tv
etag: "630de0c5-2293"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: Lc1zDUt2_X2HH8q78bNSnjAqpVtX0d_-fQ63Zxik2uSlGR7ezhPJyg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 47872.42cd548e3df2e3962b7d.js Show response
static.tradingview.com/static/bundles/embed/ Frame 6587 78 KB
19 KB 490ms
486ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/47872.42cd548e3df2e3962b7d.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

4a84d6525eecfbacfb972f87277289039f30475897e6f377f07f9058954bc8df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 10:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 869595
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 18890
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 24 Aug 2022 09:26:15 GMT
server: tv
etag: "6305eeb7-49ca"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: QG5lJuw-IYw0yMsTwaZJceaLQ1fm6dRHEsejHIOsl8LD-x2gEqBt7g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 73405.aee8f1512cd379837dc3.js Show response
static.tradingview.com/static/bundles/embed/ Frame 6587 25 KB
9 KB 504ms
502ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/73405.aee8f1512cd379837dc3.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

8a7a82b3f13048f984c488181e43cbadd0aa28e6d129954c022b8dc1b3d4f692

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 09:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180074
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 8826
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 01 Sep 2022 08:29:31 GMT
server: tv
etag: "63106d6b-227a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: pQhPwM4wdyTHZSaPGZCfXxS3oO8hu_d52T7HTNywVl84QRaRDKOIqg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 61165.669f518fb3ca12a08781.js Show response
static.tradingview.com/static/bundles/embed/ Frame 6587 37 KB
10 KB 517ms
515ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/61165.669f518fb3ca12a08781.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

624b432c85eff23dbd74f99c05e05e36096953c74f91454674a8ef315f4496dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 10:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 349933
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 9641
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 30 Aug 2022 10:04:54 GMT
server: tv
etag: "630de0c6-25a9"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: Mk-619W6YFjBVr7c1Rj1OWNNQafrDf1sS7HQodmQzCYlL6EhMLk9ng==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 21629.8a698b65f93d5c04018f.js Show response
static.tradingview.com/static/bundles/embed/ Frame 6587 40 KB
11 KB 530ms
528ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/21629.8a698b65f93d5c04018f.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

f21846c4a1b5277edf056a6b8743f0aa44b0ee9b69a75771ecb5a49fdd2feb2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 09:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180074
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 11084
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 01 Sep 2022 08:29:32 GMT
server: tv
etag: "63106d6c-2b4c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: PS9DYgto2HI3yNuG93gXd32_Ua6iS8Ok8GsKAZy_-53hKjSGgiVeyg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 87461.a35256d3fbcae31c8817.js Show response
static.tradingview.com/static/bundles/embed/ Frame 6587 12 KB
5 KB 537ms
535ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/87461.a35256d3fbcae31c8817.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

38c24ad9f43bd9eb0a4b9fa67778e308a7a811294e0e006d49cc120604d58bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1388530
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 4499
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
server: tv
etag: "62fdfacb-1193"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: WK5UoL0cUXQcGtKXiptOHIrcqc1oy4VHC09QIF6BkkqQ8bBcFxRD7w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.d0173a996b66c3a9b6a8.js Show response
static.tradingview.com/static/bundles/embed/ Frame 6587 21 KB
7 KB 549ms
547ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.d0173a996b66c3a9b6a8.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

231c48941aa35461a0d4673dc4944b6e2470cde7bd78bf04c0543a3ac47b538f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 10:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 349932
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 6765
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 30 Aug 2022 10:04:53 GMT
server: tv
etag: "630de0c5-1a6d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: BheoLxNe4Xs8r82AXvATr08xKPu_Moz6o06EKs4kkN3rSP18EzdjBQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9610.4b9f8462aa3659c59d53.css
static.tradingview.com/static/bundles/embed/ Frame 6587 1 KB
1 KB 602ms
196ms Stylesheet
text/css 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/9610.4b9f8462aa3659c59d53.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

3a5baaf48425b11d6685e6dc62508c1419d7aceb5815c59f4f34a3fa10a48fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1388530
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 613
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
server: tv
etag: "62fdfacb-265"
vary: Accept-Encoding
content-type: text/css
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: 30MG5BHOeWxIhhG9AKKx-3vhZdKcOy2I9aByP1waF6Hc39XXj7zPvQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3086.0d1fcc5f4fdd633672c7.css
static.tradingview.com/static/bundles/embed/ Frame 6587 948 B
776 B 603ms
196ms Stylesheet
text/css 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/3086.0d1fcc5f4fdd633672c7.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

c7e58799078e5a29d5b03f677d5402d4c36edb7f2af33d6fad341cb998569ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1388534
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 275
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:37 GMT
server: tv
etag: "62fdfac9-113"
vary: Accept-Encoding
content-type: text/css
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: k-SdSA0wXdwwngIDbAg0KAucBdXpUa0iVp6GgOTPeP7QTXLAxsB0Rg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 72066.f1aaa4b56bfc5daefd58.css
static.tradingview.com/static/bundles/embed/ Frame 6587 1 KB
773 B 604ms
197ms Stylesheet
text/css 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/72066.f1aaa4b56bfc5daefd58.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

85a3d8af7a1f1580c3d29069e046b0bc5cea5406a3015d7f2de17d76fdef8711

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1388534
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 272
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:38 GMT
server: tv
etag: "62fdfaca-110"
vary: Accept-Encoding
content-type: text/css
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: tVXDfGO-GTQSL0BJT0h1iRTlYSsUuIGcdipjIQFuFFL96nAJSQ3mcg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 93419.5e378482872bae547a16.css
static.tradingview.com/static/bundles/embed/ Frame 6587 9 KB
2 KB 795ms
389ms Stylesheet
text/css 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/93419.5e378482872bae547a16.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

8df2ae43e4368b0ee8b3826cba609f16ab5d43713668795230f3c1561db2e7e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1388534
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 1255
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:37 GMT
server: tv
etag: "62fdfac9-4e7"
vary: Accept-Encoding
content-type: text/css
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: e49M484BVTj6TP1eR0rD-nah79rFSYMkbMvGggVQ4i3uonz9ABruoA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4704.721cbfb1a5d6784e3109.css
static.tradingview.com/static/bundles/embed/ Frame 6587 2 KB
984 B 606ms
199ms Stylesheet
text/css 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/4704.721cbfb1a5d6784e3109.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

d1b8a0fc8cd1e1cee4a88d59f5787fdd243f2fbf583f809d5c8d5028ea2b1162

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1388534
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 482
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
server: tv
etag: "62fdfacb-1e2"
vary: Accept-Encoding
content-type: text/css
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: zkhLy2rC9vNiEL56vxbWfe8cZSVK6PUQz_DDfBS67Qkbdu-oYTmsBQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5735.8535b6d6dc2d8bbe0ca0.css
static.tradingview.com/static/bundles/embed/ Frame 6587 2 KB
958 B 608ms
202ms Stylesheet
text/css 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/5735.8535b6d6dc2d8bbe0ca0.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

4c4c2acc98fe6ff98dfc81cadee2e7c98c2df0c9dde86c3eb0bf9ccb442ab16c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 10:32:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 437294
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 459
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 29 Aug 2022 09:36:37 GMT
server: tv
etag: "630c88a5-1cb"
vary: Accept-Encoding
content-type: text/css
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: 7_ALRaIwgxp-bowivpKGsv491PRV7gncgbA-dEhIrXkPxe4J61SC9w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 22641.c7183a76dc0599de9f42.css
static.tradingview.com/static/bundles/embed/ Frame 6587 4 KB
1 KB 607ms
201ms Stylesheet
text/css 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/22641.c7183a76dc0599de9f42.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

fe19334709cd41c6c626aa65d242a3c096e5ef4d92097fc19fc27ab73d31d50a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1388534
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 566
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
server: tv
etag: "62fdfacb-236"
vary: Accept-Encoding
content-type: text/css
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: 0yHZCNVG_6IzuYMtP27dzij8oVPQYvj7oOSFDRAgXXRNvOv2Xbx2zw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 49859.57ed1f0e14de0ce7dcbb.css
static.tradingview.com/static/bundles/embed/ Frame 6587 868 B
777 B 614ms
208ms Stylesheet
text/css 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/49859.57ed1f0e14de0ce7dcbb.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1388530
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 275
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
server: tv
etag: "62fdfacb-113"
vary: Accept-Encoding
content-type: text/css
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: 4TDIRIaELGzLzQCuBzBqwQwyDz_Clt07QE8Q69vbGC6Lnq9unxVVwQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 41848.9aed78f36422390299fd.css
static.tradingview.com/static/bundles/embed/ Frame 6587 6 KB
2 KB 612ms
207ms Stylesheet
text/css 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/41848.9aed78f36422390299fd.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

a5a4555a853a38c7209ad9ba749632a384bed64d8f9e05a9434a5ef53e2b6d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1388528
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 1099
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
server: tv
etag: "62fdfacb-44b"
vary: Accept-Encoding
content-type: text/css
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: McB_srMQoRS29oPlkbJR0ClzpT-qFd7VZhFFbo3sD5Maz4nKk1Avsw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 beforeitsnews.com.351459.es6.js Show response
jsc.mgid.com/b/e/ Frame E068 265 KB
76 KB 118ms
118ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20228312
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de2223e46a7952c68666282f14bd7954b4969ab7f9d56cdfbbcd6b44f6bff36b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 403
cf-polished: origSize=271040
last-modified: Wed, 24 Aug 2022 10:03:57 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1SASQ5MAQTW08PDH
x-amz-id-2: NrfoJhmpUmXGaheBGXXBv9jt4SduT3hbcnCJLn/gZ7CNdBnL4MOzzPTNjSE09I45D902HBMSKuw=
cf-bgj: minify
server: cloudflare
etag: W/"7d3e196f6d958ba1e02688c77b41705a"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: goP9vBBMXN9g0k8Vkhn5DSBzUOGnri2W
cf-ray: 744e530aab97a7ff-SYD
expires: Sat, 03 Sep 2022 15:00:19 GMT

GET
BLOB 200
OK 03cbcda4-f5c3-4bf1-86d5-caccaf5b5a9e
https://beforeitsnews.com/ Frame E068 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/03cbcda4-f5c3-4bf1-86d5-caccaf5b5a9e
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK fc889ef0-dd84-488c-88f1-fcfea4c8bb1d
https://beforeitsnews.com/ Frame E068 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/fc889ef0-dd84-488c-88f1-fcfea4c8bb1d
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
BLOB 206
Partial Content d51d5f30-8e96-4f3e-8695-50a54b1de451
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/d51d5f30-8e96-4f3e-8695-50a54b1de451
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 494ms
193ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 16:07:51 GMT
x-content-type-options: nosniff
age: 157949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 16:07:51 GMT

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 4 KB
2 KB 208ms
207ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?mp4=1&ap=1&w=370&h=1095&maxw_3=366&maxh_3=247&cols=1&pv=5&cbuster=166220641981532745423&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=631341d3-172e0&pageView=0&pvid=18303392085ae4bd60d&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9236eb71c1d7475074cf2fb9ff1ca79ec299a5a1addedfd0a1708e7243a366c2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 744e530dfa19a81f-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 8301289771671655 Show response
customads.co/lad/ Frame 6C15 26 KB
11 KB 507ms
297ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 685e381cf4e0a1ca260097e3da882b3186aa9fbc66d9e2bc809b7a0fc2152b6b

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-encoding: gzip
content-length: 11071
content-type: text/html; charset=utf-8
date: Sat, 03 Sep 2022 12:00:20 GMT
via: 1.1 google

GET
H2 200 10864438442185062 Show response
customads.co/lad/ Frame FD0D 27 KB
11 KB 523ms
315ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 590c6b59624e0a705c18d4d0c3f7a3298c57664e2dbb13e72798e1ba1f5f277b

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-encoding: gzip
content-length: 11196
content-type: text/html; charset=utf-8
date: Sat, 03 Sep 2022 12:00:20 GMT
via: 1.1 google

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTNiZTE1MDgyNTBmNGU2M2M1ZDM5OWFhOGU0ZTA4LmpwZWc.webp
s-img.mgid.com/g/8164890/492x328/0x0x900x600/ 10 KB
10 KB 320ms
112ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164890/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTNiZTE1MDgyNTBmNGU2M2M1ZDM5OWFhOGU0ZTA4LmpwZWc.webp?v=1662206420-hzvbZEHKZAmGZDC_YsUMW1A4fBolrYhwCNJbhiHSYXY
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d9adbef008101f908c4c1bcbcfc6000278cd007139e3b64a31096f4afe4a682

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:20 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:43:10 GMT
x-mg-request-uuid: 8e8a8ba0-090c-4b40-876d-dad9494a1f34
age: 133285
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 744e530f9d06a80b-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10078
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF85MDAseV81MDMvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvM...
s-img.mgid.com/g/13414929/492x328/-/ 14 KB
14 KB 314ms
108ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13414929/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF85MDAseV81MDMvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvMTc1Njg1L2Q2OGM3YTFkZDUyOWZiZmJmMGYwMDkxNjE4NDM4ZDE2LmpwZw.webp?v=1662206420-VIRm4Xt6Zg-4k71qY7ZFQCBwSkkmylr4y-IjVTO-00w
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80944a1784eee2c099b34753caa51a824d0824a03da21c5262768429bc7c19e9

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:20 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 09:35:34 GMT
x-mg-request-uuid: 5d2baba0-3579-466d-9563-1de9c675be9f
age: 5447223
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 744e530f9d03a80b-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14336
server: cloudflare

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
1 KB 297ms
291ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=166220642017438205163
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd6631dd4dd254f0ad73de6cddf03219a2a4a4e52474e9f87645cc25744a266c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 744e530e6ab3a81f-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 i-noref.js Show response
cm.mgid.com/ Frame B446 0
35 B 293ms
292ms Script
text/plain 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1662206420182776323313
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:20 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 744e530e7abda81f-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 209 KB
67 KB 788ms
261ms Script
application/javascript 23.72.44.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-44-196.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e44c56414d6d7edd75f68e972b2c7161626f82d4d3df26d8b76c237a223c090a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:20 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 10:48:20 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=133944
accept-ranges: bytes
content-type: application/javascript
content-length: 68097
expires: Mon, 05 Sep 2022 01:12:44 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 48 KB
14 KB 351ms
107ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 03 Sep 2022 12:00:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 11:00:45 GMT
server: cloudflare
age: 1814
etag: W/"b17c28d6fd88a6b12feea5c52e9a7485"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 744e5310cb86a80e-SYD
x-amz-request-id: J1WQFYBBXB2SQM1R
x-amz-id-2: e8/WS2mI/gaNYS7MFftNlIeIPcWDV6HDh2W3CygAHTVySQAzODf4TsFzJFp2lyPILey0ZeFH9jw=

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzg5MWI1MzA3M2Q2OGUyO...
s-img.mgid.com/g/12068015/492x277/-/ 12 KB
12 KB 148ms
111ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12068015/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzg5MWI1MzA3M2Q2OGUyODAzMGY1M2FhMjViNzhhOTEuanBlZw.webp?v=1662206420-a0WKkCasILct22Yz2LruzO7Ahi29D4uUWnThaSaN-vI
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a747c61c2762926db3f5fb6b9018e2da640cad4f7bbb89aab50ec1632c9aeb78

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:20 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 14:13:06 GMT
x-mg-request-uuid: d5526113-86ba-4312-8a00-54950e67cd6c
age: 10034003
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 744e530f9cffa80b-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11970
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzMwLHlfMjg4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2L...
s-img.mgid.com/g/13404792/492x277/-/ 22 KB
23 KB 203ms
202ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13404792/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzMwLHlfMjg4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzEwMTkyNC8xMGZmNTg3MjNlNWFjMWMxOWE3ZTI1M2QwNDkyZDRhNy5qcGVn.webp?v=1662206420-phfl7tRgIcz0hRF1rkog7Iuapa3DQaY_0yP6J4Zqb68
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e43f5866962b9e654575f1a7536da4bf6e485380cc5a54bb5f9e26f2d6a2d49

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:20 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Jul 2022 07:14:15 GMT
x-mg-request-uuid: 316ed81b-58e0-42e8-80e8-6be5ded930d8
age: 5545348
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 744e530f9d0da80b-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22852
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xNzU2ODUvZjE0N...
s-img.mgid.com/g/13275082/492x277/-/ 16 KB
17 KB 110ms
110ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13275082/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xNzU2ODUvZjE0NGVlMjQwYmJiNDBkNmFiMmJjYmU5ZjA5NWJlMDcuanBn.webp?v=1662206420-pHDcVqfpopbFCHFGLBj9Ndtrh35eoD5MlB0dS2sDaAA
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2693978892b0f2bbcd12cd728e9c381e17f1634980a2aeb2a1f5ca3b2a0a9ef0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:20 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Jun 2022 00:14:12 GMT
x-mg-request-uuid: bc13bc5d-d619-46aa-8eb9-0dbbc4fb62ed
age: 6780530
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 744e530f9d0ea80b-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16706
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMjYvMTAxOTI0LzgxYTJiN2U4MWVhOWQ4NzEyOGE1MTdkZjVhMmZiOGUwLmpwZw.webp
s-img.mgid.com/g/3805540/492x277/0x0x492x277/ 11 KB
11 KB 111ms
111ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805540/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMjYvMTAxOTI0LzgxYTJiN2U4MWVhOWQ4NzEyOGE1MTdkZjVhMmZiOGUwLmpwZw.webp?v=1662206420-Ue2MbqyGqeUjm-f13v27nT3NTJHtySi3fGmvEDkE4ZE
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b04ac9a91361ab2c84b86e0f309b1a655feb748b8e6ec80d5dd2cc551e3b0c04

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:20 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Jul 2022 08:29:57 GMT
x-mg-request-uuid: a55cfd34-105f-4f05-8634-c7b1218104e7
age: 4586155
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 744e530f9d0fa80b-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11288
server: cloudflare

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 494ms
193ms XHR
text/plain 142.251.12.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1878049740&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=741528248&gjid=898588140&cid=337480826.1662206420&tid=UA-16055024-1&_gid=497289951.1662206420&_r=1&gtm=2wg8v05D8XJ6Q&z=211788819

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 493ms
192ms Image
image/gif 142.251.12.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1878049740&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=337480826.1662206420&tid=UA-16055024-1&_gid=497289951.1662206420&gtm=2wg8v05D8XJ6Q&z=1947160334

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Sep 2022 17:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66422
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 493ms
192ms Image
image/gif 142.251.12.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Sep 2022 17:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66422
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 761D 3 KB
1 KB 1822ms
295ms Document
text/html 107.151.8.10
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=754484
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=166220642017438205163
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.8.10 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: fd475ccd523727d382d832b0756af039029d2e7c0fdba11e3831091cdc0044db

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://beforeitsnews.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1213
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Sep 2022 12:00:21 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
100 B 834ms
621ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=m83ksNi6BM05
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 744e53119b55a96e-SYD
content-length: 0
content-type: image/gif

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=LDMWe3nl7bpfT5yyAQ1Z&pi=mgid&tc=1

43 B
378 B

329ms
329ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=LDMWe3nl7bpfT5yyAQ1Z&pi=mgid&tc=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 744e531a4e06a7ff-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=LDMWe3nl7bpfT5yyAQ1Z&pi=mgid&tc=1
pragma: no-cache
date: Sat, 03 Sep 2022 12:00:21 GMT, Sat, 03 Sep 2022 12:00:21 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=6fa743a2-48a0-4cef-8781-82b2f587e02f&ttl=1664798420

43 B
363 B

296ms
296ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=6fa743a2-48a0-4cef-8781-82b2f587e02f&ttl=1664798420
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 744e53134d3aa7ff-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=6fa743a2-48a0-4cef-8781-82b2f587e02f&ttl=1664798420
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H/1.1

200
OK

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m83ksNi6BM05
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=2817141643343613987&gdpr=0&gdpr_consent=
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

42 B
773 B

577ms
197ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 03 Sep 2022 12:00:22 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mg...
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mg...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzQ5NERDNTAtOEU2Qy00MDdCLThCQzctMzZFODVFMTU3RkFF&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzQ5NERDNTAtOEU2Qy00MDdCLThCQzctMzZFODVFMTU3RkFF&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D7494DC50-8E6C-407B-8BC7-36E85E157FAE
https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE

43 B
441 B

298ms
298ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 744e532b8b40a7ff-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE
date: Sat, 03 Sep 2022 12:00:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

458249.gif
idsync.rlcdn.com/
Redirect Chain

https://idsync.rlcdn.com/712107.gif?partner_uid=m83ksNi6BM05&
https://idsync.rlcdn.com/1000.gif?memo=CKu7KxIYChQIARDDoQoaDG04M2tzTmk2Qk0wNRAAGg0I1YPNmAYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=efd46e475cd61b7da66f9f1b759a27c3064225e3bf8412641f2aa576c9b155d7791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBlZmQ0NmU0NzVjZDYxYjdkYTY2ZjlmMWI3NTlhMjdjMzA2NDIyNWUzYmY4NDEyNjQxZjJhYTU3NmM5YjE1NWQ3NzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBlZmQ0NmU0NzVjZDYxYjdkYTY2ZjlmMWI3NTlhMjdjMzA2NDIyNWUzYmY4NDEyNjQxZjJhYTU3NmM5YjE1NWQ3NzkxNDI2YjU0MTdkY2UyMRAAGgwI1YPNmAYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=4630dd2d-b24b-4eec-b825-f1160fab854b

42 B
60 B

273ms
273ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=4630dd2d-b24b-4eec-b825-f1160fab854b
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Sep 2022 12:00:23 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=4630dd2d-b24b-4eec-b825-f1160fab854b
date: Sat, 03 Sep 2022 12:00:23 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D
https://cm.mgid.com/m?cdsp=675043&c=5d94d5bb-8942-48f9-a2f3-2f02de1dfeea

43 B
378 B

292ms
292ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=675043&c=5d94d5bb-8942-48f9-a2f3-2f02de1dfeea
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 744e531b1ecca7ff-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

Pragma: no-cache
Date: Sat, 03 Sep 2022 12:00:22 GMT
Server: nginx
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Location: https://cm.mgid.com/m?cdsp=675043&c=5d94d5bb-8942-48f9-a2f3-2f02de1dfeea
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0

GET
H/1.1 204
No Content sync
x.bidswitch.net/ 0
195 B 1229ms
439ms Image
text/html 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=mgid
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 712056.gif
id.rlcdn.com/ 42 B
296 B 288ms
274ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/712056.gif?
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Sep 2022 12:00:21 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=m83ksNi6BM05
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=m83ksNi6BM05
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ac321931-d25f-4f40-9d8f-56bb2a02c19d&gdpr=&gdpr_consent=&gdpr_pd=

45 B
627 B

806ms
290ms

Image
image/gif

23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ac321931-d25f-4f40-9d8f-56bb2a02c19d&gdpr=&gdpr_consent=&gdpr_pd=

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Sat, 03 Sep 2022 12:00:23 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Sat, 03 Sep 2022 12:00:23 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ac321931-d25f-4f40-9d8f-56bb2a02c19d&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sat, 03 Sep 2022 12:00:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=4d613990-fad6-48bf-95f3-927df609bf3f

43 B
394 B

293ms
293ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=4d613990-fad6-48bf-95f3-927df609bf3f
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 744e5320ade5a7ff-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=4d613990-fad6-48bf-95f3-927df609bf3f
date: Sat, 03 Sep 2022 12:00:22 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTgza3NOaTZCTTA1&muidn=m83ksNi6BM05
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTgza3NOaTZCTTA1&muidn=m83ksNi6BM05&google_tc=
https://cm.mgid.com/google?muidn=m83ksNi6BM05&google_ula={guid},5&google_gid=CAESEHIt7e8nEj2vHtbxfVTLdu4&google_cver=1

0
121 B

292ms
291ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=m83ksNi6BM05&google_ula={guid},5&google_gid=CAESEHIt7e8nEj2vHtbxfVTLdu4&google_cver=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 744e531ecbdda7ff-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=m83ksNi6BM05&google_ula={guid},5&google_gid=CAESEHIt7e8nEj2vHtbxfVTLdu4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A
https://cm.mgid.com/m?cdsp=718337&c=ID5-ZHMOeqX-V8LHhilxe3Lr3bdIoDOJlTK1gtPkKz48ww

43 B
410 B

296ms
295ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=718337&c=ID5-ZHMOeqX-V8LHhilxe3Lr3bdIoDOJlTK1gtPkKz48ww
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 744e53243a31a7ff-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=718337&c=ID5-ZHMOeqX-V8LHhilxe3Lr3bdIoDOJlTK1gtPkKz48ww
date: Sat, 03 Sep 2022 12:00:23 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=mgid
https://cm.mgid.com/m?cdsp=43070&c=L7LUSCOL-V-JL0M

43 B
409 B

294ms
294ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=43070&c=L7LUSCOL-V-JL0M
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 744e5322d8ada7ff-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.mgid.com/m?cdsp=43070&c=L7LUSCOL-V-JL0M
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=1dfebb45-e74b-4735-ae6c-47d4f640271e

43 B
394 B

291ms
290ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=665953&c=1dfebb45-e74b-4735-ae6c-47d4f640271e
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 744e5320fe49a7ff-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=1dfebb45-e74b-4735-ae6c-47d4f640271e
date: Sat, 03 Sep 2022 12:00:23 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/ Frame B7D3 10 KB
5 KB 579ms
192ms Document
text/html 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 75701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 14:58:40 GMT
etag: 8616628553774171045
expires: Fri, 16 Sep 2022 14:58:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5e204d60e23ad3b918261c21720d4c61e7bf7a6a2ce0bde815af599daf11ac8d_small
cdn1.customads.co/uploads/ Frame 6C15 26 KB
27 KB 1511ms
1092ms Image
image/jpeg 13.33.33.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.customads.co/uploads/5e204d60e23ad3b918261c21720d4c61e7bf7a6a2ce0bde815af599daf11ac8d_small
Requested by: Host: customads.co
URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-39.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c04eae00fe67743ec07110330164f37de2905daf6f5403c1fe4ff6c892a4ab20

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:22 GMT
via: 1.1 6fa99bf0c83c1cecd58937934e9d3c12.cloudfront.net (CloudFront)
last-modified: Thu, 28 Apr 2022 15:10:05 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
etag: "ddd04b45db3c4f2607e02d49a17782c0"
x-cache: Miss from cloudfront
x-amz-version-id: U8D0npOR74rIbKsNfont0m9FUNKGhjg_
accept-ranges: bytes
content-type: image/jpeg
content-length: 26812
x-amz-cf-id: Nh3SI7KOTcEiO5ojKVeTHwGJuR3d07nRIQgvXEc5MLkloK5xqgwdNg==

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 6C15 45 KB
17 KB 580ms
193ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3505
date: Sat, 03 Sep 2022 11:01:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Sat, 03 Sep 2022 13:01:56 GMT

GET
DATA 200
OK truncated Show response
/ Frame 6C15 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4dd3edd6010c83b7e5db04580678184ce7647331952cd42534f8e61cca362c53

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 f6f93c405ffb25873e7ad17a101e83c0f58df98cdc94f6788e0a760c686e9f29_medium
cdn1.customads.co/uploads/ Frame FD0D 30 KB
31 KB 610ms
225ms Image
image/jpeg 13.33.33.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.customads.co/uploads/f6f93c405ffb25873e7ad17a101e83c0f58df98cdc94f6788e0a760c686e9f29_medium
Requested by: Host: customads.co
URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-39.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4554451a1a13ae3adc7d2854d1eea1978a4b43d1b363f7b351fe961787cd51df

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 07:30:43 GMT
via: 1.1 6fa99bf0c83c1cecd58937934e9d3c12.cloudfront.net (CloudFront)
last-modified: Tue, 13 Jul 2021 18:36:20 GMT
server: AmazonS3
age: 16179
etag: "89524c948583a41a6eba790834818236"
x-cache: Hit from cloudfront
x-amz-version-id: oqOxgsKcKMQvbTwb.roa.RQWkwoo3zbW
x-amz-cf-pop: SIN2-P1
accept-ranges: bytes
content-type: image/jpeg
content-length: 31157
x-amz-cf-id: s_BHYvzqvHDv_7XUbkV3Cwq4qnYN2EZ4JIFou7kUBxeG4zJ7oEYi4Q==

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame FD0D 45 KB
17 KB 599ms
251ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3505
date: Sat, 03 Sep 2022 11:01:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Sat, 03 Sep 2022 13:01:56 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
331 B 1204ms
398ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31532338.ip-162-19-138.eu
Software: /
Resource Hash: 34ed31053c7a3f132e11075de47b215255d7f87e07fc8d6a4e525403d3d1c078

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Sat, 03 Sep 2022 12:00:21 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
331 B 1204ms
399ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31532338.ip-162-19-138.eu
Software: /
Resource Hash: 04bb9eb63ee4c0b1a8fe08b2def48fb0dbe810b8b7d5e6efd233cb6973166d7a

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Sat, 03 Sep 2022 12:00:20 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
DATA 200
OK truncated Show response
/ Frame FD0D 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36dafadbb0f09e6811c915f6146001f094e5b86992abc6498f42f9da822cd841

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
331 B 1210ms
403ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31532338.ip-162-19-138.eu
Software: /
Resource Hash: 96dbb370fa89313894cfd5b4442cdd46d4c19aeb3a94b23b811d0bf4e2550349

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Sat, 03 Sep 2022 12:00:21 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 6587 105 KB
41 KB 495ms
194ms Script
application/javascript 142.251.10.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/6373.32ed9c17ad0037ce6878.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

368da2121d8c4eaf9660d8ef21e50a34d049ccb0a64bc32111a2b72055b8efc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41876
x-xss-protection: 0
expires: Sat, 03 Sep 2022 12:00:21 GMT

GET
H2 200 28903.aa1dd10ca152214f30b4.css
static.tradingview.com/static/bundles/embed/ Frame 6587 801 B
718 B 197ms
196ms Stylesheet
text/css 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/28903.aa1dd10ca152214f30b4.css

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/runtime.e054e66031de9d1ae796.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

65fa2849eb04b25dd3d737ee39791f24feb89ef65a01eea6820cf1eb95f15efa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1388533
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 216
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:37 GMT
server: tv
etag: "62fdfac9-d8"
vary: Accept-Encoding
content-type: text/css
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: IroembGWX91E7MTLCkunjp5zzAlVPEHQASLgLFhjOspnIk_3F8XJAw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tradingview-copyright-data-impl.e58a177013f230536e29.js Show response
static.tradingview.com/static/bundles/embed/ Frame 6587 4 KB
3 KB 197ms
197ms Script
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.e58a177013f230536e29.js

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/runtime.e054e66031de9d1ae796.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-102.sin2.r.cloudfront.net

Software

tv /

Resource Hash

d11358673e6944e9cfe0d14dabcc82f531dc2313ab636a8925607d76192e96e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1388534
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 2083
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:37 GMT
server: tv
etag: "62fdfac9-823"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: dn-DlHYuDTKcBKUIFNHzjWYOp5_-hbQ6CrGRAQBRaszpc_ExHNBvqA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
215 B 519ms
425ms XHR
text/plain 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16055024-1&cid=337480826.1662206420&jid=741528248&gjid=898588140&_gid=497289951.1662206420&_u=YEBAAEAAAAAAAC~&z=2116203982

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 03 Sep 2022 12:00:21 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s-and-p-500.svg
s3-symbol-logo.tradingview.com/indices/ Frame 6587 1 KB
925 B 609ms
198ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc65c6721af6fef8b02dca12cd466a18150acbe66203f45d76782f210194867e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:07:15 GMT
content-encoding: gzip
last-modified: Thu, 26 May 2022 07:17:22 GMT
server: AmazonS3
age: 3187
etag: W/"f120e635d6a57528861fe87233bc6c11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: f120e635d6a57528861fe87233bc6c11
x-amz-cf-id: WMtqrixOYHewy2VjNNH9Wb1uJSZQg71RaAefu_6jv-oOtHScXIi45g==

GET
H2 200 meta-platforms.svg
s3-symbol-logo.tradingview.com/ Frame 6587 786 B
1 KB 614ms
203ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/meta-platforms.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:41:29 GMT
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
last-modified: Fri, 05 Nov 2021 11:07:13 GMT
server: AmazonS3
age: 1141
etag: "cafd1d7d717ad67e5dbe45b88fa3d47b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: cafd1d7d717ad67e5dbe45b88fa3d47b
content-length: 786
x-amz-cf-id: NR0HfvR6l4lWzygnJEJOu2HheMWYzCT6i-PXxThyNkIebMlIJuhRjA==

GET
H2 200 apple.svg
s3-symbol-logo.tradingview.com/ Frame 6587 1 KB
1 KB 615ms
204ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/apple.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:34:48 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
server: AmazonS3
age: 1534
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
x-amz-cf-id: zEA3_WnsLUofAfOmSOeZup8M5oZy_oQCvdRjk8wkmbogoruB6JNCbQ==

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 6587 523 B
930 B 619ms
209ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:05:11 GMT
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:05:18 GMT
server: AmazonS3
age: 3310
etag: "4542d4ecd73f04c73affa787a4522596"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
content-length: 523
x-amz-cf-id: E9iyq-1pwjgWlin86jwohh-M_gBAK4_B_KfkEVb_FK6s5jV9ULySIw==

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 6587 3 KB
789 B 609ms
199ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:48:07 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
server: AmazonS3
age: 741
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
x-amz-cf-id: YRHebuEknPiYfZlowo5MgutuVPp8VR_iG25n0N24HNs60cvlgsqPSg==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 6587 870 B
1 KB 611ms
201ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:27:17 GMT
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
server: AmazonS3
age: 1985
etag: "e9173ef4613c3da43c45885ea39c4b96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
content-length: 870
x-amz-cf-id: IYYps6V9BrIl4jIHhtKKNrrWMzdrGHQYYHXjO96nobBeotMtVZjbgQ==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 6587 801 B
1 KB 198ms
196ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:14:32 GMT
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:03:52 GMT
server: AmazonS3
age: 2751
etag: "107060b925841745f310697bd9f1f83d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
content-length: 801
x-amz-cf-id: TkrUbPFmmw16vWxD8NC1UrnRCp9hlKxwegJqyIhRsR8GX7ru4Zshog==

GET
H2 200 nasdaq-100.svg
s3-symbol-logo.tradingview.com/indices/ Frame 6587 777 B
1 KB 323ms
197ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:07:23 GMT
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
last-modified: Thu, 26 May 2022 07:17:23 GMT
server: AmazonS3
age: 3179
etag: "fe60c6206a39b7984b1ebb2b8234c5ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: fe60c6206a39b7984b1ebb2b8234c5ab
content-length: 777
x-amz-cf-id: ywRNPUZW4SWxsEYhYUVlch_SP6Hn1o4wgY52NYO2_fybtRjtGoNggw==

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 6587 49 KB
20 KB 194ms
193ms Script
text/javascript 142.251.12.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6318
date: Sat, 03 Sep 2022 10:15:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 03 Sep 2022 12:15:03 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 586ms
199ms Image
image/gif 172.217.194.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16055024-1&cid=337480826.1662206420&jid=741528248&_u=YEBAAEAAAAAAAC~&z=644586203

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
501 B 589ms
201ms Image
image/gif 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16055024-1&cid=337480826.1662206420&jid=741528248&_u=YEBAAEAAAAAAAC~&z=644586203

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 c
c.mgid.com/ 43 B
213 B 335ms
335ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=366|284|8|jdZcZXw7MZtq1M7M4ZAnAz4VO_pNEW9jPMf5p28tzn-dL-InhJtG8MLzfMRVbGOBEGwD4jXti7hrRN8of6V9jg**&fw=1&extjs=66044&cid=720413&h2=lBDTkKa8qPe8-Xy61qibk7SS7pEZYveFKp63tnb5DeA*&rid=fb9b94aa-2b7f-11ed-a6df-2cea7f92274e&tt=Direct&iv=11&pageImp=1&pvid=18303392085ae4bd60d&muid=m83klzTLy405&cbuster=1662206421562837701910
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:21 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 1dbb7734-ff26-4421-87ea-9c6482b90468
content-type: image/gif
cf-ray: 744e53171a07a7ff-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare

GET
H2 200 alphabet.svg
s3-symbol-logo.tradingview.com/ Frame 6587 761 B
1 KB 247ms
245ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/alphabet.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:57:36 GMT
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:55:20 GMT
server: AmazonS3
age: 193
etag: "d721ee9258a9e765f67ec5dfb05d72f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: d721ee9258a9e765f67ec5dfb05d72f2
content-length: 761
x-amz-cf-id: wBLomuyphRffJdqYuKLC3w1ufwegDmQL1HBE-IcDsF-HiJ1GUyFtwQ==

GET
H2 200 ebay.svg
s3-symbol-logo.tradingview.com/ Frame 6587 1 KB
1 KB 247ms
246ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/ebay.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:44:06 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:07 GMT
server: AmazonS3
age: 977
etag: W/"10fc27643c8debeb225d244f546f3641"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: 10fc27643c8debeb225d244f546f3641
x-amz-cf-id: OXCXyAoZhtr3tfzlX9zgGav0bLl1NADpnWFyLe0BTipXx7vlkaAEmA==

GET
H2 200 gamestop.svg
s3-symbol-logo.tradingview.com/ Frame 6587 1 KB
1 KB 246ms
245ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/gamestop.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:48:20 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:53:53 GMT
server: AmazonS3
age: 723
etag: W/"bbf56edc1acae4673f8e03ab9e3e2290"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: bbf56edc1acae4673f8e03ab9e3e2290
x-amz-cf-id: DWoQGTvJHm65ik_GIpw9TwUBOOpNM34Z4U_AAtmwumidF-U8XPZsGg==

GET
H2 200 paypal.svg
s3-symbol-logo.tradingview.com/ Frame 6587 1 KB
1 KB 226ms
225ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/paypal.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:18:05 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:02:09 GMT
server: AmazonS3
age: 2683
etag: W/"65eea60fcee5ecdfdbb1acd1ba7cc66b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: 65eea60fcee5ecdfdbb1acd1ba7cc66b
x-amz-cf-id: z7ifNUWPB3TSpOkCePMhvqpKjfqTb-Yd31MUE3VR77qELjhJll6kTw==

GET
H2 200 fedex.svg
s3-symbol-logo.tradingview.com/ Frame 6587 182 B
590 B 228ms
227ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/fedex.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:27:05 GMT
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:21 GMT
server: AmazonS3
age: 2042
etag: "a4fcbd383e2f657b6528f4aa95844de5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: a4fcbd383e2f657b6528f4aa95844de5
content-length: 182
x-amz-cf-id: j9bIFjztTisD9WFsCCRuJ6eZ1CvHwMK_nBWdR6l9IF_LgUjOySr9pA==

GET
H2 200 united-parcel.svg
s3-symbol-logo.tradingview.com/ Frame 6587 1 KB
1 KB 229ms
228ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/united-parcel.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:13:16 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:56:05 GMT
server: AmazonS3
age: 2856
etag: W/"ffadcdfb231eca2a6bddb9ca0efde5be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: ffadcdfb231eca2a6bddb9ca0efde5be
x-amz-cf-id: 7usnY3gaMGmhtVWbEITAIxHMLPcutRnZRgIiaW713OwBRCWE7q2obw==

GET
H2 200 microsoft.svg
s3-symbol-logo.tradingview.com/ Frame 6587 304 B
709 B 232ms
231ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/microsoft.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:37:25 GMT
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
server: AmazonS3
age: 1451
etag: "074d127e2f9fd8c2e79c01a5f002979c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
content-length: 304
x-amz-cf-id: 0IFcFo4i3ZoMtnYXUJrC8zbPXw_AtNIlVc396ERaoq1I9u8J-WFb4w==

GET
H2 200 tesla.svg
s3-symbol-logo.tradingview.com/ Frame 6587 508 B
916 B 233ms
232ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/tesla.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:47:54 GMT
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:16 GMT
server: AmazonS3
age: 749
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
content-length: 508
x-amz-cf-id: TDzj--Trj9U-P2jXaAZjlVWADR6ANJuvUvSyKYj5UBpc292qCRabLg==

GET
H2 200 amazon.svg
s3-symbol-logo.tradingview.com/ Frame 6587 1 KB
1 KB 237ms
236ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/amazon.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:29:07 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:49 GMT
server: AmazonS3
age: 1883
etag: W/"839d24db4574bb8543cec9624d3e1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
x-amz-cf-id: 2NPDLaw9iyUFbtYqqrYiHB-Na-NmxMKgsm03D1QrOLPt9a3bhQ5qhw==

GET
H2 200 dillards.svg
s3-symbol-logo.tradingview.com/ Frame 6587 522 B
937 B 247ms
246ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/dillards.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:27:06 GMT
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:49 GMT
server: AmazonS3
age: 2329
etag: "fe0a346dd65be84d3e810b04e0ec4c77"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: fe0a346dd65be84d3e810b04e0ec4c77
content-length: 522
x-amz-cf-id: RIhtgXdLWx4uNIE9JkRr9D-41CKZ7_QRkPRs7JtW5ZDi1Kal6QIoyg==

GET
H2 200 twitter.svg
s3-symbol-logo.tradingview.com/ Frame 6587 635 B
1 KB 238ms
237ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/twitter.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:12:01 GMT
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:54:59 GMT
server: AmazonS3
age: 2902
etag: "4c66a5172a9c77ab75e140f5079218ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: 4c66a5172a9c77ab75e140f5079218ec
content-length: 635
x-amz-cf-id: 0hiUUh-7hoGH-Owc5_w2SRd6UhtcP5Ke87wbWRGi5pOb27FzOCMixg==

GET
H2 200 crispr-therapeutics-ag.svg
s3-symbol-logo.tradingview.com/ Frame 6587 1 KB
1 KB 247ms
246ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crispr-therapeutics-ag.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:22:12 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:03:06 GMT
server: AmazonS3
age: 2801
etag: W/"16a44c1a6154b68c7aa2fa206e59c817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: 16a44c1a6154b68c7aa2fa206e59c817
x-amz-cf-id: eQNz1RWs1UdHdMLmawrLYXve4iWeafsDypsDQQMgAACYX4pLd6WpDg==

GET
H2 200 berkshire-hathaway.svg
s3-symbol-logo.tradingview.com/ Frame 6587 1 KB
1 KB 246ms
245ms Image
image/svg+xml 54.192.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/berkshire-hathaway.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-108.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:48:54 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:25 GMT
server: AmazonS3
age: 689
etag: W/"7c18bc7ae368cb48e47ba8066bb6f18d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: SIN2-C1
x-amz-meta-hash: 7c18bc7ae368cb48e47ba8066bb6f18d
x-amz-cf-id: -PXDGf42y9OX8ouSabn9GFYF96DBcfPx0k7z5ufkzIzvCZAd5R2BUQ==

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 602ms
200ms Preflight
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbeforeitsnews.com%2F&domain=beforeitsnews.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://beforeitsnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 03 Sep 2022 12:00:22 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 277513
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 350 B
660 B 602ms
200ms XHR
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbeforeitsnews.com%2F&domain=beforeitsnews.com&cw=1&lsw=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

20bcd8bdd33fe50162b31c0d788c2dd8dc761f95afd517d34f6fb043d4a1f6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:22 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 711548
strict-transport-security: max-age=31536000; preload;
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 596ms
200ms Preflight
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbeforeitsnews.com%2F&domain=beforeitsnews.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://beforeitsnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 03 Sep 2022 12:00:21 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 219733
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 345 B
658 B 604ms
202ms XHR
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbeforeitsnews.com%2F&domain=beforeitsnews.com&cw=1&lsw=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

85ccee5ad88a169089e98557d2bb02ea1015a150ac8f6a0f1d1af3e9726c8be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:21 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 566887
strict-transport-security: max-age=31536000; preload;
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 584ms
200ms Preflight
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbeforeitsnews.com%2F&domain=beforeitsnews.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://beforeitsnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 03 Sep 2022 12:00:21 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 265920
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 347 B
653 B 603ms
201ms XHR
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbeforeitsnews.com%2F&domain=beforeitsnews.com&cw=1&lsw=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

83685b8121366befe151b1eabd84dd0b8c43bc023c676203467eab24224bcb81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:22 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 719083
strict-transport-security: max-age=31536000; preload;
expires: 0

GET
H3 200 collect
www.google-analytics.com/ Frame 6587 35 B
55 B 193ms
193ms Image
image/gif 142.251.12.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=567242444&t=pageview&_s=1&dl=https%3A%2F%2Fs.tradingview.com%2Fembed-widget%2Fticker-tape%2F%3Flocale%3Den&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Ticker%20Tape%20Widget&sd=24-bit&sr=1600x1200&vp=775x46&je=0&_u=YEAAAQAB~&cid=1267700322.1662206422&tid=UA-132755435-1&_gid=203534551.1662206422&gtm=2ou8v0&gcs=G1-0&z=1695368627

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 04:44:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26157
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 457 B
1 KB 1204ms
400ms XHR
application/json 141.95.98.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.68 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216657.ip-141-95-98.eu

Software

Resource Hash

cb098d30f138e774eb7116631b5bbd04e3d02f9dc017967273f1f4e332f5dbcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 03 Sep 2022 12:00:22 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 457 B
1 KB 1208ms
401ms XHR
application/json 141.95.98.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.68 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216657.ip-141-95-98.eu

Software

Resource Hash

bdd107a66b8908477daf2e2516e120575f8e60e401ea4228a1181c1c187adf2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 03 Sep 2022 12:00:22 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 456 B
1 KB 1210ms
405ms XHR
application/json 141.95.98.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.68 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216657.ip-141-95-98.eu

Software

Resource Hash

fc2e32240f3044fccb8a5de2022acd096ce6998b46368ca10c2c6461ce2565f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 03 Sep 2022 12:00:22 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame AC2E 15 KB
6 KB 271ms
270ms Document
text/html 23.72.44.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-44-196.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=105897
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sat, 03 Sep 2022 12:00:22 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 04 Sep 2022 17:25:19 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 65F8
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=968bf5de-6e97-4c97-aee3-ddd63bc15521

0
404 B

1489ms
297ms

Document
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=968bf5de-6e97-4c97-aee3-ddd63bc15521
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Content-Length: 0
Date: Sat, 03 Sep 2022 12:00:23 GMT
Etag: 014a198f7447c58f
Server: Adtelligent

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 744e531d1d0da8c8-SYD
content-length: 0
date: Sat, 03 Sep 2022 12:00:22 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=968bf5de-6e97-4c97-aee3-ddd63bc15521
server: cloudflare

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 9329 1 KB
1 KB 296ms
295ms Document
text/html 107.151.8.10
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=651796
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.8.10 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer: https://s.adtelligent.com/sync.html?aid=754484
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s.adtelligent.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 783
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Sep 2022 12:00:21 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame CA6A 1 KB
1004 B 2427ms
295ms Document
text/html 23.227.146.18
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s.adtelligent.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 699
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Sep 2022 12:00:23 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame EFF0 2 KB
863 B 753ms
355ms Document
text/html 139.99.49.250
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip250.ip-139-99-49.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2

200

/ Show response
de.tynt.com/deb/ Frame 4C48
Redirect Chain

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X

2 KB
3 KB

1190ms
285ms

Document
text/html

67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: eeea019d178f9d8cc11cf74817c89892903b8ef3556366819b60fa370af44dc5

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 1932
content-type: text/html
date: Sat, 03 Sep 2022 12:00:23 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

Redirect headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
content-length: 171
content-type: text/html; charset=utf-8
date: Sat, 03 Sep 2022 12:00:23 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
location: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame B5EA
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

1 KB
939 B

200ms
200ms

Document
text/html

64.120.110.136
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.136 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 122a8abb31063d32e9327bed2a8695c3ea423843db5677f2ea9c8c90b120072c

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Sat, 03 Sep 2022 12:00:23 GMT
expires: Sat, 03 Sep 2022 12:00:23 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: SIN-726

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Sat, 03 Sep 2022 12:00:22 GMT
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: SIN-726

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 761D
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=9cfada2e-1e05-4e09-bff6-537439dec9dc

0
404 B

1389ms
303ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=9cfada2e-1e05-4e09-bff6-537439dec9dc
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:23 GMT
Server: Adtelligent
Etag: 014a198f7447c58f
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:22 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=9cfada2e-1e05-4e09-bff6-537439dec9dc
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: ufbpn68c3rllsl526rj9ere8i3sun641

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 761D
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=FQRQELZHOKWIL_B2QHSJG6JO

0
392 B

1343ms
301ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=FQRQELZHOKWIL_B2QHSJG6JO
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:23 GMT
Server: Adtelligent
Etag: 014a198f7447c58f
Content-Length: 0

Redirect headers

Date: Sat, 03 Sep 2022 12:00:23 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=FQRQELZHOKWIL_B2QHSJG6JO
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap4sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 761D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8939661658751623204

0
387 B

1392ms
301ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8939661658751623204
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:23 GMT
Server: Adtelligent
Etag: 014a198f7447c58f
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 03 Sep 2022 12:00:23 GMT
X-Proxy-Origin: 173.245.209.81; 173.245.209.81; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a550b1c3-fdb2-49ce-81b8-a911e859d2a0
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8939661658751623204
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 761D
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=1a10a256-7ad1-4bc9-adf0-c48e6466cb70

0
404 B

1153ms
302ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=1a10a256-7ad1-4bc9-adf0-c48e6466cb70
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:23 GMT
Server: Adtelligent
Etag: 014a198f7447c58f
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=1a10a256-7ad1-4bc9-adf0-c48e6466cb70
date: Sat, 03 Sep 2022 12:00:23 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 761D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1551876106988481962

0
387 B

1374ms
300ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1551876106988481962
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:23 GMT
Server: Adtelligent
Etag: 014a198f7447c58f
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 03 Sep 2022 12:00:23 GMT
X-Proxy-Origin: 173.245.209.81; 173.245.209.81; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c4020135-7268-4a5d-bdb6-575f272cd42a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1551876106988481962
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 761D
Redirect Chain

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=1dfebb45-e74b-4735-ae6c-47d4f640271e

0
404 B

1269ms
302ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=1dfebb45-e74b-4735-ae6c-47d4f640271e
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:23 GMT
Server: Adtelligent
Etag: 014a198f7447c58f
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=1dfebb45-e74b-4735-ae6c-47d4f640271e
date: Sat, 03 Sep 2022 12:00:23 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
vid.vidoomy.com/ Frame 761D 0
0 1026ms
338ms Image
text/html 89.187.162.142
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.162.142 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-162-142.cdn77.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

200

m
cm.mgid.com/ Frame 761D
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
https://cm.mgid.com/m?cdsp=617666&c=014a198f7447c58f

43 B
425 B

304ms
303ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617666&c=014a198f7447c58f
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 744e5328f801a7ff-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

Location: https://cm.mgid.com/m?cdsp=617666&c=014a198f7447c58f
Date: Sat, 03 Sep 2022 12:00:23 GMT
Server: Adtelligent
Etag: 014a198f7447c58f
Content-Length: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame AC2E 2 KB
3 KB 604ms
200ms Script
text/html 67.199.150.81
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23440129&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 045328d1dd45a333f8b8eb322e072be5f1c18bfb403705577a1c6ca5c1daf352

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:23 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3D65 15 KB
6 KB 271ms
269ms Document
text/html 23.72.44.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-44-196.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=105897
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sat, 03 Sep 2022 12:00:22 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 04 Sep 2022 17:25:19 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 023F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
https://eus.rubiconproject.com/usync.html?p=17184-d

281 B
424 B

265ms
260ms

Document
text/html

23.15.148.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-15-148-136.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Sat, 03 Sep 2022 12:00:23 GMT
etag: "40014-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
unused62: 8096267
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 03 Sep 2022 12:00:23 GMT
location: https://eus.rubiconproject.com/usync.html?p=17184-d
server: AkamaiGHost

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame AC02 2 KB
864 B 445ms
353ms Document
text/html 139.99.49.250
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=75a1922f904cc20

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip250.ip-139-99-49.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame 9329 43 B
320 B 1780ms
299ms Image
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?redir=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:23 GMT
Server: Adtelligent
Etag: 014a198f7447c58f
Content-Length: 43
Content-Type: image/gif

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame B5EA
Redirect Chain

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Df1ce10a55bd22640
https://pixel.sitescout.com/dmp/pixelSync?cookieQ=1&network=EPLANNING&rurl=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Df1ce10a55bd22640
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2...

49 B
729 B

258ms
258ms

Image
image/gif

18.139.80.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553%26partner_url%3Dhttps%253A%252F%252Fu-sin01.e-planning.net%252Fum%253Fuid%253D745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553%2526dc%253D0abbcb4eba840e59%2526fi%253Df1ce10a55bd22640&ct=y
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 18.139.80.166 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-80-166.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:25 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.1.154
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:24 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553%26partner_url%3Dhttps%253A%252F%252Fu-sin01.e-planning.net%252Fum%253Fuid%253D745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553%2526dc%253D0abbcb4eba840e59%2526fi%253Df1ce10a55bd22640&ct=y
cache-control: no-cache
x-server: 10.42.30.75
content-length: 0
expires: 0

GET
H2

200

um
u-sin01.e-planning.net/ Frame B5EA
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Df1ce10a55bd22640%26uid%3D%24%7BUID%7D
https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=f1ce10a55bd22640&uid=9cfada2e-1e05-4e09-bff6-537439dec9dc

42 B
104 B

598ms
196ms

Image
image/gif

64.120.110.139
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=f1ce10a55bd22640&uid=9cfada2e-1e05-4e09-bff6-537439dec9dc
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 64.120.110.139 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:23 GMT
server: openresty
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:23 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=f1ce10a55bd22640&uid=9cfada2e-1e05-4e09-bff6-537439dec9dc
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: ul90snjnqaaf9btskvpboa6civrdp2st

GET
H/1.1 200 ptag Show response
a.audrte.com/ Frame B5EA 5 KB
2 KB 1205ms
301ms Script
text/plain 52.20.226.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptag?p=M1353665098
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.226.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-226-248.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 453b2621e7077fd54fa1aa9e26aaf854f9bbce09d6013f4ce09ba161e4271fb2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:24 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1682

GET
H2

200

um
u-sin01.e-planning.net/ Frame B5EA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Df1ce10a55bd22640%26uid%3D%24UID
https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=f1ce10a55bd22640&uid=8939661658751623204

42 B
103 B

370ms
196ms

Image
image/gif

64.120.110.139
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=f1ce10a55bd22640&uid=8939661658751623204
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 64.120.110.139 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:23 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 03 Sep 2022 12:00:23 GMT
X-Proxy-Origin: 173.245.209.81; 173.245.209.81; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9b7e479b-965c-413f-b0eb-de377f4ff4ea
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=f1ce10a55bd22640&uid=8939661658751623204
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dtscout20220831.js Show response
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame B5EA 478 B
515 B 772ms
254ms Script
application/x-javascript 198.206.157.242
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.206.157.242 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:23 GMT
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 19:37:37 GMT
server: openresty
etag: W/"630fb881-1de"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Thu, 02 Sep 2027 12:00:23 GMT

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 3540
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D&s=190243&C=1

2 KB
2 KB

782ms
253ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D&s=190243&C=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2953581bfdf68aac5e92afc0f685e0f07f447dff83c38e8b581de25c66e8f2e

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 744e5326f91f5539-SYD
content-encoding: br
content-type: text/html
date: Sat, 03 Sep 2022 12:00:24 GMT
dropped-udsids: 230|45|39|241|111|191|3|17
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Za%2FejN7NwEcZ9y6ExVm9OyZUia7%2FwQrSg8bbYVJwQcE%2BLgGHkSrJX88pTyRRXkB1XDBHsfhmkX7cFKSZNMvi9iMo9QiO1JLL9a0SkHSNp%2FopJVCnIdR2x20eumdSjakSsFgN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 744e53224b94a96e-SYD
content-type: text/html; charset=iso-8859-1
date: Sat, 03 Sep 2022 12:00:23 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D&s=190243&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qs43A1ilbNyvteDnEnJFRUa63Hd4uqPm8gPfe4EwxN1zKFoY80nt%2B0F3gjbrz%2BvBHc3psWAqYTHI1Euwu8rwhP43BU5G3NYZcqj02aRMGe9kcZqAZDNpEf%2FuPNsfgOHux%2FHTHSpK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame B5B5 1 KB
2 KB 2395ms
249ms Document
text/html 204.93.150.152
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.93.150.152 Arlington Heights, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.AP-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 141607
cf4ttl: 157680000.000
content-length: 1525
content-type: text/html
date: Sat, 03 Sep 2022 12:00:25 GMT
etag: "61ddbb71-5f5"
expires: Tue, 18 May 2027 12:45:00 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-rand: 5.053
x-cf-reqid: 0d7aae8e9efcb58ffeb185648235d95b
x-cf-tsc: 1653105908
x-cf1: 29080:fG.sjc1:co:1585621119:cacheN.sjc1-01:H
x-cf2: H
x-cf3: H
x-cff: B

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 4F72
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=7494DC50-8E6C-407B-8BC7-36E85E157FAE
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7494DC50-8E6C-407B-8BC7-36E85E157FAE

35 B
468 B

474ms
474ms

Document
image/gif

185.84.60.21
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7494DC50-8E6C-407B-8BC7-36E85E157FAE

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sat, 03 Sep 2022 12:00:24 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Sat, 03 Sep 2022 12:00:24 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7494DC50-8E6C-407B-8BC7-36E85E157FAE
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6828
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:53bb6313-41d7-4b00-991d-c051071492f9&gdpr=0&gdpr_consent=

42 B
343 B

200ms
200ms

Document
image/gif

67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:53bb6313-41d7-4b00-991d-c051071492f9&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 03 Sep 2022 12:00:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sat, 03 Sep 2022 12:00:23 GMT
Expires: Sat, 03 Sep 2022 12:00:22 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4505 5b23575 master nrt-pixel-x21 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:53bb6313-41d7-4b00-991d-c051071492f9&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E805
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxNB1wAEcP_UZQBN&gdpr=0&gdpr_consent=&_test=YxNB1wAEcP_UZQBN

1 B
222 B

199ms
198ms

Document
text/html

67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxNB1wAEcP_UZQBN&gdpr=0&gdpr_consent=&_test=YxNB1wAEcP_UZQBN
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sat, 03 Sep 2022 12:00:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Sat, 03 Sep 2022 12:00:23 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxNB1wAEcP_UZQBN&gdpr=0&gdpr_consent=&_test=YxNB1wAEcP_UZQBN
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-syd10141-SYD
x-timer: S1662206424.794290,VS0,VE0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CC2F
Redirect Chain

https://cm.ambientdsp.com/cm/send?vc=pmj
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wx4slej0xgb

1 B
246 B

199ms
197ms

Document
text/html

67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wx4slej0xgb
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sat, 03 Sep 2022 12:00:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-store
content-length: 0
date: Sat, 03 Sep 2022 12:00:23 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wx4slej0xgb
lws: 127.0.0.1
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 8BDB 0
404 B 1194ms
300ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=7494DC50-8E6C-407B-8BC7-36E85E157FAE
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Content-Length: 0
Date: Sat, 03 Sep 2022 12:00:23 GMT
Etag: 5d7fc0a218527696
Server: Adtelligent

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AC2E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dJTcUI5sQHuLxzboXhV_rg%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

270ms
270ms

Image
text/html

23.72.44.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-44-196.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=105896
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Sun, 04 Sep 2022 17:25:19 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

px
p.adsymptotic.com/d/ Frame AC2E
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=7494DC50-8E6C-407B-8BC7-36E85E157FAE
https://pippio.com/api/sync?pid=5324&it=1&iv=efd46e475cd61b7da66f9f1b759a27c3064225e3bf8412641f2aa576c9b155d7791426b5417dce21&_=2
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d&_expected_cookie=c3b28c83b2e40ff722e0674366eb4e3f

43 B
141 B

197ms
197ms

Image
image/gif

104.18.100.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d&_expected_cookie=c3b28c83b2e40ff722e0674366eb4e3f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP='NON DSP COR CONi OUR BUS CNT'
date: Sat, 03 Sep 2022 12:00:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 744e53285fa6a947-SYD
content-length: 43
content-type: image/gif

Redirect headers

location: https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d&_expected_cookie=c3b28c83b2e40ff722e0674366eb4e3f
date: Sat, 03 Sep 2022 12:00:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 744e5326fe4aa947-SYD
content-length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame AC2E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=091b6313-41d7-4400-a5b1-0aa92842465b

0
48 B

889ms
298ms

Image
text/plain

103.231.98.195
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=091b6313-41d7-4400-a5b1-0aa92842465b
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 03 Sep 2022 12:00:23 GMT
Server: MT3 4505 5b23575 master nrt-pixel-x14 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=091b6313-41d7-4400-a5b1-0aa92842465b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 03 Sep 2022 12:00:22 GMT

GET
H3

200

m
cm.mgid.com/ Frame AC2E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAA9Uk45m-faYpB0Edwl32k&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D7494DC50-8E6C-407B-8BC7-36E85E157FAE
https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE

43 B
441 B

295ms
294ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 744e532b8b3ea7ff-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE
date: Sat, 03 Sep 2022 11:59:56 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AC2E
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:AAD03D0E7B304BCBAC1BF2DCD2D7430C

42 B
227 B

303ms
302ms

Image
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:AAD03D0E7B304BCBAC1BF2DCD2D7430C
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Sat, 03 Sep 2022 12:00:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:AAD03D0E7B304BCBAC1BF2DCD2D7430C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Fri, 02 Sep 2022 12:00:23 GMT

GET
H2 200 7494DC50-8E6C-407B-8BC7-36E85E157FAE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame AC2E 43 B
1 KB 608ms
205ms Image
image/gif 46.137.228.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/7494DC50-8E6C-407B-8BC7-36E85E157FAE?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.137.228.209 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-46-137-228-209.ap-southeast-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 43
x-content-type-options: nosniff

GET
H3

200

m
cm.mgid.com/ Frame AC2E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6fa743a2-48a0-4cef-8781-82b2f587e02f
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D7494DC50-8E6C-407B-8BC7-36E85E157FAE
https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE

43 B
441 B

293ms
293ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 744e532b8b42a7ff-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE
date: Sat, 03 Sep 2022 12:00:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame AC2E
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aZzC3Guel9hyzpeNOZ_eiT7Nwd9ymMPWbJqOIUU6
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7494DC50-8E6C-407B-8BC7-36E85E157FAE&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6svmn1tE2uV0moaAsVihQUG.i_LGpkY-~A&gdpr=0&gdpr_consent=

0
48 B

296ms
296ms

Image
text/plain

103.231.98.195
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6svmn1tE2uV0moaAsVihQUG.i_LGpkY-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6svmn1tE2uV0moaAsVihQUG.i_LGpkY-~A&gdpr=0&gdpr_consent=
date: Sat, 03 Sep 2022 12:00:24 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame AC2E
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=35e7e536-bc52-4779-9819-c50a96e3eb46&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ac321931-d25f-4f40-9d8f-56bb2a02c19d&gdpr=&gdpr_consent=&gdpr_pd=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7612805607885766021
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
109 B

295ms
295ms

Image
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Sat, 03 Sep 2022 12:00:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

m
cm.mgid.com/ Frame AC2E
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8939661658751623204&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D7494DC50-8E6C-407B-8BC7-36E85E157FAE
https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE

43 B
441 B

290ms
290ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 744e532b8b41a7ff-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=712807&c=7494DC50-8E6C-407B-8BC7-36E85E157FAE
date: Sat, 03 Sep 2022 12:00:25 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 023F 31 KB
9 KB 261ms
261ms Script
text/html 23.15.148.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-15-148-136.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7bf33c686c7d0098b15fa105f49c725fa99d02b4800bae9e067f339160d4d7b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:23 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2022 20:46:19 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=75104
content-type: text/html; charset=UTF-8
content-length: 9378
expires: Sun, 04 Sep 2022 08:52:07 GMT

GET
H/1.1

200
OK

csync
sync.spotim.market/ Frame 023F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&khaos=L7LUSCU2-1Z-6XU7
https://sync.spotim.market/csync?t=a&ep=323557&extuid=

43 B
318 B

1003ms
297ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.spotim.market/csync?t=a&ep=323557&extuid=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:24 GMT
Server: Adtelligent
Etag: 3755bba28c72d27f
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://sync.spotim.market/csync?t=a&ep=323557&extuid=
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 023F
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/P_numMiLOBMXEDh58r1nB8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3267689072523275593

42 B
773 B

197ms
196ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3267689072523275593
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
Content-Type: image/gif

Redirect headers

date: Sat, 03 Sep 2022 12:00:24 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3267689072523275593
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 023F
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdMVVNDVTItMVotNlhVNw==

170 B
188 B

196ms
196ms

Image
image/png

142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdMVVNDVTItMVotNlhVNw==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d

Protocol

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdMVVNDVTItMVotNlhVNw==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 023F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Tm5AZoviSaWhGOtcoPfHLw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Tm5AZoviSaWhGOtcoPfHLw

43 B
516 B

304ms
304ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Tm5AZoviSaWhGOtcoPfHLw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Sep 2022 12:00:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1N2J5YECSKSGTY2K4XT8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Tm5AZoviSaWhGOtcoPfHLw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 023F
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7LUSCU2-1Z-6XU7

0
572 B

510ms
300ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7LUSCU2-1Z-6XU7
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:25 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 3535F1CFD5BF48D0A50FC1A6FA27AEBD Ref B: SYD03EDGE1405 Ref C: 2022-09-03T12:00:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXnxJeEsA1mXESr9Yc2ZA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7LUSCU2-1Z-6XU7
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 023F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC8pxs52RqrtcoANXT19rAU&google_cver=1

42 B
773 B

196ms
195ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC8pxs52RqrtcoANXT19rAU&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC8pxs52RqrtcoANXT19rAU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 023F
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6fa743a2-48a0-4cef-8781-82b2f587e02f&gdpr=0&gdpr_consent=&expires=30

42 B
773 B

198ms
197ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6fa743a2-48a0-4cef-8781-82b2f587e02f&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: c80248407eff6cf595ce43a76c04e23f
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:24 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6fa743a2-48a0-4cef-8781-82b2f587e02f&gdpr=0&gdpr_consent=&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 023F
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDE0ZDI4NDUyN2RmZTdjYjZiMGNmMzI1NDM1YTI0OTI0MjMyZGRlMQ

170 B
188 B

199ms
199ms

Image
image/png

142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDE0ZDI4NDUyN2RmZTdjYjZiMGNmMzI1NDM1YTI0OTI0MjMyZGRlMQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d

Protocol

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDE0ZDI4NDUyN2RmZTdjYjZiMGNmMzI1NDM1YTI0OTI0MjMyZGRlMQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 023F
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7LUSCU2-1Z-6XU7&sigv=1&esig=2~6e014f3ad416634828e0a8351ce8a60692f6bc19

0
194 B

609ms
202ms

Image
text/plain

106.10.236.37
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7LUSCU2-1Z-6XU7&sigv=1&esig=2~6e014f3ad416634828e0a8351ce8a60692f6bc19

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d

Protocol

Server

106.10.236.37 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

o1.ycpi.vip.sg3.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:25 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7LUSCU2-1Z-6XU7&sigv=1&esig=2~6e014f3ad416634828e0a8351ce8a60692f6bc19
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 808ed95536e7f55d8adbcb9fc76d309d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 lotame20220804.html Show response
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame 3B48 627 B
543 B 254ms
254ms Document
text/html 198.206.157.242
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.206.157.242 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: 30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=157680000
content-encoding: gzip
content-type: text/html
date: Sat, 03 Sep 2022 12:00:24 GMT
etag: W/"62ec189b-273"
expires: Thu, 02 Sep 2027 12:00:24 GMT
last-modified: Thu, 04 Aug 2022 19:06:03 GMT
server: openresty

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame C186 636 B
577 B 254ms
254ms Document
text/html 198.206.157.242
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.206.157.242 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=157680000
content-encoding: gzip
content-type: text/html
date: Sat, 03 Sep 2022 12:00:24 GMT
etag: W/"601b131c-27c"
expires: Thu, 02 Sep 2027 12:00:24 GMT
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
server: openresty

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame ACB9 0
384 B 357ms
298ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AHfNCXQJMAFWuogX
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Content-Length: 0
Date: Sat, 03 Sep 2022 12:00:23 GMT
Etag: 374ee43f635a30f5
Server: Adtelligent

GET
H2

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 3540
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YxNB1_uWBS4xVSeHaXJ-dQAAJucAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELKT_nluyTwYVX-ODVbt48o&google_cver=1

43 B
888 B

442ms
237ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELKT_nluyTwYVX-ODVbt48o&google_cver=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D&s=190243&C=1
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 744e532b2f4d5593-SYD
pragma: no-cache
date: Sat, 03 Sep 2022 12:00:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bg8PU3PXUJoa%2B8IVRQqo6MKOQ%2Bg%2BxDELVWWlLlOOd%2FE3hGTUJ%2BulDVp%2BlPElq7bH63Cn4PxsbtsrhOycIbwoqptC2Mp2j3zCBCy98XNAIFBivFlsCsBcx3Nv8D4dF%2FS7LnOxNq8CqBbjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELKT_nluyTwYVX-ODVbt48o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 3540
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YxNB1-uWBS4xVSeHaXJ.dQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEHxDxR9c7C-E7X5IPBvcDA&google_cver=1&google_hm=2

43 B
925 B

213ms
212ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEHxDxR9c7C-E7X5IPBvcDA&google_cver=1&google_hm=2
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 744e532cad30aad2-SYD
pragma: no-cache
date: Sat, 03 Sep 2022 12:00:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avgr%2FWiL22M7yI71Nh2qM5MyqSF40GC461aNrrEX3mh4MPzQllh7sTHCueH2aiZ3U8s4aMzut5PelEVWeGfOWfTXnnqYXg4eN7fsUhM090S4Or36HB0c5Z6RNGQ0iVyXbYucwlAb8o3GQA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEHxDxR9c7C-E7X5IPBvcDA&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 3540
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6fa743a2-48a0-4cef-8781-82b2f587e02f&expiration=1664798424&gdpr=0&gdpr_consent=

43 B
883 B

319ms
216ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6fa743a2-48a0-4cef-8781-82b2f587e02f&expiration=1664798424&gdpr=0&gdpr_consent=
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D&s=190243&C=1
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 744e5329ef24a96b-SYD
pragma: no-cache
date: Sat, 03 Sep 2022 12:00:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjckumwQaseiXWfODVvIOx4aqe9A%2FtJxheTznOWZAfmxPJmYdiZg7%2BW7pu%2FKJ3Wcy2%2FEjmVf%2Fd5M35cBHIJy45bMm3TE3f6DDHlT0txIg5FIX7a3skaZr9My0HibEDdcLUEJ07RynjvQDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:24 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6fa743a2-48a0-4cef-8781-82b2f587e02f&expiration=1664798424&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 3540
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YxNB1_uWBS4xVSeHaXJ-dQAAJucAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YxNB1_uWBS4xVSeHaXJ-dQAAJucAAAAB&dcc=t

43 B
892 B

321ms
320ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YxNB1_uWBS4xVSeHaXJ-dQAAJucAAAAB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D&s=190243&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Sep 2022 12:00:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1M7J0K8PCQSHF6GVGRVP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 03 Sep 2022 12:00:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 7S0DDZZH1V4MFVFMRPA6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YxNB1_uWBS4xVSeHaXJ-dQAAJucAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 3540
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7612805607885766021&expiration=1663416025

43 B
839 B

215ms
215ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7612805607885766021&expiration=1663416025
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 744e532e9f45aad2-SYD
pragma: no-cache
date: Sat, 03 Sep 2022 12:00:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2dLrdYKyHlNLNdxafbfphLk8xW5P4NCfh1lFrF1OzAYFk2lhUGBxoUSo1BnZNYTrypnvnGrZORbz9o7HseL1ITZk4nFWRaL1II9domCB0IPTzLrPvyaYaq2bg7Cv74IXmqbt9P9MxXdxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:25 GMT
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7612805607885766021&expiration=1663416025
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3540
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=121542ab-c661-3e6e-5c0c3f68

43 B
882 B

325ms
222ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=121542ab-c661-3e6e-5c0c3f68
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 744e532c4cc5aad2-SYD
pragma: no-cache
date: Sat, 03 Sep 2022 12:00:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANm53b1yo53y8s%2BNcuDOXQJckC8YJJloZFU48vqc0jMldVuLIi%2Bji8ajjdy5YRO6FBV%2BAEVkHFgx8%2BcBY5Zro%2Blp4QwH9jot9VuaW7BwOmWuezUaKkmLrVFwN2%2FbfOacD3yHwFotAzOn1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Sat, 03 Sep 2022 12:00:24 GMT
via: 1.1 google
server: nginx/1.22.0
access-control-allow-origin: *
p3p: CP='This is not a P3P policy!'
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=121542ab-c661-3e6e-5c0c3f68
cache-control: max-age=3600
content-type: text/html; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 3540
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=091b6313-41d7-4400-a5b1-0aa92842465b

43 B
419 B

225ms
224ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=091b6313-41d7-4400-a5b1-0aa92842465b
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D&s=190243&C=1
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 744e532a2f73a96b-SYD
pragma: no-cache
date: Sat, 03 Sep 2022 12:00:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAICOCdUsvwMvKxsbOrW2jd%2FqmN5ixKLcOTsxq4tk6cBYE2JW2haQBZmDSE5YpH56T3LbNOK2v4hGG%2BKvEfNkwoo8HkL04rySlaXSJHQHVTFzsgTPnHamyAVzaTfRj2Qx30dWCr%2BH%2BHDuw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Date: Sat, 03 Sep 2022 12:00:24 GMT
Server: MT3 4505 5b23575 master nrt-pixel-x14 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=091b6313-41d7-4400-a5b1-0aa92842465b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 03 Sep 2022 12:00:23 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 3540
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
https://stags.bluekai.com/site/23178?id=4iT3UqWL99R67EkS73tt&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NDJKQZVK...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=4iT3UqWL99R67EkS73tt

43 B
844 B

221ms
221ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=4iT3UqWL99R67EkS73tt
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 744e5338fa06aad2-SYD
pragma: no-cache
date: Sat, 03 Sep 2022 12:00:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJpo5cSRQ2YbLY5BmZSNkL4rt0AYOkfxS3RBZNmD%2FPMUqw86adNiifwvVWQJZz8%2FPo9E8gF6b6I8SPbgnmRef8hq9rDw7egs2TlhqEE7ajIwKc1n%2B5tiy%2Beucx86H0JVCAF%2BJ4bLA271zg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 03 Sep 2022 12:00:26 GMT
P3p: CP="We do not support P3P header."
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=4iT3UqWL99R67EkS73tt
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 115
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 um
u-sin01.e-planning.net/ Frame 3540 42 B
103 B 197ms
196ms Image
image/gif 64.120.110.139
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-sin01.e-planning.net/um?dc=99e41df815fd80b4&fi=f1ce10a55bd22640&uid=YxNB1-uWBS4xVSeHaXJ.dQAA%269959
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df1ce10a55bd22640%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.139 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:24 GMT
server: openresty
content-type: image/gif

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 3577
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

281 B
424 B

260ms
260ms

Document
text/html

23.15.148.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-15-148-136.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Sat, 03 Sep 2022 12:00:24 GMT
etag: "40014-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
unused62: 8096267
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 03 Sep 2022 12:00:24 GMT
location: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server: AkamaiGHost

GET
H2

200

cm Show response
us-u.openx.net/w/1.0/ Frame F026
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1662206424251.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D...

958 B
973 B

403ms
197ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: af7cf9a941708743df247331dfe510634427e1bf04659aff43830d865a80faa5

Request headers

Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 540
content-type: text/html
date: Sat, 03 Sep 2022 12:00:25 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Sat, 03 Sep 2022 12:00:24 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP001
x-33x-status: 40000000008200000C

GET
H2

200

match
events-ssc.33across.com/ Frame 4C48
Redirect Chain

https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=93&user_id=6fa743a2-48a0-4cef-8781-82b2f587e02f&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=ac321931-d25f-4f40-9d8f-56bb2a02c19d
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ac321931-d25f-4f40-9d8f-56bb2a02c19d&ts=1662206425&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
126 B

392ms
242ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ac321931-d25f-4f40-9d8f-56bb2a02c19d&ts=1662206425&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:25 GMT
via: 1.1 google
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:24 GMT
referrer-policy: unsafe-url
server: 33XP003
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ac321931-d25f-4f40-9d8f-56bb2a02c19d&ts=1662206425&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame 4C48
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1662206424251.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=091b6313-41d7-4400-a5b1-0aa92842465b

68 B
225 B

444ms
240ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=091b6313-41d7-4400-a5b1-0aa92842465b
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:25 GMT
via: 1.1 google
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

Date: Sat, 03 Sep 2022 12:00:25 GMT
Server: MT3 4505 5b23575 master nrt-pixel-x2 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=091b6313-41d7-4400-a5b1-0aa92842465b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 03 Sep 2022 12:00:24 GMT

GET
H3

200

match
events-ssc.33across.com/ Frame 4C48
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
https://tags.bluekai.com/site/17724?id=745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D745e0e7d-df55-4990-aaf3-9...
https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553&ts=1662206426&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
82 B

238ms
238ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=45&external_user_id=745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553&ts=1662206426&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H3
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:27 GMT
via: 1.1 google
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:26 GMT
referrer-policy: unsafe-url
server: 33XP001
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=45&external_user_id=745e0e7d-df55-4990-aaf3-974a4f497cb6-631341d7-5553&ts=1662206426&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H3

200

match
events-ssc.33across.com/ Frame 4C48
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1662206424251.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253...
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=8939661658751623204

68 B
82 B

467ms
264ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=8939661658751623204
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H3
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:26 GMT
via: 1.1 google
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
Date: Sat, 03 Sep 2022 12:00:26 GMT
X-Proxy-Origin: 173.245.209.81; 173.245.209.81; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2b5a2976-7ae9-4e84-855e-7ce222d9fcdb
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=8939661658751623204
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15238/ Frame 3B48 49 KB
16 KB 679ms
233ms Script
text/javascript 13.33.88.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-90.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 07:25:54 GMT
content-encoding: gzip
etag: W/"fdcd13007d5be3c218bd461a6aad998b"
last-modified: Wed, 03 Aug 2022 18:30:08 GMT
server: AmazonS3
age: 16471
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: SIN2-P2
x-amz-cf-id: A1WAP99_-JDl34td7YShnEnwn5nr54irb_5YdVfuFx2OaEiFys9uCg==

GET
H/1.1 200
OK GS.d Show response
js.cookieless-data.com/ Frame C186 0
535 B 1319ms
556ms Script
text/plain 212.129.3.113
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1662206424619

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.3.113 , France, ASN12876 (Online SAS, FR),

Reverse DNS

212-129-3-113.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Sep 2022 12:00:25 GMT
Server: nginx/1.20.2
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie Show response
cm.adform.net/ Frame D1A0 43 B
106 B 1402ms
395ms Document
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Sat, 03 Sep 2022 12:00:25 GMT
server: nginx

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame CA6A
Redirect Chain

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=14945c88350a2366

0
384 B

300ms
300ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=14945c88350a2366
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:25 GMT
Server: Adtelligent
Etag: 014a198f7447c58f
Content-Length: 0

Redirect headers

Location: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=14945c88350a2366
Date: Sat, 03 Sep 2022 12:00:25 GMT
Server: Adtelligent
Etag: 14945c88350a2366
Content-Length: 0

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 3577 31 KB
9 KB 266ms
266ms Script
text/html 23.15.148.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-15-148-136.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7bf33c686c7d0098b15fa105f49c725fa99d02b4800bae9e067f339160d4d7b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:25 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2022 20:46:19 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=75102
content-type: text/html; charset=UTF-8
content-length: 9378
expires: Sun, 04 Sep 2022 08:52:07 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame AC2E 0
48 B 299ms
296ms Script
text/plain 103.231.98.195
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

match
events-ssc.33across.com/ Frame 3577
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L7LUSCU2-1Z-6XU7
https://ssc-cms.33across.com/ps/?xi=1&xu=L7LUSCU2-1Z-6XU7
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L7LUSCU2-1Z-6XU7&ts=1662206426&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
82 B

269ms
239ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L7LUSCU2-1Z-6XU7&ts=1662206426&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H3
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:26 GMT
via: 1.1 google
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:25 GMT
referrer-policy: unsafe-url
server: 33XP003
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L7LUSCU2-1Z-6XU7&ts=1662206426&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/15238/ Frame 3B48 155 B
643 B 594ms
197ms XHR
application/json 13.33.88.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-90.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer: https://s.e-planning.net/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Sep 2022 02:57:53 GMT
via: 1.1 d349739893df3b59b8ea4953ff21a5e8.cloudfront.net (CloudFront)
age: 32552
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 155
last-modified: Wed, 03 Aug 2022 18:30:08 GMT
server: AmazonS3
etag: "1a1722e9cedbdc8af0dcd3345e46c73a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 86400
x-amz-cf-pop: SIN2-P2
accept-ranges: bytes
x-amz-cf-id: 4hhtKEih0MR1EJyXRAQBco8kyXHal5W-Eim4EEkerBM85QE1RzuWPg==

GET
H2 200 match
events-ssc.33across.com/ Frame F026 68 B
126 B 281ms
241ms Image
image/png 34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=70&external_user_id=d34f598f-7911-4d0f-b84d-9cb1b2d1990e
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:25 GMT
via: 1.1 google
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

GET openx
cs.nex8.net/cs/ Frame F026 0
0

GET
H3

200

dds
rtb.openx.net/sync/ Frame F026
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=enLf3Q4cxM4yDt_Wa5wx6w==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
64 B

195ms
195ms

Image
image/gif

35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:25 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vlfm8bg47ahq702e13dfl9l8fbthfq8k

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame F026 43 B
243 B 1135ms
245ms Image
image/gif 202.131.200.84
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Sep 2022 12:00:26 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
expires: -1

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame F026
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=091b6313-41d7-4400-a5b1-0aa92842465b

43 B
180 B

218ms
217ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=536872786&val=091b6313-41d7-4400-a5b1-0aa92842465b
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:26 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 03 Sep 2022 12:00:25 GMT
Server: MT3 4505 5b23575 master nrt-pixel-x2 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://jp-u.openx.net/w/1.0/sd?id=536872786&val=091b6313-41d7-4400-a5b1-0aa92842465b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 03 Sep 2022 12:00:24 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame F026
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3293074221158852118&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

196ms
196ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=3293074221158852118&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:26 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=3293074221158852118&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sat, 03 Sep 2022 12:00:26 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame F026
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=a52455e1-a79a-7de0-d47a-9361b8850b51&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6fa743a2-48a0-4cef-8781-82b2f587e02f&ttd_puid=a52455e1-a79a-7de0-d47a-9361b8850b51&gdpr=0&gdpr_consent=

43 B
62 B

304ms
202ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=6fa743a2-48a0-4cef-8781-82b2f587e02f&ttd_puid=a52455e1-a79a-7de0-d47a-9361b8850b51&gdpr=0&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:26 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=6fa743a2-48a0-4cef-8781-82b2f587e02f&ttd_puid=a52455e1-a79a-7de0-d47a-9361b8850b51&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 335

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame F026
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YxNB2sCo8YQAAK5wfQQAAAAA

43 B
61 B

202ms
201ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YxNB2sCo8YQAAK5wfQQAAAAA
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:26 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 28
Date: Sat, 03 Sep 2022 12:00:26 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":28,"gdpr":false,"ipv4":"173.245.209.81","key":"YxNB2sCo8YQAAK5wfQQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad75"}
X-SO-Ads-Time: 3
X-SO-Key: YxNB2sCo8YQAAK5wfQQAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad75
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YxNB2sCo8YQAAK5wfQQAAAAA
Cache-Control: private
X-SO-HostName: m-ad75.dc4p.scaleout.jp
Connection: keep-alive
Content-Length: 0
X-SO-LB-Hostname: m-tgng32.dc4p.scaleout.jp
X-SO-IP: 173.245.209.81

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame F026
Redirect Chain

https://cr-p3.ladsp.jp/cookiesender/3
https://cr-pall.ladsp.com/cookiesender/3
https://cr-pall.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Afbg-o4GsV2kks8ADsaW5sBw6M8AAAGDAzlASg

43 B
61 B

195ms
194ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Afbg-o4GsV2kks8ADsaW5sBw6M8AAAGDAzlASg
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:27 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:27 GMT
via: 1.1 4187f012ebd71eb85a8870ea46453784.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Afbg-o4GsV2kks8ADsaW5sBw6M8AAAGDAzlASg
cache-control: no-cache
content-length: 0
x-amz-cf-id: 0HpF8baTWViSbcrW52HziV4eZluQIXaQxs4wwjAMLFXdJGQO5b5MKQ==
expires: -1

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame F026 170 B
188 B 198ms
197ms Image
image/png 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODk0Yjg2MmItNmVlZC0yMzQ0LWMxOWEtYzlkODcyNjdjNTMx

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame F026
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK3m9NDMKaiY2OCiGZfC6NI&google_cver=1

43 B
61 B

201ms
195ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK3m9NDMKaiY2OCiGZfC6NI&google_cver=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:26 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK3m9NDMKaiY2OCiGZfC6NI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame 3B48 180 B
977 B 660ms
258ms XHR
application/json 54.251.128.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.251.128.63 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-128-63.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3fba98f59a57629b4b27b30fb400a01459da1b199956e290dc1f2b121c95dab4

Request headers

Referer: https://s.e-planning.net/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:26 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://s.e-planning.net
cache-control: no-cache
x-server: 10.42.8.155
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 180
expires: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3D65 3 KB
4 KB 201ms
199ms Script
text/html 67.199.150.81
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20848475&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: db5a5844e5bdd5315fee970c82d32e7652ec2a65d23860d9f3acf8585bd61397

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:59:59 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK send Show response
sync-dsp.ad-m.asia/dsp/api/sync/ Frame E7FB 43 B
243 B 588ms
251ms Document
image/gif 202.131.200.84
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Sep 2022 12:00:26 GMT
Pragma: no-cache
Server: nginx
expires: -1

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 14E7 43 B
363 B 605ms
201ms Document
image/gif 182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 12:00:26 GMT
expires: Sat, 03 Sep 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 587413
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1 200
OK pxd Show response
dps.jp.cinarra.com/ Frame 72E7 95 B
220 B 979ms
242ms Document
image/png 3.113.231.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=7494DC50-8E6C-407B-8BC7-36E85E157FAE
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.231.86 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-231-86.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 95
Content-Type: image/png
Date: Sat, 03 Sep 2022 12:00:26 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 81F4
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=368a2055f3b843b891f4d04fae5541d2
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

295ms
294ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

date: Sat, 03 Sep 2022 12:00:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Sat, 03 Sep 2022 12:00:26 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame EAD8
Redirect Chain

https://gocm.c.appier.net/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=q_rH4h6fCQulUX1z2kETYw
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

295ms
295ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,max-age=86400
date: Sat, 03 Sep 2022 12:00:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Sat, 03 Sep 2022 12:00:26 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D1B2
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hFvMu99p1OurP45&gdpr=0&gdpr_consent=

42 B
195 B

198ms
198ms

Document
image/gif

67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hFvMu99p1OurP45&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 03 Sep 2022 12:00:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sat, 03 Sep 2022 12:00:26 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hFvMu99p1OurP45&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0c66a101650797f5a@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 533D
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1662206426616
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6623687409
https://sync.1rx.io/usersync/tradedesk/6fa743a2-48a0-4cef-8781-82b2f587e02f
https://sync.targeting.unrulymedia.com/csync/RX-e6dbed26-2ea9-45a3-b5ec-bc1f4e90b9d4-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e6dbed26-2ea9-45a3-b5ec-bc1f4e90b9d4-004
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

297ms
297ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,max-age=86400
date: Sat, 03 Sep 2022 12:00:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Sat, 03 Sep 2022 12:00:27 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame ACD2
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ff8790b2-2b7f-11ed-b4ed-9640dae0e33a

42 B
322 B

199ms
198ms

Document
image/gif

67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ff8790b2-2b7f-11ed-b4ed-9640dae0e33a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 03 Sep 2022 12:00:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sat, 03 Sep 2022 12:00:26 GMT
Expires: Thu, 23 Sep 2004 17:42:04 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ff8790b2-2b7f-11ed-b4ed-9640dae0e33a
P3P: CP="NOI OTC OTP OUR NOR"
Pragma: no-cache
X-RealServer-NX: aws-apsoutheast1c-delivery-3
server: Cowboy

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame DED4
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3ee33fbb-754d-4d27-ac3c-9340d4e4307d-tucta0cc75a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
54 B

229ms
227ms

Document
text/plain

151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3ee33fbb-754d-4d27-ac3c-9340d4e4307d-tucta0cc75a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 0
date: Sat, 03 Sep 2022 12:00:26 GMT
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-syd10140-SYD
x-timer: S1662206427.588296,VS0,VE128

Redirect headers

accept-ranges: bytes
content-length: 0
date: Sat, 03 Sep 2022 12:00:26 GMT
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3ee33fbb-754d-4d27-ac3c-9340d4e4307d-tucta0cc75a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-syd10140-SYD
x-timer: S1662206426.391437,VS0,VE95
x-vcl-time-ms: 95

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 28D0
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
410 B

262ms
261ms

Document
image/gif

172.64.152.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 744e5336aad8a819-SYD
content-length: 43
content-type: image/gif; charset=utf-8
date: Sat, 03 Sep 2022 12:00:26 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 744e5334f8f4a819-SYD
content-type: text/html
date: Sat, 03 Sep 2022 12:00:26 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 1955

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 80C7 43 B
279 B 1660ms
425ms Document
image/gif 195.5.165.20

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Sep 2022 12:00:27 GMT
Vary: Accept-Encoding
X-adserver-worker: ragnarok-2959d41dae26@version_1.524
X-core-time: 3ms
X-server-arch: v2

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 582A
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0

0
74 B

198ms
198ms

Document
text/html

67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Sep 2022 12:00:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 744e53345a0da89e-SYD
content-length: 0
date: Sat, 03 Sep 2022 12:00:26 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server: cloudflare

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame B70A 0
44 B 897ms
297ms Document
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-length: 0
date: Sat, 03 Sep 2022 12:00:26 GMT
server: b

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 5945
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AAD03D0E7B304BCBAC1BF2DCD2D7430C
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

295ms
295ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

date: Sat, 03 Sep 2022 12:00:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Sat, 03 Sep 2022 12:00:26 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 78D4 0
404 B 304ms
302ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=7494DC50-8E6C-407B-8BC7-36E85E157FAE
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Content-Length: 0
Date: Sat, 03 Sep 2022 12:00:25 GMT
Etag: 014a198f7447c58f
Server: Adtelligent

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 3D65
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7494DC50-8E6C-407B-8BC7-36E85E157FAE&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7494DC50-8E6C-407B-8BC7-36E85E157FAE&sInitiator=external&gdpr=0&gdpr_consent=

42 B
220 B

297ms
296ms

Image
image/gif

119.9.108.191
RACKSPACE-AP Rack...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7494DC50-8E6C-407B-8BC7-36E85E157FAE&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 119.9.108.191 Central, Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

uip-response-status: FallbackResponse
date: Sat, 03 Sep 2022 12:01:02 GMT
frontend-id: 0
content-length: 42
routing-server-id: 1
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:01:02 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=7494DC50-8E6C-407B-8BC7-36E85E157FAE&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 qmap
sync.crwdcntrl.net/ Frame 3D65 49 B
264 B 235ms
231ms Image
image/gif 18.139.80.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7494DC50-8E6C-407B-8BC7-36E85E157FAE&gdpr=0&gdpr_consent=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.80.166 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-80-166.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:26 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.3.122
content-type: image/gif
content-length: 49
expires: 0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 3D65
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=7494DC50-8E6C-407B-8BC7-36E85E157FAE
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=7494DC50-8E6C-407B-8BC7-36E85E157FAE
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6e5cc988-5580-4842-b06f-f6373a1d5d26%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6fa743a2-48a0-4cef-8781-82b2f587e02f&ttd_puid=6e5cc988-5580-4842-b06f-f6373a1d5d26%2C

95 B
113 B

235ms
235ms

Image
image/png

107.178.244.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6fa743a2-48a0-4cef-8781-82b2f587e02f&ttd_puid=6e5cc988-5580-4842-b06f-f6373a1d5d26%2C

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484

Protocol

Server

107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

193.244.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:27 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6fa743a2-48a0-4cef-8781-82b2f587e02f&ttd_puid=6e5cc988-5580-4842-b06f-f6373a1d5d26%2C
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 353

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 3D65
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3221016627120924182&gdpr=0&gdpr_consent=&us_privacy=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
43 B

296ms
295ms

Image
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Sat, 03 Sep 2022 12:00:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3D65
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8939661658751623204

42 B
95 B

198ms
197ms

Image
image/gif

67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8939661658751623204
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Server: 67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:27 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sat, 03 Sep 2022 12:00:27 GMT
X-Proxy-Origin: 173.245.209.81; 173.245.209.81; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 63ac127b-5848-435c-bcfb-7de8633df34a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8939661658751623204
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3D65
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7494DC50-8E6C-407B-8BC7-36E85E157FAE&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=51ee744dee9225f&is_secure=true&networkId=17100&version=1&nuid=7494DC50-8E6C-407B-8BC7-36E85E157FAE&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNg52gD1NQANGSTgVAAAAAAA&expiration=1662292827&nuid=7494DC50-8E6C-407B-8BC7-36E85E157FAE&...

42 B
264 B

198ms
198ms

Image
image/gif

67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNg52gD1NQANGSTgVAAAAAAA&expiration=1662292827&nuid=7494DC50-8E6C-407B-8BC7-36E85E157FAE&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Server: 67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:27 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:27 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNg52gD1NQANGSTgVAAAAAAA&expiration=1662292827&nuid=7494DC50-8E6C-407B-8BC7-36E85E157FAE&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame 3D65 35 B
209 B 738ms
244ms Image
image/gif 54.64.204.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.204.44 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-204-44.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:26 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 2397 2 KB
1 KB 200ms
200ms Document
text/html 13.33.88.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-90.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Referer: https://s.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 9737
cache-control: max-age: 86400
content-encoding: gzip
content-type: text/html
date: Sat, 03 Sep 2022 09:18:10 GMT
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront)
x-amz-cf-id: oJe_xcVQCQeFWYs3shGWlG8c2ot18KxodMXEigy8IqbsFg3rku3clA==
x-amz-cf-pop: SIN2-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame D346 1 KB
1 KB 199ms
198ms Document
text/html 54.251.128.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C38%2C106%2C80%2C2&c=15238
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.251.128.63 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-128-63.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 29aa8a988acb9cf8f043e73b1ebbcb804446a6bb0bcdbbb02a80f326e7e8a034

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-cache
content-length: 1044
content-type: text/html
date: Sat, 03 Sep 2022 12:00:26 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.42.8.17

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame D346 170 B
188 B 199ms
198ms Image
image/png 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZWRmMzdkZGQ5YTE1ZWMxNWU5ODE0YzUwY2Y4ZjAyYQ&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C38%2C106%2C80%2C2&c=15238

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame D346
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-1EbsjVdE2pwE36LoCnpVN0mcQz7mfU102fY-~A&gdpr=0

49 B
265 B

205ms
205ms

Image
image/gif

18.139.80.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-1EbsjVdE2pwE36LoCnpVN0mcQz7mfU102fY-~A&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C38%2C106%2C80%2C2&c=15238
Protocol: H2
Server: 18.139.80.166 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-80-166.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.26.181
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

date: Sat, 03 Sep 2022 12:00:27 GMT
via: http/1.1 spdc0104.pbp.sg3.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-1EbsjVdE2pwE36LoCnpVN0mcQz7mfU102fY-~A&gdpr=0
content-length: 0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame D346
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=091b6313-41d7-4400-a5b1-0aa92842465b&src=lot&gdpr=0

49 B
263 B

203ms
203ms

Image
image/gif

18.139.80.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=091b6313-41d7-4400-a5b1-0aa92842465b&src=lot&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C38%2C106%2C80%2C2&c=15238
Protocol: H2
Server: 18.139.80.166 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-80-166.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.1.28
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Sat, 03 Sep 2022 12:00:27 GMT
Server: MT3 4505 5b23575 master nrt-pixel-x3 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=091b6313-41d7-4400-a5b1-0aa92842465b&src=lot&gdpr=0
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 03 Sep 2022 12:00:26 GMT

GET
H2

200

tpid=6e5cc988-5580-4842-b06f-f6373a1d5d26
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame D346
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=edf37ddd9a15ec15e9814c50cf8f02a&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpi...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6e5cc988-5580-4842-b06f-f6373a1d5d26%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%2...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6fa743a2-48a0-4cef-8781-82b2f587e02f&ttd_puid=6e5cc988-5580-4842-b06f-f6373a1d5d26%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fm...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=6e5cc988-5580-4842-b06f-f6373a1d5d26

49 B
265 B

204ms
204ms

Image
image/gif

18.139.80.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=6e5cc988-5580-4842-b06f-f6373a1d5d26
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C38%2C106%2C80%2C2&c=15238
Protocol: H2
Server: 18.139.80.166 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-80-166.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.14.217
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=6e5cc988-5580-4842-b06f-f6373a1d5d26
date: Sat, 03 Sep 2022 12:00:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame D346 0
337 B 802ms
265ms Image
text/plain 52.13.231.254

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=edf37ddd9a15ec15e9814c50cf8f02a
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C38%2C106%2C80%2C2&c=15238
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.13.231.254 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:27 GMT
cache-control: private, no-cache, no-store
x-request-time: D=24 t=1662206427
x-served-by: beacon-n005-pdx-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

rand=815292301
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8939661658751623204/gdpr=0/ Frame D346
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=815292301
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8939661658751623204/gdpr=0/rand=815292301

49 B
265 B

206ms
206ms

Image
image/gif

18.139.80.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8939661658751623204/gdpr=0/rand=815292301
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C38%2C106%2C80%2C2&c=15238
Protocol: H2
Server: 18.139.80.166 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-80-166.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.23.215
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 03 Sep 2022 12:00:27 GMT
X-Proxy-Origin: 173.245.209.81; 173.245.209.81; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 500e6c15-4762-4540-abc6-36fdae5bde90
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8939661658751623204/gdpr=0/rand=815292301
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200 ptrack Show response
a.audrte.com/ Frame B5EA 368 B
881 B 303ms
303ms XHR
text/plain 52.20.226.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptrack?arlocation=173.245.209.81&p=M1353665098&artime=2022-09-03T12:00:27.822Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5hZHRlbGxpZ2VudC5jb20lMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc5NzElMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by: Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.226.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-226-248.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: deb04921642eb42197ef3a764843e0aa71ab874fcdeb32033c6fd1b12e32e124

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:27 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: https://ads.us.e-planning.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 264

GET
H/1.1

200
OK

/
ps.eyeota.net/pixel/bounce/ Frame B5EA
Redirect Chain

https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=9ghdjDIXfSSQ7KguejbLBjFLw&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=9ghdjDIXfSSQ7KguejbLBjFLw&gdpr=0&gdpr_consent=

1 KB
1 KB

207ms
207ms

Image
application/javascript

18.140.27.177

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=9ghdjDIXfSSQ7KguejbLBjFLw&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 18.140.27.177 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:29 GMT
Content-Type: application/javascript
Content-Length: 1314
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /pixel/bounce/?pid=kh51m51&t=ajs&uid=9ghdjDIXfSSQ7KguejbLBjFLw&gdpr=0&gdpr_consent=
Date: Sat, 03 Sep 2022 12:00:28 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200

p
a.audrte.com/ Frame B5EA
Redirect Chain

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=7612805607885766021
https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D{PUB_USER_ID}%26p%3D560038091
https://a.audrte.com/match?uid=1dfebb45-e74b-4735-ae6c-47d4f640271e&p=560038091
https://a.audrte.com/p

68 B
617 B

301ms
301ms

Image
image/png

52.20.226.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Server: 52.20.226.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-226-248.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:29 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sat, 03 Sep 2022 12:00:29 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200

p
a.audrte.com/ Frame B5EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=9ghdjDIXfSSQ7KguejbLBjFLw&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=9ghdjDIXfSSQ7KguejbLBjFLw&gdpr=0&gdpr_consent=&google_gid=CAESEI4_D1wBJszho12d1CqvJ8Q&google_cver=1
https://a.audrte.com/p

68 B
617 B

302ms
301ms

Image
image/png

52.20.226.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Server: 52.20.226.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-226-248.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Sep 2022 12:00:28 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sat, 03 Sep 2022 12:00:28 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 3D65 0
127 B 297ms
296ms Script
text/plain 103.231.98.195
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:29 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 jsDynamic-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 4 KB
2 KB 121ms
120ms Script
application/javascript 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220517.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2604653
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:03 GMT
server: cloudflare
etag: W/"62828697-105e"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 744e53426acca83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:08:17 GMT

GET
H3 200 responsive-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
1 KB 121ms
120ms Script
application/javascript 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220517.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2604362
cf-polished: origSize=1728
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:03 GMT
server: cloudflare
etag: W/"62828697-6c0"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 744e53426acea83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:08:08 GMT

GET
H3 200 validate-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 117ms
115ms Script
application/javascript 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220517.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2604362
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:05 GMT
server: cloudflare
etag: W/"62828699-19fd"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 744e53426acfa83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:08:08 GMT

GET
H3 200 loadmore-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
3 KB 122ms
120ms Script
application/javascript 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220517.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2604362
cf-polished: origSize=14745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:03 GMT
server: cloudflare
etag: W/"62828697-3999"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 744e53426ad1a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:08:08 GMT

GET
H3 200 lazy-loading-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 124 B
591 B 117ms
116ms Script
application/javascript 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/lazy-loading-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220517.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2604653
cf-polished: origSize=173
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:03 GMT
server: cloudflare
etag: W/"62828697-ad"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 744e53426ad2a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:08:08 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
26 KB 599ms
212ms Script
text/javascript 172.217.194.101

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220517.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.101 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

a3e62298dff8872c4e600f90021df0f7b904eed4d978798ff145a3a2d45a8aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showing.php Show response
a1.beforeitsnews.com/dAjax/ 117 KB
12 KB 729ms
714ms XHR
text/html 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.beforeitsnews.com/dAjax/showing.php?_=1662206428617

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

089496fad06ab878e243867d56f0e3d39cea020af1ced7d985d42274937b4bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
cache-control: private
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 744e53434daba86b-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 317ms
109ms Script
application/javascript 104.18.226.52

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20220517.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.226.52 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 744e53448ddfa961-SYD
date: Sat, 03 Sep 2022 12:00:28 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 544
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 12:00:28 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 215ms
112ms Script
application/javascript 104.18.226.52

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.226.52 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 744e5345ea3ca80b-SYD
date: Sat, 03 Sep 2022 12:00:29 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1735
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 12:00:29 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 585ms
193ms Stylesheet
text/css 74.125.130.95

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_GB.aWOJymZ-_20.O/d=1/rs=AN8SPfo2pnbAIWoyipy8hfiiJsJPR0TgYg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:09:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 03 Sep 2022 12:09:52 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.aWOJymZ-_20.O/d=1/exm=el_conf/ed=1/rs=AN8SPfo2pnbAIWoyipy8hfiiJsJPR0TgYg/ 262 KB
92 KB 593ms
202ms Script
text/javascript 74.125.130.95

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.aWOJymZ-_20.O/d=1/exm=el_conf/ed=1/rs=AN8SPfo2pnbAIWoyipy8hfiiJsJPR0TgYg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_GB.aWOJymZ-_20.O/d=1/rs=AN8SPfo2pnbAIWoyipy8hfiiJsJPR0TgYg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c78dac4d9942916e0883d73508665ca282520b9c22f8a1e151f4113b4cd07152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 20:27:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93744
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 21:13:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 20:27:02 GMT

GET
H2 200 yCKiWo-JLb8 Show response
www.youtube.com/embed/ Frame A73C 63 KB
27 KB 628ms
238ms Document
text/html 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/yCKiWo-JLb8

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

9a7f750f6203c78ce6080272f0f26d51cca0d8762e70665f854800dfb3df4fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Sat, 03 Sep 2022 12:00:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 EVj4aW_X3Zc Show response
www.youtube.com/embed/ Frame 7C0A 63 KB
26 KB 909ms
520ms Document
text/html 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/EVj4aW_X3Zc

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

853f01811cf4164f78b3907c133364b9520fe492cd49b671b86a466f2a91f692

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Sat, 03 Sep 2022 12:00:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 d9b456fd0c91da05ad850d93765ca50b7f0723e0.jpg
beforeitsnews.com/img/i2022/09/ 33 KB
33 KB 121ms
119ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2022/09/d9b456fd0c91da05ad850d93765ca50b7f0723e0.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2caf2de620b49e0e592622c32bc657cbd92dec7ec65509d15fad501f949672d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 201609
cf-polished: origSize=37770, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33664
last-modified: Sun, 09 May 2021 18:58:11 GMT
server: cloudflare
etag: "609830c3-938a"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 01 Sep 2023 04:00:09 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 744e5347ce6fa83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 66aabf81f4fbf954fcf2839c3cd7821433e58f7c.jpg
beforeitsnews.com/img/i2022/09/ 99 KB
100 KB 124ms
122ms Image
image/webp 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2022/09/66aabf81f4fbf954fcf2839c3cd7821433e58f7c.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f0d79a85dad1dbcec5770c033aad79fca4645ca38d1c39f8cf54884c6dd98ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:29 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 201616
cf-polished: origFmt=jpeg, origSize=107705
content-disposition: inline; filename="66aabf81f4fbf954fcf2839c3cd7821433e58f7c.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101778
last-modified: Mon, 08 Mar 2021 00:50:13 GMT
server: cloudflare
etag: "604574c5-1a4b9"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 01 Sep 2023 04:00:01 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 744e5347ce70a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 2f519c88104b329caa1e3264241ee6642d31727b.jpg
beforeitsnews.com/img/banner_contract/ 60 KB
61 KB 221ms
219ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/2f519c88104b329caa1e3264241ee6642d31727b.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83cbaab0cdcf23647f502b7401494916e5e248aac820cd629c51d0ff059d7b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2605131
cf-polished: origSize=69373, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61830
last-modified: Thu, 28 Apr 2022 17:10:32 GMT
server: cloudflare
etag: "626aca88-10efd"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 04 Aug 2023 08:08:18 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 744e5347ce71a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
beforeitsnews.com/img/banner_contract/ 36 KB
36 KB 122ms
121ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2605510
cf-polished: origSize=36512, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36504
last-modified: Sat, 22 May 2021 12:16:37 GMT
server: cloudflare
etag: "60a8f625-8ea0"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 04 Aug 2023 08:08:18 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 744e5347ce72a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg
beforeitsnews.com/img/banner_contract/ 81 KB
82 KB 221ms
220ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2605131
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83236
last-modified: Fri, 04 Mar 2022 07:11:55 GMT
server: cloudflare
etag: "6221bbbb-14524"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 04 Aug 2023 08:08:18 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 744e5347ce74a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 08d4db66d6338b846da88dbd5439d9fe9fc90a46.jpg
beforeitsnews.com/img/banner_contract/ 41 KB
42 KB 121ms
119ms Image
image/jpeg 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/08d4db66d6338b846da88dbd5439d9fe9fc90a46.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b4933bcb30cdf20db9e838865530175324a1d22d7ddd55d23a7e3e710cd10b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1876429
cf-polished: origSize=48085, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42092
last-modified: Fri, 12 Aug 2022 18:46:07 GMT
server: cloudflare
etag: "62f69fef-bbd5"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 12 Aug 2023 18:46:08 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 744e5347ce75a83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 -ywsy5Imapc Show response
www.youtube.com/embed/ Frame 4C73 63 KB
26 KB 638ms
271ms Document
text/html 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/-ywsy5Imapc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

dea385b614e8e6d676df5a371eef8ec2f58339ac98827755ead728b9fc0a63c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Sat, 03 Sep 2022 12:00:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 web Show response
onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/ 4 KB
2 KB 119ms
108ms Script
text/javascript 104.18.226.52

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.226.52 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

5663044db514de9a051e62999179c3e9b42afb107516c9534ba5b33223b2b344

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:29 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1702
cf-polished: origSize=4420
status: 200 OK
x-envoy-upstream-service-time: 37
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d1e3bc68-b412-4518-a1a1-f2845e51f8a0
x-runtime: 0.035829
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0eae01b17969241c13528317069327e5"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 744e534819cea961-SYD
access-control-allow-headers: SDK-Version
expires: Sat, 03 Sep 2022 13:00:29 GMT

GET
H2 200 idp.min.js Show response
content.zeotap.com/sdk/ 55 KB
19 KB 338ms
123ms Script
application/javascript 104.22.25.87

General

Check archive.org

Show headers Download Go to

Full URL: https://content.zeotap.com/sdk/idp.min.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.25.87 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: feb4fc467795a580abc9ca8be5f38bbec4cb85b1a5cd9c40743052acf912cf47

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 3104
x-guploader-uploadid: ADPycdvKL2dje-42S-bsziYl86e2YAzXegskcGyOP0JYEHTsGyhISdFmLWE6idjc_CBezN5Ns4nObGt0XD-yrd3gjmZLEUIotwiX
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 08:59:03 GMT
server: cloudflare
etag: W/"ab1a346bb1160bca58c151a07ab8582b"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=ezzPYw==, md5=qxo0a7EWC8pYwVGgerhYKw==
x-goog-generation: 1645001943546675
cache-control: public,max-age=3600
x-goog-stored-content-length: 56329
cf-ray: 744e534a0bd1a8bc-SYD

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 123ms
123ms Stylesheet
text/css 104.18.226.52

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.226.52 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 744e5348eeeea80b-SYD
date: Sat, 03 Sep 2022 12:00:29 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 2922
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 03 Oct 2022 12:00:29 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/ 44 B
549 B 492ms
389ms Fetch
application/json 104.18.226.52

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.226.52 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:30 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 9
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 333175ca-8c34-4132-9938-565663b33c8d
x-runtime: 0.007593
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e51140cdcd044ad76335646936ec5319"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate
cf-ray: 744e534a6ba1aad1-SYD
access-control-allow-headers: SDK-Version

GET
H2 200 www-player.css
www.youtube.com/s/player/c16db54a/ Frame A73C 353 KB
48 KB 493ms
192ms Stylesheet
text/css 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yCKiWo-JLb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a291b7a4643f0319ee8244ed6076cd1b5f6379584c1dbb67160030fbfa0c472d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/yCKiWo-JLb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55082
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49081
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:42:28 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A73C 15 KB
15 KB 197ms
193ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yCKiWo-JLb8

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 20:24:32 GMT
x-content-type-options: nosniff
age: 488158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:24:32 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/c16db54a/ Frame 4C73 353 KB
48 KB 540ms
239ms Stylesheet
text/css 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-ywsy5Imapc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a291b7a4643f0319ee8244ed6076cd1b5f6379584c1dbb67160030fbfa0c472d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/-ywsy5Imapc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55082
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49081
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:42:28 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4C73 15 KB
15 KB 193ms
192ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-ywsy5Imapc

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 20:24:32 GMT
x-content-type-options: nosniff
age: 488158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:24:32 GMT

GET
H3 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
2 KB 122ms
121ms Image
image/webp 172.67.14.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.14.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:30 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2601950
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 20 Jul 2023 16:30:54 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 744e534cd9eea83d-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c16db54a/www-embed-player.vflset/ Frame A73C 308 KB
95 KB 383ms
192ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yCKiWo-JLb8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

093a0dd610c16a2b192e9ee3fd1a62f3df8e2a31c7d4092f91084b86fd6d946a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/yCKiWo-JLb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97590
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:44:47 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/ Frame A73C 2 MB
573 KB 715ms
525ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yCKiWo-JLb8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

12e37e80ee8a2fd2a8538a7a88313bd5bbc30a05406a53d95f09dabf5d9325f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/yCKiWo-JLb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586562
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:44:47 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c16db54a/fetch-polyfill.vflset/ Frame A73C 9 KB
3 KB 752ms
562ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yCKiWo-JLb8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/yCKiWo-JLb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:44:47 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c16db54a/www-embed-player.vflset/ Frame 4C73 308 KB
95 KB 531ms
407ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-ywsy5Imapc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

093a0dd610c16a2b192e9ee3fd1a62f3df8e2a31c7d4092f91084b86fd6d946a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/-ywsy5Imapc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97590
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:44:47 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/ Frame 4C73 2 MB
573 KB 602ms
479ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-ywsy5Imapc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

12e37e80ee8a2fd2a8538a7a88313bd5bbc30a05406a53d95f09dabf5d9325f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/-ywsy5Imapc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586562
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:44:47 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c16db54a/fetch-polyfill.vflset/ Frame 4C73 9 KB
3 KB 742ms
619ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-ywsy5Imapc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/-ywsy5Imapc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:44:47 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/c16db54a/ Frame 7C0A 353 KB
48 KB 309ms
198ms Stylesheet
text/css 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EVj4aW_X3Zc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a291b7a4643f0319ee8244ed6076cd1b5f6379584c1dbb67160030fbfa0c472d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/EVj4aW_X3Zc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55082
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49081
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:42:28 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7C0A 15 KB
15 KB 193ms
192ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EVj4aW_X3Zc

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 20:24:32 GMT
x-content-type-options: nosniff
age: 488158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:24:32 GMT

GET
DATA 200
OK truncated Show response
/ Frame 9EDC 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 582ms
193ms Image
image/png 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:55:06 GMT
x-content-type-options: nosniff
age: 353124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 30 Aug 2023 09:55:06 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 26A7 18 KB
4 KB 493ms
192ms Stylesheet
text/css 74.125.130.95

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.aWOJymZ-_20.O/d=1/exm=el_conf/ed=1/rs=AN8SPfo2pnbAIWoyipy8hfiiJsJPR0TgYg/m=el_main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:09:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 03 Sep 2022 12:09:52 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
938 B 581ms
194ms Image
image/png 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:02:20 GMT
x-content-type-options: nosniff
age: 503890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 28 Aug 2023 16:02:20 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
320 B 505ms
193ms Image
image/gif 172.217.194.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 12:00:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c16db54a/www-embed-player.vflset/ Frame 7C0A 308 KB
95 KB 599ms
593ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EVj4aW_X3Zc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

093a0dd610c16a2b192e9ee3fd1a62f3df8e2a31c7d4092f91084b86fd6d946a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/EVj4aW_X3Zc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97590
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:44:47 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/ Frame 7C0A 2 MB
573 KB 574ms
568ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EVj4aW_X3Zc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

12e37e80ee8a2fd2a8538a7a88313bd5bbc30a05406a53d95f09dabf5d9325f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/EVj4aW_X3Zc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586562
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:44:47 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c16db54a/fetch-polyfill.vflset/ Frame 7C0A 9 KB
3 KB 627ms
620ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EVj4aW_X3Zc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/EVj4aW_X3Zc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:44:47 GMT

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 4C73 113 B
359 B 496ms
194ms XHR
application/json 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

3213291e26ea4490553f9b7b690f4adaa52497899e8c86a50b2d8c1830c69da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4C73 29 B
587 B 593ms
193ms Script
text/javascript 142.251.10.149

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.149 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:59:03 GMT
x-content-type-options: nosniff
age: 89
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Sep 2022 12:14:03 GMT

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame A73C 113 B
202 B 496ms
195ms XHR
application/json 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

a62334c82b9dfacf1f58e151caa55991c8ca756a887d1b57072685150c5205ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A73C 29 B
89 B 570ms
194ms Script
text/javascript 142.251.10.149

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.149 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:59:03 GMT
x-content-type-options: nosniff
age: 89
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Sep 2022 12:14:03 GMT

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 7C0A 113 B
202 B 495ms
194ms XHR
application/json 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

671a17bf27c845ea10cf680b06312eb40b25eb3d58484b0fb0ad76085ed07022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 7C0A 29 B
89 B 557ms
195ms Script
text/javascript 142.251.10.149

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.149 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:59:03 GMT
x-content-type-options: nosniff
age: 89
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Sep 2022 12:14:03 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 590ms
196ms Preflight
text/html 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 03 Sep 2022 12:00:32 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4C73 65 KB
30 KB 615ms
315ms XHR
application/json+protobuf 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

a0a625d3f3ae6317102f0a3084fc6ab526bb508deeb11481faa9021574d9f85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 03 Sep 2022 12:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30392
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/ Frame 4C73 119 KB
37 KB 195ms
195ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

856fc462ddf06b466ece9f4f6f44e4320ef136b9c89a82a2fbd89e9d69a9d4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/-ywsy5Imapc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 07:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37652
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 03 Sep 2023 07:38:10 GMT

GET
H3 200 zv6PJMU-0ukxHAKoJU32K0_TjePDWjguQMfttAD48sg.js Show response
www.google.com/js/th/ Frame 4C73 36 KB
14 KB 193ms
193ms Script
text/javascript 172.217.194.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/zv6PJMU-0ukxHAKoJU32K0_TjePDWjguQMfttAD48sg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

sffe /

Resource Hash

cefe8f24c53ed2e9311c02a8254df62b4fd38de3c35a382e40c7edb400f8f2c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 02:22:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 09:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 02:22:49 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/ Frame 4C73 27 KB
8 KB 193ms
193ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

79360de0dde96c66951ec98436ed801408af900e95b0cc49e5350d0e0eca48bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/-ywsy5Imapc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8323
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:44:48 GMT

GET
DATA 200
OK truncated
/ Frame 4C73 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4C73 942 B
1 KB 585ms
193ms Image
image/jpeg 74.125.130.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-ywsy5Imapc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 09:14:25 GMT
x-content-type-options: nosniff
server: fife
age: 9967
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 942
x-xss-protection: 0
expires: Sun, 04 Sep 2022 09:14:25 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/-ywsy5Imapc/ Frame 4C73 53 KB
54 KB 498ms
197ms Image
image/webp 172.253.118.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/-ywsy5Imapc/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-ywsy5Imapc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f119.1e100.net

Software

sffe /

Resource Hash

fa26570a7d19bffe5024e5f55867b0d638ee2481f470d395189e0ab68341ea8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:32 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54764
x-xss-protection: 0
server: sffe
etag: "1659575128"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Sep 2022 14:00:32 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 506ms
194ms Preflight
text/html 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 03 Sep 2022 12:00:32 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A73C 65 KB
30 KB 501ms
199ms XHR
application/json+protobuf 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

be1d479ef98593d90a366c43a2afe4b63b1556c4d47df0bb2c23d4b931c57f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 03 Sep 2022 12:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30618
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/ Frame A73C 119 KB
37 KB 193ms
192ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

856fc462ddf06b466ece9f4f6f44e4320ef136b9c89a82a2fbd89e9d69a9d4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/yCKiWo-JLb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 07:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37652
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 03 Sep 2023 07:38:10 GMT

GET
H3 200 zv6PJMU-0ukxHAKoJU32K0_TjePDWjguQMfttAD48sg.js Show response
www.google.com/js/th/ Frame A73C 36 KB
14 KB 194ms
194ms Script
text/javascript 172.217.194.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/zv6PJMU-0ukxHAKoJU32K0_TjePDWjguQMfttAD48sg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

sffe /

Resource Hash

cefe8f24c53ed2e9311c02a8254df62b4fd38de3c35a382e40c7edb400f8f2c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 02:22:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 09:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 02:22:49 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/ Frame A73C 27 KB
8 KB 193ms
192ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

79360de0dde96c66951ec98436ed801408af900e95b0cc49e5350d0e0eca48bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/yCKiWo-JLb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8323
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:44:48 GMT

GET
DATA 200
OK truncated
/ Frame A73C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A73C 942 B
1000 B 515ms
201ms Image
image/jpeg 74.125.130.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yCKiWo-JLb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 09:14:25 GMT
x-content-type-options: nosniff
server: fife
age: 9967
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 942
x-xss-protection: 0
expires: Sun, 04 Sep 2022 09:14:25 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/yCKiWo-JLb8/ Frame A73C 28 KB
28 KB 673ms
372ms Image
image/webp 172.253.118.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/yCKiWo-JLb8/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yCKiWo-JLb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f119.1e100.net

Software

sffe /

Resource Hash

8f9098a9e361798bb7b2358b7fa7b1cb6d42a8c1b32ba28c0ae9f7c47c7d27f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:32 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28558
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Sep 2022 14:00:32 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 441ms
195ms Preflight
text/html 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 03 Sep 2022 12:00:32 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7C0A 65 KB
30 KB 793ms
491ms XHR
application/json+protobuf 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

18da033fa6f3e50f2aff786cce9365380b89c6ca2f34720dc23dd0fc871a7779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 03 Sep 2022 12:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30428
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/ Frame 7C0A 119 KB
37 KB 193ms
193ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

856fc462ddf06b466ece9f4f6f44e4320ef136b9c89a82a2fbd89e9d69a9d4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/EVj4aW_X3Zc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 07:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37652
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 03 Sep 2023 07:38:10 GMT

GET
H3 200 zv6PJMU-0ukxHAKoJU32K0_TjePDWjguQMfttAD48sg.js Show response
www.google.com/js/th/ Frame 7C0A 36 KB
14 KB 194ms
193ms Script
text/javascript 172.217.194.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/zv6PJMU-0ukxHAKoJU32K0_TjePDWjguQMfttAD48sg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

sffe /

Resource Hash

cefe8f24c53ed2e9311c02a8254df62b4fd38de3c35a382e40c7edb400f8f2c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 02:22:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 09:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 02:22:49 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/ Frame 7C0A 27 KB
8 KB 197ms
196ms Script
text/javascript 142.250.4.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.190 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

79360de0dde96c66951ec98436ed801408af900e95b0cc49e5350d0e0eca48bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/EVj4aW_X3Zc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 20:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8323
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 20:44:48 GMT

GET
DATA 200
OK truncated
/ Frame 7C0A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 7C0A 942 B
1000 B 447ms
197ms Image
image/jpeg 74.125.130.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EVj4aW_X3Zc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 09:14:25 GMT
x-content-type-options: nosniff
server: fife
age: 9967
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 942
x-xss-protection: 0
expires: Sun, 04 Sep 2022 09:14:25 GMT

GET
H3 200 hqdefault.webp
i.ytimg.com/vi_webp/EVj4aW_X3Zc/ Frame 7C0A 10 KB
10 KB 438ms
196ms Image
image/webp 172.253.118.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/EVj4aW_X3Zc/hqdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EVj4aW_X3Zc

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f119.1e100.net

Software

sffe /

Resource Hash

5e2adae137b8b00c2a4a6bca6313e66330a84707af7daf6cf234b1661f4b41c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:32 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10240
x-xss-protection: 0
server: sffe
etag: "1661572400"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Sep 2022 14:00:32 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4C73 4 KB
2 KB 510ms
209ms Script
text/javascript 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 03 Sep 2022 12:00:32 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 4C73 0
10 B 193ms
192ms Image
text/plain 142.250.4.190

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?TZnpQw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/-ywsy5Imapc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.4.190 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/-ywsy5Imapc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A73C 4 KB
2 KB 489ms
196ms Script
text/javascript 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 03 Sep 2022 12:00:32 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame A73C 0
10 B 193ms
193ms Image
text/plain 142.250.4.190

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?wtzKvA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/yCKiWo-JLb8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.4.190 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/yCKiWo-JLb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 7C0A 4 KB
2 KB 420ms
199ms Script
text/javascript 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c16db54a/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 03 Sep 2022 12:00:32 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 7C0A 0
10 B 193ms
192ms Image
text/plain 142.250.4.190

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Wd5BXA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/EVj4aW_X3Zc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.4.190 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/EVj4aW_X3Zc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:00:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 4C73 48 KB
14 KB 194ms
194ms Script
text/javascript 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 16:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 03 Sep 2022 16:11:11 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame A73C 48 KB
14 KB 193ms
192ms Script
text/javascript 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 16:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 03 Sep 2022 16:11:11 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 7C0A 48 KB
14 KB 243ms
243ms Script
text/javascript 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 16:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 03 Sep 2022 16:11:11 GMT

POST GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A73C 0
0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 194ms
194ms Preflight
text/html 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 03 Sep 2022 12:00:33 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4C73 0
0

OPTIONS GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0

POST GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7C0A 0
0

OPTIONS GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.nex8.net
URL: https://cs.nex8.net/cs/openx

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

161 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s2
beforeitsnews.com/	1970-01-20 05:43:34	Name: __cflb Value: 0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyEBHUp9heXRH
beforeitsnews.com/	1970-01-20 15:19:26	Name: b4in-uuid Value: 2c963fcf-5510-4828-8c7a-ee131483723b
.mgid.com/	1970-01-20 05:43:28	Name: __cf_bm Value: X9SL8R7pkU4d1ojskyh4X_L235bPbxtebDwYWhbSVW8-1662206418-0-AYOK+4SzjhAUmKGjQKwaFaIIYOj0SPRxUXSyUb5+sVn+zvrZscaJQce/L6vetxF7Pi+Kv09QwN8LtvozI2yQOvo=
.mgid.com/	1970-01-20 15:19:26	Name: muidn Value: m83klzTLy405
beforeitsnews.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C720413%22%3A%7B%22page%22%3A1%2C%22time%22%3A1662206420158%7D%2C%22C720415%22%3A%7B%22page%22%3A1%2C%22time%22%3A1662206420156%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1662206420321%7D%7D
.beforeitsnews.com/	1970-01-20 15:19:26	Name: _ga Value: GA1.2.337480826.1662206420
.beforeitsnews.com/	1970-01-20 05:44:52	Name: _gid Value: GA1.2.497289951.1662206420
.beforeitsnews.com/	1970-01-20 05:43:26	Name: _gat_UA-16055024-1 Value: 1
.customads.co/	1970-01-20 14:29:02	Name: account_id Value: 15411677554221312
.customads.co/	1969-12-31 23:59:59	Name: ldrid Value: bqGRk1ybS4Nn30Y%2FVqJHN4yapaiCX341LJX6ZOqShU8CSF8kA5%2FFuoDvuKmjXHDfNFL%2BtpeKK3ulyYvlc3DEIXVKN4TtZS%2FGuljmXMwrP%2F65tEqK7ftieH6ahK7RFupV
.customads.co/	1970-01-20 14:29:02	Name: login_token Value: %2215411677554221312%7C1669982420513%3A%7Call%7CfxGkq3VL0sPldEZWRFq4qCAQqRPX9AKOiaVeXfFb5BJSw687UV40Txj3YMBjmw9BkCJlApUE4vb3xYlKNGoQqg%3D%3D%22
.adsrvr.org/	1970-01-20 14:29:02	Name: TDID Value: 6fa743a2-48a0-4cef-8781-82b2f587e02f
.e-volution.ai/	1970-01-20 06:03:36	Name: v_usr Value: 56e90dec-5b27-4613-830f-687a1bf4d091
beforeitsnews.com/	1970-01-20 06:26:38	Name: _pbjs_userid_consent_data Value: 3524755945110770
.creativecdn.com/	1970-01-20 14:29:02	Name: u Value: LDMWe3nl7bpfT5yyAQ1Z
.creativecdn.com/	1970-01-20 14:29:02	Name: ts Value: 1662206421
.pubmatic.com/	1970-01-20 07:53:02	Name: KADUSERCOOKIE Value: 7494DC50-8E6C-407B-8BC7-36E85E157FAE
.pippio.com/	1970-01-20 14:29:02	Name: did Value: 8KyZ4PZexarDjOwF
.pippio.com/	1970-01-20 14:29:02	Name: didts Value: 1662206421
.pippio.com/	1970-01-20 07:09:50	Name: nnls Value:
.admanmedia.com/	1970-01-20 06:03:36	Name: admtr Value: 5d94d5bb-8942-48f9-a2f3-2f02de1dfeea
.admanmedia.com/	1970-01-20 06:03:36	Name: ac_r Value: CS77
.mfadsrvr.com/	1970-01-20 15:19:26	Name: tuuid Value: 4d613990-fad6-48bf-95f3-927df609bf3f
.mfadsrvr.com/	1970-01-20 15:19:26	Name: c Value: 1662206422
.mfadsrvr.com/	1970-01-20 15:19:26	Name: tuuid_lu Value: 1662206422
.smartadserver.com/	1970-01-20 15:13:40	Name: pid Value: 2817141643343613987
.openx.net/	1970-01-20 14:29:02	Name: i Value: 76886ab8-0e1d-4217-8eac-5b89dca238ac\|1662206422
.bidswitch.net/	1970-01-20 14:29:02	Name: tuuid Value: ac321931-d25f-4f40-9d8f-56bb2a02c19d
.bidswitch.net/	1970-01-20 14:29:02	Name: c Value: 1662206422
.bidswitch.net/	1970-01-20 14:29:02	Name: tuuid_lu Value: 1662206422
.doubleclick.net/	1970-01-20 15:19:26	Name: IDE Value: AHWqTUlWpSz7-YFc7yUs6-xwvLFSlMco1NJJl8C5mvnMXkLdX49aEoLZ3zWotD2EjN4
beforeitsnews.com/	1970-01-20 15:05:02	Name: cto_bidid Value: ucMCDl9EN0U4RzMxOWhSTlJuYmQ2ckJDVEdXUW16dUhjMUdtd3pKUGlhd29ZaVJsQzVmSjJScFBLUmppRFFwdTVudG1wVWJVR0ltZnJnbExHYVEzS09ieVdDQSUzRCUzRA
beforeitsnews.com/	1970-01-20 15:05:02	Name: cto_bundle Value: SvmKKF8yNGclMkJEWVcweSUyQm5hTDA0Z0k1MnJNOVJkUDY0MExLUnM4VHpiMmFiaVdnbCUyRmczVHN2a1p2UlpWWWFwYjZNbEdWdzZHSmxQMDdsdTZDQ3RVelIwOTVZZyUyQnVmbGdrOHF0RnZzcHE4SHBQOTdwdEY2JTJCV1FMbHpqQnl3Q080R2pjbmI
.csync.loopme.me/	1970-01-20 07:54:28	Name: viewer_token Value: 968bf5de-6e97-4c97-aee3-ddd63bc15521
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.360yield.com/	1970-01-20 07:53:02	Name: tuuid_lu Value: 1662206422
.360yield.com/	1970-01-20 07:53:02	Name: tuuid Value: 1dfebb45-e74b-4735-ae6c-47d4f640271e
.mfadsrvr.com/	1970-01-20 15:19:26	Name: ssh Value: !mgid,1662206422
.lijit.com/	1970-01-20 14:29:02	Name: ljt_reader Value: FQRQELZHOKWIL_B2QHSJG6JO
.linksynergy.com/	1970-01-20 14:29:02	Name: rmuid Value: 4630dd2d-b24b-4eec-b825-f1160fab854b
.linksynergy.com/	1970-01-20 14:29:02	Name: icts Value: 2022-09-03T12:00:23Z
.e-planning.net/	1970-01-20 15:19:26	Name: E Value: AHfNCXQJMAFWuogX
.tynt.com/	1970-01-20 14:29:02	Name: uid Value: CoIKSWMTQdc3TywsCJ5DAg==
.rlcdn.com/	1970-01-20 14:29:02	Name: rlas3 Value: ZKfJb6uA2zTvvZcS18PwgSuuvded0r/8Yhm9uqC9LeA=
.rlcdn.com/	1970-01-20 07:09:50	Name: pxrc Value: CNeDzZgGEgUI6EcQAA==
.adnxs.com/	1970-01-20 07:53:02	Name: uuid2 Value: 8939661658751623204
a4p.adpartner.pro/	1970-01-20 07:09:50	Name: apuid Value: 1a10a256-7ad1-4bc9-adf0-c48e6466cb70
.casalemedia.com/	1970-01-20 14:29:02	Name: CMID Value: YxNB1-uWBS4xVSeHaXJ.dQAA
.casalemedia.com/	1970-01-20 07:53:02	Name: CMPS Value: 4697
.rubiconproject.com/	1970-01-20 14:29:02	Name: khaos Value: L7LUSCU2-1Z-6XU7
.id5-sync.com/	1970-01-20 07:53:02	Name: id5 Value: bd4299ab-c131-4e7b-af9d-0af524c32a62#1662206422954#2
.id5-sync.com/	1970-01-20 07:53:02	Name: 3pi Value:
.id5-sync.com/	1970-01-20 05:43:26	Name: cf Value:
.id5-sync.com/	1970-01-20 05:43:26	Name: cip Value:
.id5-sync.com/	1970-01-20 05:43:26	Name: cnac Value:
.id5-sync.com/	1970-01-20 05:43:26	Name: car Value:
.id5-sync.com/	1970-01-20 05:43:26	Name: gdpr Value:
.id5-sync.com/	1970-01-20 05:43:26	Name: callback Value:
.pubmatic.com/	1970-01-20 06:26:38	Name: KRTBCOOKIE_80 Value: 22987-CAESEAA9Uk45m-faYpB0Edwl32k&KRTB&16514-CAESEAA9Uk45m-faYpB0Edwl32k&KRTB&23025-CAESEAA9Uk45m-faYpB0Edwl32k&KRTB&23386-CAESEAA9Uk45m-faYpB0Edwl32k
.everesttech.net/	1970-01-20 14:29:02	Name: everest_g_v2 Value: g_surferid~YxNB1wAEcP_UZQBN
.pippio.com/	1970-01-20 07:09:50	Name: pxrc Value: CNaDzZgGEgQIAhAAEgUI3k4QARIGCOzrARAA
.quantserve.com/	1970-01-20 07:53:02	Name: d Value: EOYBCwGBJ_ijAA
.quantserve.com/	1970-01-20 15:13:40	Name: mc Value: 631341d7-adbf0-fab20-70935
.ambientdsp.com/	1970-01-20 05:44:52	Name: _aGeoIp Value: AU-Sydney
.ambientdsp.com/	1970-01-20 15:19:26	Name: _aUID Value: wx4slej0xgb
.yahoo.com/	1970-01-20 14:29:24	Name: A3 Value: d=AQABBNdBE2MCEOWJ_REzqDkx-Niqk6L9gcsFEgEBAQGTFGMdYwAAAAAA_eMAAA&S=AQAAAmPN3ztJBDx3whO8chY1voY
.pubmatic.com/	1970-01-20 06:26:38	Name: KRTBCOOKIE_57 Value: 22776-8939661658751623204&KRTB&23339-8939661658751623204
.pubmatic.com/	1970-01-20 06:26:38	Name: KRTBCOOKIE_377 Value: 6810-6fa743a2-48a0-4cef-8781-82b2f587e02f&KRTB&22918-6fa743a2-48a0-4cef-8781-82b2f587e02f&KRTB&23031-6fa743a2-48a0-4cef-8781-82b2f587e02f
.mathtag.com/	1970-01-20 15:09:21	Name: uuid Value: 091b6313-41d7-4400-a5b1-0aa92842465b
.media.net/	1970-01-20 14:29:02	Name: visitor-id Value: 3052080236827335000V10
.media.net/	1970-01-20 14:27:36	Name: data-bs Value: ac321931-d25f-4f40-9d8f-56bb2a02c19d~~1
.simpli.fi/	1970-01-20 14:30:28	Name: suid Value: AAD03D0E7B304BCBAC1BF2DCD2D7430C
.sitescout.com/	1970-01-20 14:29:02	Name: ssi Value: 745e0e7d-df55-4990-aaf3-974a4f497cb6#1662206423892
.pubmatic.com/	1970-01-20 06:26:38	Name: KRTBCOOKIE_153 Value: 1923-aZzC3Guel9hyzpeNOZ_eiT7Nwd9ymMPWbJqOIUU6&KRTB&19420-aZzC3Guel9hyzpeNOZ_eiT7Nwd9ymMPWbJqOIUU6&KRTB&22979-aZzC3Guel9hyzpeNOZ_eiT7Nwd9ymMPWbJqOIUU6&KRTB&23403-aZzC3Guel9hyzpeNOZ_eiT7Nwd9ymMPWbJqOIUU6
.pubmatic.com/	1970-01-20 06:26:38	Name: KRTBCOOKIE_1290 Value: 23368-wx4slej0xgb
.pubmatic.com/	1970-01-20 06:26:38	Name: KRTBCOOKIE_218 Value: 4056-YxNB1wAEcP_UZQBN&KRTB&22978-YxNB1wAEcP_UZQBN&KRTB&23194-YxNB1wAEcP_UZQBN&KRTB&23209-YxNB1wAEcP_UZQBN
.pubmatic.com/	1970-01-20 06:26:38	Name: KRTBCOOKIE_27 Value: 16735-uid:53bb6313-41d7-4b00-991d-c051071492f9&KRTB&16736-uid:53bb6313-41d7-4b00-991d-c051071492f9&KRTB&23019-uid:53bb6313-41d7-4b00-991d-c051071492f9&KRTB&23208-uid:53bb6313-41d7-4b00-991d-c051071492f9
.pubmatic.com/	1970-01-20 06:26:38	Name: KRTBCOOKIE_148 Value: 19421-uid:AAD03D0E7B304BCBAC1BF2DCD2D7430C
.adsymptotic.com/	1970-01-20 07:53:02	Name: U Value: c3b28c83b2e40ff722e0674366eb4e3f
.casalemedia.com/	1970-01-20 07:53:02	Name: CMPRO Value: 9959
.casalemedia.com/	1970-01-20 05:44:52	Name: CMST Value: YxNB2GMTQdgA
.casalemedia.com/	1970-01-20 14:29:02	Name: CMRUM3 Value: f1631341d805a0&27631341d80b40&6f631341d805a00&e6631341d82760&bf631341d805a0&03631341d805a0&11631341d805a0&2d631341d805a0
.tynt.com/	1970-01-20 07:53:02	Name: pids Value: %5B%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1662206424251%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1662206424251%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1662206424251%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1662206424251%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1662206424251%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1662206424251%7D%5D
.adtelligent.com/	1970-01-20 07:12:43	Name: a319130 Value: 968bf5de-6e97-4c97-aee3-ddd63bc15521
.adtelligent.com/	1970-01-20 07:12:43	Name: a558003 Value: 7494DC50-8E6C-407B-8BC7-36E85E157FAE
.adtelligent.com/	1970-01-20 07:12:43	Name: a289656 Value: 1dfebb45-e74b-4735-ae6c-47d4f640271e
.adtelligent.com/	1970-01-20 07:12:43	Name: a309255 Value: 9cfada2e-1e05-4e09-bff6-537439dec9dc
.sportradarserving.com/	1970-01-20 14:29:02	Name: zuuid Value: 35e7e536-bc52-4779-9819-c50a96e3eb46
.sportradarserving.com/	1970-01-20 14:29:02	Name: c Value: 1662206424
.sportradarserving.com/	1970-01-20 14:29:02	Name: zuuid_lu Value: 1662206424
.adform.net/	1970-01-20 06:26:38	Name: C Value: 1
.adtelligent.com/	1970-01-20 07:12:43	Name: a307971 Value: AHfNCXQJMAFWuogX
.adtelligent.com/	1970-01-20 07:12:43	Name: vmuid Value: 014a198f7447c58f
.adtelligent.com/	1970-01-20 07:12:43	Name: a584890 Value: 1551876106988481962
.adtelligent.com/	1970-01-20 07:12:43	Name: a297253 Value: 8939661658751623204
.adtelligent.com/	1970-01-20 07:12:43	Name: a310570 Value: FQRQELZHOKWIL_B2QHSJG6JO
.adtelligent.com/	1970-01-20 07:12:43	Name: a307558 Value: 1a10a256-7ad1-4bc9-adf0-c48e6466cb70
.brand-display.com/	1970-01-20 15:19:26	Name: _knxq_ Value: 121542ab-c661-3e6e-5c0c3f68.1662206424.0.1662206424.1662206424
.sportradarserving.com/	1970-01-20 14:29:02	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 14:29:02	Name: zuuid_k_lu Value: 1662206424
.analytics.yahoo.com/	1970-01-20 14:29:02	Name: IDSYNC Value: 18z8~26yb
cm.mgid.com/	1970-01-20 06:26:38	Name: mg_sync Value: {"265689":1662206420,"363887":1662206420,"371158":1662206421,"433146":1662206420,"516418":1662206420,"617666":1662206424,"665953":1662206423,"675043":1662206422,"709071":1662206420,"712807":1662206424,"718337":1662206423}
.spotim.market/	1970-01-20 07:12:43	Name: vmuid Value: 3755bba28c72d27f
.crwdcntrl.net/	1970-01-20 12:12:14	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 12:12:14	Name: _cc_id Value: edf37ddd9a15ec15e9814c50cf8f02a
.pubmatic.com/	1970-01-20 06:26:38	Name: SPugT Value: 1662206426
.adform.net/	1970-01-20 07:09:50	Name: uid Value: 7612805607885766021
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:29:02	Name: bcookie Value: "v=2&41b70bc9-a97d-4642-8e99-5e1a151e2d82"
.linkedin.com/	1970-01-20 05:44:52	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2386:u=1:x=1:i=1662206425:t=1662292825:v=2:sig=AQH2zfwincQMQFQHF3qJ2TpiMVJTCOQv"
.zemanta.com/	1970-01-20 14:29:02	Name: zuid Value: 4iT3UqWL99R67EkS73tt
.pubmatic.com/	1970-01-20 06:26:38	Name: KRTBCOOKIE_466 Value: 16530-ac321931-d25f-4f40-9d8f-56bb2a02c19d
.sitescout.com/	1970-01-20 06:26:38	Name: _ssuma Value: eyIzIjoxNjYyMjA2NDI1Mzg3LCIzOSI6MTY2MjIwNjQyNDE5MywiNyI6MTY2MjIwNjQyNDE5MywiNzAiOjE2NjIyMDY0MjQxOTN9
.amazon-adsystem.com/	1970-01-20 15:19:26	Name: ad-privacy Value: 0
.openx.net/	1970-01-20 06:05:02	Name: pd Value: v2\|1662206425\|jElYiuvOuIlUkaialQhI
.amazon-adsystem.com/	1970-01-20 10:45:50	Name: ad-id Value: AwUE6ozFOEn8h3N9IcfR5Ig
.ads.pubmatic.com/	1970-01-20 05:44:52	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 07:53:02	Name: DPSync3 Value: 1663372800%3A197_201_226_245%7C1662768000%3A164_248%7C1662249600%3A174
.pubmatic.com/	1970-01-20 07:53:02	Name: SyncRTB3 Value: 1663027200%3A63%7C1662768000%3A15_2_223%7C1667347200%3A69%7C1663459200%3A35%7C1663372800%3A7_13_179_165_209_8_238_71_54_56_107_3_220_5_99_189_231_247_176_234_22_204_96_222_21
.openx.net/	1970-01-20 06:05:02	Name: univ_id Value: 537072971\|6fa743a2-48a0-4cef-8781-82b2f587e02f\|1662206426024047
.console.adtarget.com.tr/	1970-01-20 07:12:43	Name: vmuid Value: 14945c88350a2366
.33across.com/	1970-01-20 14:29:02	Name: 33x_ps Value: u%3D2328355201081%3As1%3D1662206426217%3Ats%3D1662206426217
.adtelligent.com/	1970-01-20 07:12:43	Name: a281178 Value: 7494DC50-8E6C-407B-8BC7-36E85E157FAE
ads.playground.xyz/	1970-01-20 05:52:36	Name: connect.sid Value: s%3Avmm91Q6q248pVkNQtlc179FPkj2aVdGE.MfwpKfH1LJAZmJp%2Bc1wQ7%2Bb%2Fu1a%2BUGO2qrkJg540NlQ
.rubiconproject.com/	1970-01-20 14:29:02	Name: audit Value: 1\|XoKfmbs/Fcf6uz5aSvBlD+oJuY1j107Exqg4XB1t4bS1Mnm1d2tbLX3cUCO8D3PK9cliUbaLCZgkEa5N2k7U1SEEFoCDRlfY5fvCZrsWYKrKWN8l+ZFqXGFvrz8oc9mDWzs+gIybVGv3YUg+dCgMZtXwVSGdUnQywiQssWOPXops98XpGzBFJCdxAYtfWS9x
.adtelligent.com/	1970-01-20 07:12:43	Name: a318342 Value: 14945c88350a2366
.taboola.com/	1970-01-20 14:29:02	Name: t_gid Value: 3ee33fbb-754d-4d27-ac3c-9340d4e4307d-tucta0cc75a
.socdm.com/	1970-01-20 15:19:26	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjYyMjA2NDI2fQ
.pubmatic.com/	1970-01-20 06:26:38	Name: KRTBCOOKIE_391 Value: 22924-7612805607885766021&KRTB&23263-7612805607885766021
.crwdcntrl.net/	1970-01-20 12:12:14	Name: _cc_cc Value: "ACZ4XmOQT01JMzZPSUmxTDQ0TU0GYksLQ5NkU4PkNIs0A6NEBiBIFna89R8I%2BEEcMOC%2F8G2DPmNbOcN%2FRkaG80jsc0jsOa8%2B6jJB1HxgBKvc9KcQVeDZ4jksMGPOHT3EjCr7d%2BMUFlSR3fsuC6CKHAaagCry8cQpDVSRd0vQ1Zw%2BqY6q5NPmF2huvXTqERsj1N0Aflhj%2FA%3D%3D"
.crwdcntrl.net/	1970-01-20 12:12:14	Name: _cc_aud Value: "ABR4XmNgYGBIFna8BaQggImBgWsGiMnV9BlIAgA2iQO1"
.turn.com/	1970-01-20 10:02:38	Name: uid Value: 3221016627120924182
.tapad.com/	1970-01-20 07:09:50	Name: TapAd_TS Value: 1662206426468
.tapad.com/	1970-01-20 07:09:50	Name: TapAd_DID Value: 6e5cc988-5580-4842-b06f-f6373a1d5d26
.ctnsnet.com/	1970-01-20 14:29:02	Name: cid_368a2055f3b843b891f4d04fae5541d2 Value: 1
.adgrx.com/	1970-01-20 15:12:14	Name: ADGRX_UID Value: ff8790b2-2b7f-11ed-b4ed-9640dae0e33a
.c.appier.net/	1970-01-20 14:29:02	Name: _auid Value: q_rH4h6fCQulUX1z2kETYw
.pubmatic.com/	1970-01-20 06:26:38	Name: KRTBCOOKIE_22 Value: 14911-3221016627120924182&KRTB&23150-3221016627120924182
.pubmatic.com/	1970-01-20 06:03:36	Name: KRTBCOOKIE_1159 Value: 23138-368a2055f3b843b891f4d04fae5541d2&KRTB&23328-368a2055f3b843b891f4d04fae5541d2
.pubmatic.com/	1970-01-20 05:44:52	Name: pi Value: 0:3
.tribalfusion.com/	1970-01-20 07:53:02	Name: ANON_ID Value: afnseFmge07ousnA7ffD4Zbh1bZculV3cXHg3rariGtGZbcr1YsvRAs570Oohj4FuvpVyyAbuRLZcyyWIHAK69L1
.w55c.net/	1970-01-20 15:12:14	Name: wfivefivec Value: hFvMu99p1OurP45
.adgrx.com/	1970-01-20 05:44:52	Name: ADGRX_CM_PUBMATIC_BRIDGED Value: 1
.dotomi.com/	1970-01-20 05:43:26	Name: DotomiTest Value: 51ee744dee9225f
.semasio.net/	1970-01-20 14:29:02	Name: SEUNCY Value: E517A87610201C42
.pubmatic.com/	1970-01-20 06:26:38	Name: KRTBCOOKIE_904 Value: 16787-q_rH4h6fCQulUX1z2kETYw&KRTB&23130-q_rH4h6fCQulUX1z2kETYw
.ladsp.com/	1970-01-20 05:43:30	Name: cr Value: 1
.w55c.net/	1970-01-20 06:26:38	Name: matchpubmatic Value: 5
.pubmatic.com/	1970-01-20 07:53:02	Name: KRTBCOOKIE_1003 Value: 22761-ff8790b2-2b7f-11ed-b4ed-9640dae0e33a&KRTB&23275-ff8790b2-2b7f-11ed-b4ed-9640dae0e33a
.1rx.io/	1970-01-20 14:29:02	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e6dbed26-2ea9-45a3-b5ec-bc1f4e90b9d4-004%22%2C%22nxtrdr%22%3Afalse%7D
.casalemedia.com/	1970-01-20 07:53:02	Name: CMTS Value: 5311
.tapad.com/	1970-01-20 07:09:50	Name: TapAd_3WAY_SYNCS Value: 1!5916
.pubmatic.com/	1970-01-20 07:53:02	Name: KRTBCOOKIE_107 Value: 1471-uid:hFvMu99p1OurP45
.pubmatic.com/	1970-01-20 05:43:26	Name: ipc Value: 0^^0^0
.pubmatic.com/	1970-01-20 07:53:02	Name: chkChromeAb67Sec Value: 8
.ladsp.com/	1970-01-20 15:19:26	Name: smn_uid Value: UMTWlW8XjGDDBtRJD4hWOg7GlubAcOg
.ladsp.com/	1970-01-20 15:19:26	Name: lum Value: CMqA5ZmwMBIFCAMQ0AU
.adsrvr.org/	1970-01-20 14:29:02	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiinJKjveuGOxAFEhYKB3J1Ymljb24SCwimnqirveuGOxAFEhUKBmNhc2FsZRILCIDHzqy964Y7EAUSGAoJYmlkc3dpdGNoEgsInpqlsr3rhjsQBRIUCgV0YXBhZBILCJiQ_ce964Y7EAUYASABKAIyCwiYiID10-uGOxAFOAFaBXRhcGFkYAI.
.pubmatic.com/	1970-01-20 07:53:02	Name: KRTBCOOKIE_32 Value: 11175-AAAMNg52gD1NQANGSTgVAAAAAAA&KRTB&22713-AAAMNg52gD1NQANGSTgVAAAAAAA&KRTB&22715-AAAMNg52gD1NQANGSTgVAAAAAAA
.pubmatic.com/	1970-01-20 06:26:38	Name: PugT Value: 1662206427

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://beforeitsnews.com/(Line 168) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ournewearthnews.com/wp-content/uploads/2022/08/derekjohnsonmusicviralvideousmilitarytopsecretclearance.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 168) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ournewearthnews.com/wp-content/uploads/2022/09/Screenshot-2022-09-02-201509.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 168) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ournewearthnews.com/wp-content/uploads/2022/08/presidentdonaldtrumpusmilitaryveteran.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 271) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ournewearthnews.com/wp-content/uploads/2022/08/benjaminfulfordquestionandanswer.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 271) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.rumormillnews.com/pix/witness.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 271) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20220705_114712_012.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 371) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ournewearthnews.com/wp-content/uploads/2022/08/derekjohnsonmusicviralvideousmilitarytopsecretclearance.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 371) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ournewearthnews.com/wp-content/uploads/2022/09/Screenshot-2022-09-02-201509.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 371) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ournewearthnews.com/wp-content/uploads/2022/08/presidentdonaldtrumpusmilitaryveteran.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 371) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ournewearthnews.com/wp-content/uploads/2022/08/benjaminfulfordquestionandanswer.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 371) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.rumormillnews.com/pix/witness.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 371) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20220705_114712_012.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://cs.nex8.net/cs/openx Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ournewearthnews.com/wp-content/uploads/2022/09/Screenshot-2022-09-02-201509.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.sportradarserving.com
a.tribalfusion.com
a1.beforeitsnews.com
a4p.adpartner.pro
ad.360yield.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ads.yahoo.com
ajax.beforeitsnews.com
amg-news.com
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beforeitsnews.com
borirait.site
c.mgid.com
c1.adform.net
cdn.id5-sync.com
cdn.mgid.com
cdn.onesignal.com
cdn1.customads.co
cdn2.customads.co
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
cms.analytics.yahoo.com
content.zeotap.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.jp
cr-pall.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.nex8.net
csync.loopme.me
customads.co
de.tynt.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dps.jp.cinarra.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
events-ssc.33across.com
external-content.duckduckgo.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
i.e-planning.net
i.imgflip.com
i.ytimg.com
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
iili.io
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
img.beforeitsnews.com
img.youtube.com
ipac.ctnsnet.com
jnn-pa.googleapis.com
jp-u.openx.net
js.cookieless-data.com
jsc.mgid.com
justusaknight.files.wordpress.com
lb.eu-1-id5-sync.com
m.beforeitsnews.com
match.adsrvr.org
match.deepintent.com
match.taboola.com
onesignal.com
onetag-sys.com
p.adsymptotic.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.casalemedia.com
rddywd.com
rtb-usw.mfadsrvr.com
rtb.gumgum.com
rtb.openx.net
s-img.mgid.com
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.tradingview.com
s.tribalfusion.com
s3-symbol-logo.tradingview.com
s3.tradingview.com
secure-assets.rubiconproject.com
secure.adnxs.com
servicer.mgid.com
settingbrushfires.com
simage2.pubmatic.com
simage4.pubmatic.com
sp.rmbl.ws
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static-3.bitchute.com
static.doubleclick.net
static.tradingview.com
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-volution.ai
sync.inmobi.com
sync.mathtag.com
sync.spotim.market
sync.targeting.unrulymedia.com
tags.bluekai.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
tg.socdm.com
token.rubiconproject.com
translate.google.com
translate.googleapis.com
trc.taboola.com
u-sin01.e-planning.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vid.vidoomy.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.ournewearthnews.com
www.prepperfortress.com
www.rumormillnews.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
cs.nex8.net
jnn-pa.googleapis.com
103.229.10.211
103.229.205.243
103.231.98.194
103.231.98.195
103.231.98.197
104.16.199.73
104.18.100.194
104.18.18.126
104.18.19.126
104.18.226.52
104.18.255.14
104.19.132.78
104.19.133.78
104.19.173.108
104.21.15.8
104.21.21.110
104.21.234.213
104.21.42.82
104.22.25.87
104.22.74.138
104.254.150.241
104.254.151.120
106.10.236.147
106.10.236.37
107.151.8.10
107.178.244.193
107.178.254.65
109.206.161.21
119.9.108.191
124.146.215.42
13.107.42.14
13.250.200.154
13.33.33.102
13.33.33.39
13.33.88.31
13.33.88.47
13.33.88.71
13.33.88.90
138.199.46.66
139.162.38.30
139.99.49.250
141.95.98.68
142.250.4.102
142.250.4.156
142.250.4.190
142.251.10.149
142.251.10.94
142.251.10.97
142.251.12.102
142.251.12.155
151.101.130.49
151.101.193.44
151.139.128.11
162.19.138.83
169.197.150.8
169.62.67.163
172.217.194.101
172.217.194.105
172.217.194.155
172.253.118.119
172.64.152.245
172.67.132.113
172.67.138.44
172.67.14.110
172.67.38.106
18.138.18.111
18.139.80.166
18.140.27.177
18.155.68.14
18.155.68.37
182.161.73.136
182.161.73.146
185.184.8.90
185.84.60.21
192.0.72.23
195.5.165.20
198.206.157.242
20.127.253.7
20.43.160.189
202.131.200.84
204.93.150.152
207.198.113.205
209.191.163.210
209.54.182.161
212.129.3.113
23.106.127.39
23.15.148.136
23.195.152.23
23.213.140.214
23.227.139.243
23.227.146.18
23.72.44.196
3.1.14.27
3.113.231.86
34.102.253.54
34.111.151.213
34.117.239.71
34.98.67.3
35.186.193.173
35.186.253.211
35.190.30.115
35.190.60.146
35.212.212.222
35.213.12.39
35.213.93.179
35.244.159.8
37.157.4.28
45.79.195.246
46.137.228.209
50.116.239.135
50.31.142.191
51.83.220.94
52.13.231.254
52.20.226.248
52.223.40.198
52.74.162.2
54.192.150.108
54.251.128.63
54.251.50.135
54.64.204.44
64.120.110.136
64.120.110.139
66.155.71.25
67.199.150.81
67.199.150.86
67.202.105.22
67.202.105.31
67.202.105.34
69.173.158.64
74.118.186.44
74.118.186.45
74.125.130.132
74.125.130.95
74.125.24.156
74.125.24.94
74.125.24.95
77.81.165.130
8.43.72.98
80.77.87.161
89.187.162.142
89.207.22.76
0446a4fedc3b34b36fcb912b75a9c40664c709f4e57f75f36833dc4e7057cca6
045328d1dd45a333f8b8eb322e072be5f1c18bfb403705577a1c6ca5c1daf352
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
04bb9eb63ee4c0b1a8fe08b2def48fb0dbe810b8b7d5e6efd233cb6973166d7a
089496fad06ab878e243867d56f0e3d39cea020af1ced7d985d42274937b4bdf
08e9c2fb69783b04f7caed2788efe3fd3004ab945018bbb1a9faee33d8033281
093a0dd610c16a2b192e9ee3fd1a62f3df8e2a31c7d4092f91084b86fd6d946a
0b257edb6213c50a66843e91aba3a913a8417bfcca4d118d243df8d7acd0bda8
0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
11d8ab754a7bd056500e49e7f473228063c95032e33794319a5f28cfaa511cb8
12124f07c2d7aad81b172aaf2fb86ff1d0ab1e0c1ef4eefd04abf1997995814c
122a8abb31063d32e9327bed2a8695c3ea423843db5677f2ea9c8c90b120072c
12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988
1284f3e8b0bd1cba40326776843f02447eaefa32133cccbb558699477c21723f
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e37e80ee8a2fd2a8538a7a88313bd5bbc30a05406a53d95f09dabf5d9325f1
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
15c8288a0739ac7b9d71592f12c6da487bd2c63cc2657a561e6089f93ff1bfd3
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18da033fa6f3e50f2aff786cce9365380b89c6ca2f34720dc23dd0fc871a7779
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1cbab457694e9f5e2096f84323b0d46db15c5668ceebc1593b589b13f2813754
1dca9c7971fea3e428f5b9ec24cd4c0dbd1bf0bcfedbf6883970a75fa72389b8
1e43f5866962b9e654575f1a7536da4bf6e485380cc5a54bb5f9e26f2d6a2d49
20bcd8bdd33fe50162b31c0d788c2dd8dc761f95afd517d34f6fb043d4a1f6da
20dad7d6169f58bb367e7c79abc275cdcac3163518731bd24632dc6130381d49
2184bde14f366b82397206ea0e32e9de74996f0cfa3c7491830d2fe4ea957e4b
231c48941aa35461a0d4673dc4944b6e2470cde7bd78bf04c0543a3ac47b538f
23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b
23d1e625e25f365547889854b2ee28d498b399699a270a5ecf6c31576a482a56
24a5def112a50a4851378065e3b8c8d5718ea46fb62bc32e04960803605e6b80
2693978892b0f2bbcd12cd728e9c381e17f1634980a2aeb2a1f5ca3b2a0a9ef0
293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643
29aa8a988acb9cf8f043e73b1ebbcb804446a6bb0bcdbbb02a80f326e7e8a034
29b4c2322030f7fca3f6a543aaad072bfe93b896875b0ed4ed7838b9ae26d23b
29ffacbdaa134fadd6aab4109e67220209788faca266b634a110658b41615d97
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
2f3eba1194c88bed5aea71a0e612cac14a5f13af4b072395d3327a462a050325
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6
3213291e26ea4490553f9b7b690f4adaa52497899e8c86a50b2d8c1830c69da9
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
34ed31053c7a3f132e11075de47b215255d7f87e07fc8d6a4e525403d3d1c078
3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d
368da2121d8c4eaf9660d8ef21e50a34d049ccb0a64bc32111a2b72055b8efc6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36dafadbb0f09e6811c915f6146001f094e5b86992abc6498f42f9da822cd841
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38c24ad9f43bd9eb0a4b9fa67778e308a7a811294e0e006d49cc120604d58bb0
39be618a9c0572272d3c817bb5baaeccb2c5a52ac93889a3dcdf686d9b5bb7b7
3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde
3a5baaf48425b11d6685e6dc62508c1419d7aceb5815c59f4f34a3fa10a48fca
3b1d676c9e21b188ea98095a67361ba9bf3e6bf8a59ebf86b2444a1a6c9d5a27
3cf0ecbe84fb7dbf8765b706c161ca740aac8d4980cf0693c315db0ef42615be
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee5811c76d7723bfd84473090c1a356eaaf8e383d33dfc592275a375c9197fc
3fba98f59a57629b4b27b30fb400a01459da1b199956e290dc1f2b121c95dab4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff0b1664e2f0f0fa78dca3bcac5ffd9801d90220c7deed2153b7c06e9e05905
425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
453b2621e7077fd54fa1aa9e26aaf854f9bbce09d6013f4ce09ba161e4271fb2
4554451a1a13ae3adc7d2854d1eea1978a4b43d1b363f7b351fe961787cd51df
46552d3fa970f030193828d69e9f964937b8bf98b5154007ad45d6f4735e2438
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a84d6525eecfbacfb972f87277289039f30475897e6f377f07f9058954bc8df
4c4c2acc98fe6ff98dfc81cadee2e7c98c2df0c9dde86c3eb0bf9ccb442ab16c
4c78c0e8094a90b756326fabb418f416dd0ac55c96cbf57f1efc57fbb3883631
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dd3edd6010c83b7e5db04580678184ce7647331952cd42534f8e61cca362c53
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
4f6b546d74233fbed8224b942f1571c5b9ef1ef6c68ba3b6d0ac48f7ec847e6b
526f595b24ddc41e5f1cd91119435c1b6d4a577aa488ef034b2895fa9ce3c723
54227bdfe86fe142392ffb47b826c1369351d0e32706729a13b33a8ce033c765
5663044db514de9a051e62999179c3e9b42afb107516c9534ba5b33223b2b344
58bd6ac05b9a699dfa8264cbde0ef9556cc22fec98a2b86331907a12f1c825df
590c6b59624e0a705c18d4d0c3f7a3298c57664e2dbb13e72798e1ba1f5f277b
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5a8b18b2ba7eebc250a8e4773d8f35dfedc334713d68019cb48a9e96e751c178
5bd3690cc1066947a93570a19f2206fef0c0f251657651c42acc9141dad6635b
5e2adae137b8b00c2a4a6bca6313e66330a84707af7daf6cf234b1661f4b41c2
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
616d134b8650e5097843c7e5f9caa8ae956272e12433959a8699ed3415e98c33
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
624b432c85eff23dbd74f99c05e05e36096953c74f91454674a8ef315f4496dd
62f63052b5751bacb0916c2cc9494839f760ac3eddcad87d67bba4fb4fdbe04b
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
65dcecc3b673ec482b0eca9a415a5bb337718fdf1152443b004410f0183b2e58
65fa2849eb04b25dd3d737ee39791f24feb89ef65a01eea6820cf1eb95f15efa
671a17bf27c845ea10cf680b06312eb40b25eb3d58484b0fb0ad76085ed07022
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
680bdd7119f5914491d1883f5bc4e27b68c6567d30665a301f0fbf6d4a49416f
685e381cf4e0a1ca260097e3da882b3186aa9fbc66d9e2bc809b7a0fc2152b6b
6912dcc7488b46734313867af8275688569bc6f9d686f7f9a63b2f5ad37649df
6a194ace54f5bfe33571be8873a85b98bfa9f7e7b7e9afc9e6fd9a354b23dd17
6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf
6ac49053fbe9bbcbd8cf4c3a67ac6429962c6bce654e13ac31c37894b2550a64
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4
6d9adbef008101f908c4c1bcbcfc6000278cd007139e3b64a31096f4afe4a682
6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
70f711ef87e155826d38cf362563b3c3a902827ea2f1704cda6343a914533be1
713a139d1eb7768fd66828026d2749e070b09f3aac3461ee4ad362f68b6242e6
71512c60aae1972336bfcd51407676f38f5dd54a8263f972745bc7f15a2f608d
75bcccbee440b0d40c7983d5af46689421bd0f039d6f1ef4b7debae516d4876b
7659e9f8a65f752019ae2013ce697c7a502d8fc787c2c10a09697e4d95097cb3
77ddf8e5d885402e584364c742faffd673b60b0abdf27ceef43ba77ef98c8563
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
79360de0dde96c66951ec98436ed801408af900e95b0cc49e5350d0e0eca48bf
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7bf33c686c7d0098b15fa105f49c725fa99d02b4800bae9e067f339160d4d7b1
7ca724e80cc5d05792851c6e8fec670c4f62a919c5ab281ee487a599d9542272
7e69ff7af87960b61da9b1477435fcbbed21eec5c6bc16788ec6ada3efb3ec7c
7f0d79a85dad1dbcec5770c033aad79fca4645ca38d1c39f8cf54884c6dd98ef
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
80944a1784eee2c099b34753caa51a824d0824a03da21c5262768429bc7c19e9
80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83685b8121366befe151b1eabd84dd0b8c43bc023c676203467eab24224bcb81
83cbaab0cdcf23647f502b7401494916e5e248aac820cd629c51d0ff059d7b3b
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
853f01811cf4164f78b3907c133364b9520fe492cd49b671b86a466f2a91f692
856fc462ddf06b466ece9f4f6f44e4320ef136b9c89a82a2fbd89e9d69a9d4f4
85a3d8af7a1f1580c3d29069e046b0bc5cea5406a3015d7f2de17d76fdef8711
85ccee5ad88a169089e98557d2bb02ea1015a150ac8f6a0f1d1af3e9726c8be9
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87327f2a756f72d9e271cb8cffea395f4172e37702419faf7cdb73e66bc6ed30
88687897a17783a2258d97a050b493609009a7e4db09e9697a519627af8f0a22
887c490048589e3276d19bd2c5b78626a4caf5e84c6d580c45dcdc3c8ab5284a
8a46105885c5a86da7684c935f2647f6dd95b168d24968484041c704525fbd31
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a
8a7a82b3f13048f984c488181e43cbadd0aa28e6d129954c022b8dc1b3d4f692
8c4b4747f904e069ae8f2376f6080a2ce4d6d86a8d076e0217e66dd05142cbee
8df2ae43e4368b0ee8b3826cba609f16ab5d43713668795230f3c1561db2e7e8
8f9098a9e361798bb7b2358b7fa7b1cb6d42a8c1b32ba28c0ae9f7c47c7d27f1
912cc155f4bb11b6d6a0b37d046f87a0e0317a10a0c05bae207319e031cff8ad
91b4933bcb30cdf20db9e838865530175324a1d22d7ddd55d23a7e3e710cd10b
9236eb71c1d7475074cf2fb9ff1ca79ec299a5a1addedfd0a1708e7243a366c2
92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
968223d9a08ecd504af62126c91de12e96fe95e2a3c00853d9b1a268dd6af653
96dbb370fa89313894cfd5b4442cdd46d4c19aeb3a94b23b811d0bf4e2550349
9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a7f750f6203c78ce6080272f0f26d51cca0d8762e70665f854800dfb3df4fec
9adf10c965758f866e121f2f5ca0542edaf68516a3e1f5effbfdc1a1ba694f3b
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef
9d6aee1fbec53b8add4d4859eb659dba8f5b80097d5bee33d426c5f3e1ffa9ac
9e1509d864f7ebedfc3e373c05b4deda1a8b57e81ae7b1a8322e8d55b0bf9691
9f1d01c516edad0bafcf7135f95b86d102181a3a9ae39ab2a7c9e887b401ad8f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a625d3f3ae6317102f0a3084fc6ab526bb508deeb11481faa9021574d9f85a
a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2146cabb2c0eedda8220dc0633772feebebc3dead5cdf229ac50239a90ab814
a291b7a4643f0319ee8244ed6076cd1b5f6379584c1dbb67160030fbfa0c472d
a2caf2de620b49e0e592622c32bc657cbd92dec7ec65509d15fad501f949672d
a3e62298dff8872c4e600f90021df0f7b904eed4d978798ff145a3a2d45a8aff
a4d8bc2edc9f5efd9006661207a14202bbb111288798f09e20240bcf810e5921
a5a4555a853a38c7209ad9ba749632a384bed64d8f9e05a9434a5ef53e2b6d6c
a62334c82b9dfacf1f58e151caa55991c8ca756a887d1b57072685150c5205ce
a6595af8e2eeb1737fe4fe336a4b1e1ed97dd0c302042643f0da811b12d39f05
a747c61c2762926db3f5fb6b9018e2da640cad4f7bbb89aab50ec1632c9aeb78
a9d447abcc72abe7d4c47bbef66f0ce21b3a596e9713c650ff7fd84ce9c94986
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ac3ffab99e564cda39a83ee07e16190e55cc80e0045217b2d056934bdd7512c9
ac5e2759087c1b1e3c5fb878b96e8a188150e16fdd393ccc101a487dbe8be878
af4c6829d7875209a7aa4b05f6073d290d86c37234937af96fa83b0e497bdbfb
af7cf9a941708743df247331dfe510634427e1bf04659aff43830d865a80faa5
b04ac9a91361ab2c84b86e0f309b1a655feb748b8e6ec80d5dd2cc551e3b0c04
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2
b6f3b5ab8201506e21a1bb084586aed00eb9609611e4a7fe363754619e757c9b
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
bb1cd14db11ac7dbc9d30112d3a3c8fd9550b7f870bf378a3399aa51224a9167
bb51d1e5236e0daeb078e0df8e945e5a0afc06e83e0ed54281d9af4877f58df0
bc65c6721af6fef8b02dca12cd466a18150acbe66203f45d76782f210194867e
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996
bdd107a66b8908477daf2e2516e120575f8e60e401ea4228a1181c1c187adf2d
be1d479ef98593d90a366c43a2afe4b63b1556c4d47df0bb2c23d4b931c57f7c
c04eae00fe67743ec07110330164f37de2905daf6f5403c1fe4ff6c892a4ab20
c189c9130542a12b967046a42346e2a1082de9fe50297ab0bd78d5bb1036f2e3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2953581bfdf68aac5e92afc0f685e0f07f447dff83c38e8b581de25c66e8f2e
c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7
c78141a7f7449cdfee0d070c186f12bb53e974961e52007ab58b4190134ba878
c78dac4d9942916e0883d73508665ca282520b9c22f8a1e151f4113b4cd07152
c7e58799078e5a29d5b03f677d5402d4c36edb7f2af33d6fad341cb998569ba2
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
c88bfeee9fe75876435148968ef09c0fa6d99f836bb0cbadb2c3e5becc72a5ae
c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb098d30f138e774eb7116631b5bbd04e3d02f9dc017967273f1f4e332f5dbcc
cd6631dd4dd254f0ad73de6cddf03219a2a4a4e52474e9f87645cc25744a266c
cefe8f24c53ed2e9311c02a8254df62b4fd38de3c35a382e40c7edb400f8f2c8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d01eee8af54b3ea2049757a2f70dee96fa85fcc3e701a7ba0d4c5bd2fcd91e5d
d0488ee06f43c2b00eb16be7cf745e9ed686e79061d5dd3dea7d54b38aa98067
d11358673e6944e9cfe0d14dabcc82f531dc2313ab636a8925607d76192e96e1
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d1b8a0fc8cd1e1cee4a88d59f5787fdd243f2fbf583f809d5c8d5028ea2b1162
d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
db5a5844e5bdd5315fee970c82d32e7652ec2a65d23860d9f3acf8585bd61397
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391
de2223e46a7952c68666282f14bd7954b4969ab7f9d56cdfbbcd6b44f6bff36b
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de45bcb98a25e03737c45b0282d1b142498e520b5749f3168761c854f2769436
dea385b614e8e6d676df5a371eef8ec2f58339ac98827755ead728b9fc0a63c3
deb04921642eb42197ef3a764843e0aa71ab874fcdeb32033c6fd1b12e32e124
e2eb99367c0db7ba7905d0d98eaf833d2cbbc9b50a4afa834f106f9828b8ced7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c56414d6d7edd75f68e972b2c7161626f82d4d3df26d8b76c237a223c090a
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
ea96fd7ce63932fbc9213224d869baa7def0ffbd857e9e49a810f1c7c85fae6c
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec3f4c6958fbbebfc1f8dea70ddca7ae891aee442fd35097bdefa8bc10ce5195
eca1d35f3411e618bf4da24ffabeb298f0dcb7b729255a442be6fe842b311ec5
edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eeea019d178f9d8cc11cf74817c89892903b8ef3556366819b60fa370af44dc5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3c7d9f652f3c117447e501a26ca093c4ae90da89f3b3b744160a854e8c05ce
f0ce0f281f4e0c2fb38a80a24bfbdf344c432041d34592435bb398da5cb7aa10
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531
f21846c4a1b5277edf056a6b8743f0aa44b0ee9b69a75771ecb5a49fdd2feb2c
f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897
f3aac55c6b640f86a9bb716c3f11d71a4316733847096a8535f2885a55551230
f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92
fa26570a7d19bffe5024e5f55867b0d638ee2481f470d395189e0ab68341ea8a
fc2e32240f3044fccb8a5de2022acd096ce6998b46368ca10c2c6461ce2565f1
fd475ccd523727d382d832b0756af039029d2e7c0fdba11e3831091cdc0044db
fd850ac81412e1c3ef5f28a275795fe1dd319b66aaad80b87387d3add2853b4f
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fe19334709cd41c6c626aa65d242a3c096e5ef4d92097fc19fc27ab73d31d50a
feb4fc467795a580abc9ca8be5f38bbec4cb85b1a5cd9c40743052acf912cf47

beforeitsnews.com Open in urlscan Pro 172.67.14.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

420 Requests

79 %HTTPS

0 %IPv6

105 Domains

166 Subdomains

99 IPs

10 Countries

10947 kBTransfer

20711 kBSize

161 Cookies

16 Outgoing links

Redirected requests

420 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
172.67.14.110 Public Scan

Screenshot
Live screenshot

Full Image

420
Requests

79 %
HTTPS

0 %
IPv6

105
Domains

166
Subdomains

99
IPs

10
Countries

10947 kB
Transfer

20711 kB
Size

161
Cookies

420 HTTP transactions
7 data transactions