urlscan.io logo urlscan.io
SecurityTrails logo

www.rebelnews.com Open in urlscan Pro
2606:4700:7::a29f:8a2c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?e=9afdaa8fc14dc4e1bf486...
Effective URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire...
Submission: On January 24 via api from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 8 countries across 30 domains to perform 453 HTTP transactions. The main IP is 2606:4700:7::a29f:8a2c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rebelnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 5th 2023. Valid for: a year.
This is the only time www.rebelnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 22 2606:4700:7::... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:25a... 16509 (AMAZON-02)
1 2a0b:4d07:102::1 44239 (PROINITY ...)
1 2a00:1450:400... 15169 (GOOGLE)
15 2606:4700:7::... 13335 (CLOUDFLAR...)
13 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
5 13.224.103.77 16509 (AMAZON-02)
30 146.75.116.157 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
65 18.165.183.38 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
15 3.216.88.24 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 2a00:1450:400... 15169 (GOOGLE)
1 104.16.89.50 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
5 17 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:219... 16509 (AMAZON-02)
52 54.187.119.242 16509 (AMAZON-02)
3 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 104.244.42.136 13414 (TWITTER)
8 2600:9000:25a... 16509 (AMAZON-02)
1 8 2a00:1450:400... 15169 (GOOGLE)
10 44.239.50.116 16509 (AMAZON-02)
30 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:401... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
12 2606:2800:134... 15133 (EDGECAST)
3 198.137.150.201 16509 (AMAZON-02)
10 142.250.185.130 15169 (GOOGLE)
1 104.244.43.131 54113 (FASTLY)
2 2c0f:fb50:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:2800:233... 15133 (EDGECAST)
24 2a00:1450:400... 15169 (GOOGLE)
453 48
22    2606:4700:7::a29f:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)
www.rebelnews.com
therebel.nationbuilder.com
9    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2600:9000:25a2:d600:19:eb8b:91c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.inplayer.com
1    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
rebelnewscss-1756d.kxcdn.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
15    2606:4700:7::a29f:802d (United States)

ASN13335 (CLOUDFLARENET, US)
assets.nationbuilder.com
13    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    13.224.103.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-77.zrh50.r.cloudfront.net
d3n8a8pro7vhmx.cloudfront.net
30    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
platform.twitter.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
65    18.165.183.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-38.zrh55.r.cloudfront.net
js.stripe.com
3    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    3.216.88.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-88-24.compute-1.amazonaws.com
fundist-rebel-news.herokuapp.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
16    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.16.89.50 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.embedly.com
10    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
17    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:9000:2190:4600:5:2cea:4ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
services.inplayer.com
52    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
r.stripe.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
8    2600:9000:25a2:f800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
8    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    44.239.50.116 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-50-116.us-west-2.compute.amazonaws.com
m.stripe.com
30    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
12    2a00:1450:4013:c00::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
pay.google.com
4    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:81c::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
20    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
12    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
pbs.twimg.com
3    198.137.150.201 (United States)

ASN16509 (AMAZON-02, US)
merchant-ui-api.stripe.com
10    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
1    104.244.43.131 (United States)

ASN54113 (FASTLY, US)
abs-0.twimg.com
2    2c0f:fb50:4002:802::2003 (Kenya)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:400f:2::8 (Ireland)

ASN15169 (GOOGLE, US)
rr3---sn-5go7ynl6.googlevideo.com
6    2606:2800:233:1ab3:789:1032:20e3:21 (United States)

ASN15133 (EDGECAST, US)
video.twimg.com
24    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
Apex Domain
Subdomains		 Transfer
130 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1227
q.stripe.com — Cisco Umbrella Rank: 7010
m.stripe.com — Cisco Umbrella Rank: 1188
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5083
r.stripe.com — Cisco Umbrella Rank: 3369
3 MB
47 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2616
www.google.com — Cisco Umbrella Rank: 2
pay.google.com — Cisco Umbrella Rank: 2630
play.google.com — Cisco Umbrella Rank: 31
1 MB
43 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
796 KB
38 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
829 KB
35 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1230
syndication.twitter.com — Cisco Umbrella Rank: 1527
958 KB
29 nationbuilder.com
therebel.nationbuilder.com
assets.nationbuilder.com — Cisco Umbrella Rank: 85797
24 MB
20 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
static.doubleclick.net — Cisco Umbrella Rank: 263
229 KB
19 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 3687
abs-0.twimg.com — Cisco Umbrella Rank: 3853
pbs.twimg.com — Cisco Umbrella Rank: 1242
video.twimg.com — Cisco Umbrella Rank: 1730
514 KB
15 herokuapp.com
fundist-rebel-news.herokuapp.com
2 MB
14 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
ajax.googleapis.com — Cisco Umbrella Rank: 369
jnn-pa.googleapis.com — Cisco Umbrella Rank: 220
80 KB
10 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
10 youtube.com
www.youtube.com — Cisco Umbrella Rank: 75
1 MB
8 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1315
72 KB
8 rebelnews.com
www.rebelnews.com
27 KB
5 cloudfront.net
d3n8a8pro7vhmx.cloudfront.net
26 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
259 KB
4 inplayer.com
assets.inplayer.com — Cisco Umbrella Rank: 460753
services.inplayer.com — Cisco Umbrella Rank: 744647
1 MB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
280 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
92 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6518
562 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
2 KB
1 googlevideo.com
rr3---sn-5go7ynl6.googlevideo.com — Cisco Umbrella Rank: 188167
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 231
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 93
22 KB
1 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3034
71 KB
1 embedly.com
cdn.embedly.com — Cisco Umbrella Rank: 12440 Failed
99 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 811
7 KB
1 kxcdn.com
rebelnewscss-1756d.kxcdn.com
143 KB
453 30
Domain Requested by
65 js.stripe.com assets.inplayer.com
js.stripe.com
fundist-rebel-news.herokuapp.com
31 q.stripe.com www.rebelnews.com
30 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
30 platform.twitter.com www.rebelnews.com
platform.twitter.com
24 play.google.com www.gstatic.com
21 r.stripe.com js.stripe.com
20 www.gstatic.com googleads.g.doubleclick.net
www.youtube.com
www.gstatic.com
pay.google.com
17 googleads.g.doubleclick.net 5 redirects pagead2.googlesyndication.com
www.googletagmanager.com
www.youtube.com
googleads.g.doubleclick.net
16 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
15 fundist-rebel-news.herokuapp.com www.rebelnews.com
fundist-rebel-news.herokuapp.com
15 assets.nationbuilder.com www.rebelnews.com
fundist-rebel-news.herokuapp.com
14 therebel.nationbuilder.com www.rebelnews.com
13 pagead2.googlesyndication.com www.rebelnews.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
12 pay.google.com js.stripe.com
pay.google.com
www.rebelnews.com
www.gstatic.com
10 pbs.twimg.com www.rebelnews.com
platform.twitter.com
10 www.googleadservices.com googleads.g.doubleclick.net
www.rebelnews.com
10 m.stripe.com m.stripe.network
10 www.youtube.com cdn.embedly.com
www.youtube.com
9 fonts.googleapis.com www.rebelnews.com
fundist-rebel-news.herokuapp.com
googleads.g.doubleclick.net
8 www.google.com 1 redirects www.rebelnews.com
www.youtube.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
8 m.stripe.network js.stripe.com
m.stripe.network
8 www.rebelnews.com 2 redirects www.rebelnews.com
static.cloudflareinsights.com
6 video.twimg.com platform.twitter.com
5 syndication.twitter.com platform.twitter.com
www.rebelnews.com
5 d3n8a8pro7vhmx.cloudfront.net www.rebelnews.com
rebelnewscss-1756d.kxcdn.com
4 www.googletagservices.com googleads.g.doubleclick.net
4 jnn-pa.googleapis.com www.youtube.com
3 merchant-ui-api.stripe.com js.stripe.com
3 region1.analytics.google.com www.googletagmanager.com
3 www.googletagmanager.com www.rebelnews.com
www.googletagmanager.com
www.google-analytics.com
3 connect.facebook.net www.rebelnews.com
connect.facebook.net
2 csi.gstatic.com www.gstatic.com
2 cdn.syndication.twimg.com platform.twitter.com
2 www.google.de www.rebelnews.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 services.inplayer.com assets.inplayer.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.facebook.com connect.facebook.net
2 assets.inplayer.com www.rebelnews.com
assets.inplayer.com
2 cdn.jsdelivr.net www.rebelnews.com
1 rr3---sn-5go7ynl6.googlevideo.com googleads.g.doubleclick.net
1 abs-0.twimg.com www.rebelnews.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 netdna.bootstrapcdn.com rebelnewscss-1756d.kxcdn.com
1 cdn.embedly.com www.rebelnews.com
assets.nationbuilder.com
1 static.cloudflareinsights.com www.rebelnews.com
1 ajax.googleapis.com www.rebelnews.com
1 rebelnewscss-1756d.kxcdn.com www.rebelnews.com
453 50
Subject Issuer Validity Valid
www.rebelnews.com
Cloudflare Inc ECC CA-3		 2023-11-05 -
2024-11-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
nationbuilder.com
Cloudflare Inc ECC CA-3		 2023-10-21 -
2024-10-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
inplayer.com
Amazon RSA 2048 M02		 2023-04-25 -
2024-05-23		 a year crt.sh
*.kxcdn.com
Thawte TLS RSA CA G1		 2023-06-23 -
2024-07-23		 a year crt.sh
assets.nationbuilder.com
E1		 2023-12-21 -
2024-03-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-08-20		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-01-02 -
2024-04-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.herokuapp.com
Amazon RSA 2048 M02		 2023-04-02 -
2024-04-30		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
embedly.com
GTS CA 1P5		 2023-12-18 -
2024-03-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
syndication.twitter.com
R3		 2023-12-11 -
2024-03-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2024-01-16 -
2024-03-26		 2 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh

This page contains 49 frames:

Primary Page: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Frame ID: 8DF11A2A31CFFB04B830C0F843DE105F
Requests: 78 HTTP requests in this frame

Frame: https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FfaWDFvv7lUc%3Fwmode%3Dtransparent%26rel%3D0&wmode=transparent&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DfaWDFvv7lUc&image=http%3A%2F%2Fi.ytimg.com%2Fvi%2FfaWDFvv7lUc%2Fhqdefault.jpg&key=e23856ccc1f011e0b5e44040d3dc5c07&type=text%2Fhtml&schema=youtube
Frame ID: DAA3B06F17902B3DDC3F048BF4C384D0
Requests: 1 HTTP requests in this frame

Frame: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Frame ID: 11A8AD86B9CEA53710397A3E507F3752
Requests: 10 HTTP requests in this frame

Frame: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Frame ID: 729A215BAF0C33E7813381FD294DB103
Requests: 10 HTTP requests in this frame

Frame: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Frame ID: 3182FA7FA363700F827690E86ECE82DC
Requests: 16 HTTP requests in this frame

Frame: https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FfaWDFvv7lUc%3Fwmode%3Dtransparent%26rel%3D0&wmode=transparent&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DfaWDFvv7lUc&image=http%3A%2F%2Fi.ytimg.com%2Fvi%2FfaWDFvv7lUc%2Fhqdefault.jpg&key=e23856ccc1f011e0b5e44040d3dc5c07&type=text%2Fhtml&schema=youtube
Frame ID: 8CC21D2D6F55B06066559C4C85424B8A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 4BC6B6558C90A8CBF61F11FCF71F865B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.rebelnews.com
Frame ID: 77313D609E25840C32F6F65C2B4821A9
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 8506939F40D93983A02235A6A22A340E
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v18.0/plugins/comments.php?app_id=1679673749184434&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9a66fb5eb16a0a6d%26domain%3Dwww.rebelnews.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rebelnews.com%252Ffca59c784b8478f73%26relation%3Dparent.parent&container_width=766&height=100&href=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&locale=en_US&sdk=joey&version=v18.0&width=
Frame ID: 86A58AFD106E0FF165E2E0C28B7FC03E
Requests: 1 HTTP requests in this frame

Frame: https://www.rebelnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: 61FCC93DDFCEC212774C56BF21576379
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 8EDFCBE9D0EBC7C5DEC838E102DB5016
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&adk=1812271804&adf=3025194257&lmt=1706079668&plaf=1%3A2%2C2%3A2&plat=1%3A128%2C2%3A128%2C3%3A16%2C4%3A16%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668605&bpp=3&bdt=2053&idt=253&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8338586917157&frm=20&pv=2&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=271
Frame ID: 19AC1647E3179820798D919CB96A0AFF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=2567848006&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079668&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668608&bpp=1&bdt=2056&idt=376&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=380
Frame ID: B6D679447FF4D6F3199D10AF29ECC284
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Frame ID: 620B630BDE5F8646FD81B35064FFA3C8
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2057&idt=409&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=413
Frame ID: 5774F98559974E4C8D1B3C53B2CAD15A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2058&idt=421&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=423
Frame ID: EC453FCB8886C81636B3F5A9259DE82B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Frame ID: 1F7958B32AC747204E2945360B71A542
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668611&bpp=1&bdt=2060&idt=691&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=694
Frame ID: DB8825530C3F3B15D93E496BCF905148
Requests: 16 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Frame ID: 8526B5A90D720EF48A42BFC46A5083E2
Requests: 32 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749548156617146559&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Frame ID: 7B01F63A6CC0A4E26D295C21A809BE7E
Requests: 17 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: B3D96E227C62CFAFF23FE03984312FD9
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
Frame ID: 5090AE71D1A68052AA081D3A5871A302
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Frame ID: 2B8208CAD6C00154A3B7264D9274AF24
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
Frame ID: 7478B44985153A689BCA1684E5688842
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 952B6BFED6672D9B3EF1AACCA5A990D7
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
Frame ID: 418536BA2B33B8804B1A07C92BE96873
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Frame ID: 66B72D157406A385F773DC105120F132
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
Frame ID: BD6F2965AE0FB930C3D2BF1E357C1777
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 9D2C57B76C12218321640746D5EF7D93
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
Frame ID: E225AF6BE60F3C0D33A4FA29543E253C
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Frame ID: 89A0F151DE53D927FC7CD3CA8E476D83
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
Frame ID: 5793331260D2165C9B67FCE1B4E6CD23
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 12D6C887646B673FE5A7A871B07AA64E
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 174F1BDB166083ACCB2DA529535077FB
Requests: 6 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 78786EE6F5037FFECADF3156A1778449
Requests: 6 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 9FD95A9E507414B5DF1A0E4133AF4249
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 0A714424B08CA45ADF5C6AA30E694F07
Requests: 7 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: A06825694EFBF2F363914497A30A3589
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 34F035265882E9D232D96012A9A45EF7
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 4B70706445A881D39E2292C7F9985A81
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 8669498859909F3435EE06D51CCF2A00
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 2A69BEFD5AE90F4247B9D4CD7B24E39F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 828166666398A6B418466746F3EB17EE
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Frame ID: E93C6400B9C6C05077FF52D561F0CB8B
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Frame ID: F4D9E643BEBE74194152C8EA7AE3513A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: FABA6AEF722145D585A29BA45A41533F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E97F252652B5FFCA1CF5138938C2F3C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F07CD388BD67393C4A87070FDBC14E2C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Threats against Avi continue to ESCALATE as his former gym is FIREBOMBED! - Rebel News

Page URL History Show full URLs

  1. https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?e=9... HTTP 302
    https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

453
Requests

98 %
HTTPS

77 %
IPv6

30
Domains

50
Subdomains

48
IPs

8
Countries

37154 kB
Transfer

65701 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?e=9afdaa8fc14dc4e1bf4869fa027d7436&utm_source=therebel&utm_medium=email&utm_campaign=el_avifire_012424&n=10 HTTP 302
    https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://www.rebelnews.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.rebelnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Request Chain 264
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 272
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cq_XjtbWwZf7CBPaE_NUPu-2DoAyD-eq8dZ360-ydEb_hHhABIKy4nSRglfrwgYwHoAGg8KCXKcgBA6gDAcgDyQSqBMkCT9BdFulrQm111XmFSlFbphyh4ISASelVpIFsoCLQOixc4DJOSir_U3bYxVz2sy5ofwUaTt9srBD3Le_xHtWDt6NpVmIW_L2CoheFukHd4gqrdUse2EB5LJYzWcX4bqKNGdcaxJA4Mpl6b2ETVQ9hKJPq1jRgkMjTWUq8BHZM2J47-tPHvc5MSrHy8siLOBnJob0OICkjnH5TOk7EC6SYtk3El7wTjnTYUDsz6c45pR8l_2WXDRy2xco8VAOy57Vx2iYI_R0zIdYuOXKWLArUSeQgbupweBjjnEwTUeHi-MhuA9zdpbNgu4fppJMimZ-xxE67aj0ji1E0gxswIKyeviWHcNqMXlQ6ItrNAEdCCyyz79UMQ7EzGVBb0KJckJJn4l8_yWaJMbfDBqNkFKuRcu1q2mPXMwceoKvCUdDw_XL6DbbQmp2q9M_ABJThx7SrBIgF9_mkiUqSBQQIBBgBkgUECAUYBKAGA4AHoKjx9gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCT4wPSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMXYiIW69YMDmgnAAWh0dHBzOi8vd3d3Lm15a2EuY29tL2RlL1Byb2R1Y3QuYXNweD9wPTM1MjYmdXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPURFX0FMTF9Hb29nbGVfY3BjX0Rpc3BsYXlfT1MyMV9UQ1BBJnV0bV9jb250ZW50PURlc2t0b3AtJTIwQWxsJTIwQXVkaWVuY2VzLSUyME1hbGVzJnV0bV9pZD0xOTg4MzcwMzU0M4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yOTcxOTE4NzkxMDk3MTI0GAA&sigh=daUFqEsDHDI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_HrI9OXb5fJMmiQ1uuAJOSR6FscRKvpNJT87CdwNiTIbknN06C9nlLqTqH8ySTBcS7jspvmWrcxgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225492354954126366488%22,%22debug_reporting%22:true,%22destination%22:%22https://myka.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211054626848%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211620420891634565313%22}&andc=true
Request Chain 323
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cihk4tbWwZaqCBLO2x_APhJCS0AGRoeG_dZOkhsLBC2QQASCsuJ0kYJX68IGMB6ABqNON_wPIAQmpAn-MYyoiOLI-qAMByAPLBKoE0wJP0ENkhXwGN73x3xz7cjhTZKW1MkO4ZIGEtBp4pNNKhT_uzp2k7gIM697I8QT4VP4Kc-Pup3wkfUsW5YqlhbZ8jnTk3NRRdmGU6t1jyCBsD_Clv87t7wJd-LYisxEa352f1FuEeb4Tx7Rgtp6V_arluBKSWYGF3WBYV0RTmRgkfSXsFpuO6GWiOo8VOzLMSKAFVBtLaNnT99ac6qvR74M3MTXh3rEHoDN5qjnLAxqyyqGCkIo6yfPmAu75YBAZs0jUBlaUZtAvP726Ri6F-5KGP-hBz5n4lRf-EUQN2LP62bqOaAIwqM2YMp1goATaaE6Cy1TGtShZSptYz72HgP-DVCN5E4qUkDz7Qqk02TmaobG40AmPIDcVYmXk0M0cwZLaZCLaGl0ePdof7ALXHeQG-c55flE5xRT3qIvaiTDsWobpQtE47XfHhC2nLHRozKRjn3DABL-k-pD9AogFgbLU1SOSBQQIBBgBkgUECAUYBKAGLoAHwKxyqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQsJMT0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliakoiFuvWDA5oJTWh0dHBzOi8vaW1wdWxzZS1zY2h1bGUuZGUvc3R1ZGllbmFuZ2Vib3QvcHN5Y2hvbG9naWUvcHN5Y2hvbG9naXNjaGVyLWJlcmF0ZXIvgAoByAsBogwIKgYKBKy6sQLYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMjk3MTkxODc5MTA5NzEyNBgA&sigh=nbjvsBnWud4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_epVJgLHaD80j-Xm_PLldnA0xKl3rJ43GPnwjbu2cduE0pnCyDgoLEHdRfULGW3T-8czeGAArGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213465980273266685158%22,%22debug_reporting%22:true,%22destination%22:%22https://impulse-schule.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221071868328%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226072697460332938417%22}&andc=true
Request Chain 332
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CFizYtbWwZe2vFbSH1PIPvea9WOr7pa90yfbxxP4RZBABIKy4nSRglfrwgYwHoAH366btA8gBCakCwiPiglw2sj6oAwHIA8sEqgTLAk_QTHFncXigAhl7Fde9Qz2tWyKLxwZHGy1EzaDsTz99P4QecO_qQIsZKdbtMZin1xgt8GsKg8CZof4ApiUw1hJ72GLrAEr3W-Q2IAtwb60bPiT-bc_fY5eNiT5gWA-LoLFU1E0GLnexhDrNC29-VWWo8B11ZaOFydz2YhvRqh2h2aCpGmet6-wYZR_4CK9sDFw3cHgjnDLuf1woLtrB3oYIS2EV82NqMkupjO1XZcWKjpL9jQe2JFeaUD8vsnasH0DdeKurGsRS_U0pTEEQYTYCrHpK4JwN0B-QIVzp4-lXtCQvNgUHwkHPUi7hSSSOjdnNJpvtyxFPCwjsjLlmCamTdAb_Qr6qDhihrduD-i1DXzXKPVnbEDj7nv1a-mYx5lPG4hI7oXdgt3-YY1B5lfP5HohvyJcojKn0QTwEECwhBwV3dqE8PhfvjrzABIi2mfnNBIgF0bTH0AGSBQQIBBgBkgUECAUYBKAGLoAH8ZPZEqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENjGBtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYx7qZhbr1gwOaCUFodHRwczovL3d3dy5rcm9mdG1hbi5jb20vZGUtZGUva2F0ZWdvcmllL2NvbnRhaW5lcnVlYmVyZGFjaHVuZ2VuL4AKAcgLAaIMCCoGCgSsurEC2BMNiBQE0BUBmBYBgBcBshccChoIABIUcHViLTI5NzE5MTg3OTEwOTcxMjQYAA&sigh=KR2RjJtzHIk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_jEgqbtzFThX2zPQ6LnVwoEsZRNkXKXSF7myLwfeWbSIwsmCJywuPC8bya0YSLvWm1KhHAoBdGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221210625448264396052%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221034532343%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215784429940347833601%22}&andc=true
Request Chain 366
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CnxSNtbWwZdePC43u1PIP-M6s-An-hsDVdI-X3KyDD7_hHhABIKy4nSRglfrwgYwHoAH366btA8gBCakCj5s4s183sj6oAwHIA8sEqgTLAk_QDkl5aQUi41MDb4WXAkmJ6vekLjV56sy-S_JiIp2Mx5XG8Gz0uTOddG48v1uc--UokbpIQ3Cl-sj6AVKd8f1YOcktYntXpioY0gQ9iskZscdYkiOwjj8lR5BmKeFd4yVBM1GIdz9nzkYhIOZHI4M6bg_Lqai20qfZIkB-yhGdi9kzF_8mNr3fbUbidXGKdVG3exBlFLxKCfXHwCJMiKQ_6KxF6_6yrv0DAVq61iaCDkReEp1xoZPjMS9PRYhndtSgXlmHxyREYdfnHAgOAqw6dj9apRvV8I7l9ZYYc23PqMRa19RRFdj3MkjKtX-FJTLqIHJu9NAy5z9oSb5zw68TZtspqUpfqsIqXsSUeQ115O0Fgf5RaTXCopJgPzaKcqfLap10DAaQldRyEJX_dGNoeGIOqLYrVuxCpP6-Kwoba7UuspIj2795tEfABLv1pJLEA4gFy9WAry6SBQQIBBgBkgUECAUYBKAGLoAH8ZPZEqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEKWYC9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY36SPhbr1gwOaCThodHRwczovL3d3dy5rcm9mdG1hbi5jb20vZGUtZGUva2F0ZWdvcmllL2luZHVzdHJpZXplbHRlL4AKAcgLAaIMCCoGCgSsurECuBOcG9gTDYgUBtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yOTcxOTE4NzkxMDk3MTI0GAA&sigh=Zbhoev0PbVs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_JJkVLCgzMZd2imbP1F68VhMQf3O1YluaW-ZN5Y7NGV9LDRr6_uL71dMlYGo5Tuct82r5noXCNhgB&template_id=3484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221483867508687341483%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221034532343%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228327067615642866561%22}&andc=true
Request Chain 406
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CLxR9tbWwZaj_Ac6w1PIPsMmxuAX-hsDVdI-X3KyDD7_hHhABIKy4nSRglfrwgYwHoAH366btA8gBCakCj5s4s183sj6oAwHIA8sEqgTOAk_QQTBPrqSbU-P47xagwQHx6j6KmwLarirj6kkNurX512P_zXindrl9hTMC2Xcyu6serfbwZlnbnLMXJoZvzuKzMvKy0hKC_SmVXRMbOtLvmi4FPRSEAr9EPsStD7lq2volcFnU1wkAm7n1r1Ct6yHL9V0LiM9dXeSg5EvkQy1g48xImAOjR8Fy6RPtNI9fY2AwskBiGFlGmVmJiV8YxHuHG7gq_GBn58oz3I-mWIf8WHzzhaoEtNtEYhWooN0tjhu1c314ESbuZ5pUMea17ircfuUyzoPnFzLL-j1PIgmigE6KrRJ_pkm_MQPEkntbV6T5-n-JBolzbPfZ5SkwZXhhCE5xkstgLH_KA2pzpg68-d6j6V2C6BLsktxW1IThjphfCdbXCF2fqBt9UcMOyuAsoKg0fJE3eZd2JplxveC2EJW_sjkiwJRMq4MwYhPABLv1pJLEA4gFy9WAry6SBQQIBBgBkgUECAUYBKAGLoAH8ZPZEqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJ-zRdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-YuGhbr1gwOaCThodHRwczovL3d3dy5rcm9mdG1hbi5jb20vZGUtZGUva2F0ZWdvcmllL2luZHVzdHJpZXplbHRlL4AKAcgLAaIMCCoGCgSsurEC2BMNiBQG0BUBmBYBgBcBshccChoIABIUcHViLTI5NzE5MTg3OTEwOTcxMjQYAA&sigh=ZAbz5DLgPjI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_1cPESFyZbOaD_QvN19e4JBN2Q0F3B7RseLq-nZGMwkEVoxO96_0mY0gC40LqBgTsSiErKfZZGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229441993142560844019%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221034532343%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212065516069871836753%22}&andc=true

453 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed
www.rebelnews.com/
Redirect Chain
  • https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?e=9afdaa8fc14dc4e1bf4869fa027d7436&utm_source=therebel&utm_medium=email&utm_campaign=el_avifire_01...
  • https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
105 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1484ae6d648f01abe1d853560463121e874a3649f05a1fcd67bebd2642d6444
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-request-method
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=86400
cache-control
must-revalidate, private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
84a66739ffd56a74-TXL
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 07:01:06 GMT
server
cloudflare
x-content-type-options
nosniff
x-frame-options
ALLOWALL
x-middleware-start
t=1706079666299431
x-rack-cache
miss
x-request-id
f030427c-0fcc-4881-84d9-17d19e019981
x-runtime
0.094312

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84a6673628d96a74-TXL
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 07:01:06 GMT
location
https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
server
cloudflare
x-content-type-options
nosniff
x-frame-options
ALLOWALL
x-middleware-start
t=1706079665976897
x-rack-cache
miss
x-request-id
dd8cb4f7-1f9a-4344-aa30-05661517a03e
x-runtime
0.144094
css
fonts.googleapis.com/ 		6 KB
969 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a2a885ced31775688b02c8e38311884e2894c8d4b65aa5d23d7c7b879a371b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jan 2024 07:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 07:01:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jan 2024 07:01:06 GMT
remodal.css
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ 		2 KB
1003 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/remodal.css
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b986cc934432b19f05b4a2f0d0f5fbeb96cf698b545465df15cf53c35ecd196
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-middleware-start
t=1703191024274127
alt-svc
h3=":443"; ma=86400
x-request-id
8ad38bff-22ee-43a5-b6f7-d2abb026ebf4
x-runtime
0.064677
x-content-digest
7aa55d8a847522fdac2d63c5649f7b6c15d6a22d
server
cloudflare
etag
W/"6b986cc934432b19f05b4a2f0d0f5fbe"
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31556952
cf-ray
84a6673c59bc58f0-TXL
x-rack-cache
fresh
expires
Thu, 23 Jan 2025 12:50:19 GMT
remodal-default-theme.css
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/remodal-default-theme.css
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
370c49c5ba241c54b36196c644394dd9f91554a875ab4dbfae6549ca7088dee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-middleware-start
t=1703191024250978
alt-svc
h3=":443"; ma=86400
x-request-id
6c1f0718-5c5b-4684-a5ef-a14a2cc4995b
x-runtime
0.091965
x-content-digest
e3c0078d4e589886ee89b263c992c37d98b2ee57
server
cloudflare
etag
W/"370c49c5ba241c54b36196c644394dd9"
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31556952
cf-ray
84a6673c59b858f0-TXL
x-rack-cache
fresh
expires
Thu, 23 Jan 2025 12:50:19 GMT
selectric.css
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/selectric.css
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad2b369a9fad37f4d0c2bd23746d9c4b8be3cbba24baf781f25a853246875fe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-middleware-start
t=1703191024364230
alt-svc
h3=":443"; ma=86400
x-request-id
d5ec8f2e-ea4d-4daa-9cc3-8310b662d52a
x-runtime
0.076546
x-content-digest
d64eae4547775fd767b48ff4ce53fb4cb0c64e81
server
cloudflare
etag
W/"ad2b369a9fad37f4d0c2bd23746d9c4b"
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31556952
cf-ray
84a6673c59b458f0-TXL
x-rack-cache
fresh
expires
Thu, 23 Jan 2025 12:50:19 GMT
magnific-popup.css
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/magnific-popup.css
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a44e537eb0dfe0dfdb3a7ab134b25790c6f99e33436bf603e879598ec164a9fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-middleware-start
t=1703191024555903
alt-svc
h3=":443"; ma=86400
x-request-id
dccaf23b-65d1-407d-9b10-f29b2122fd1e
x-runtime
0.083794
x-content-digest
4bc5c190369aa8724e02171cfac745b15a95b952
server
cloudflare
etag
W/"a44e537eb0dfe0dfdb3a7ab134b25790"
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31556952
cf-ray
84a6673c59bd58f0-TXL
x-rack-cache
fresh
expires
Thu, 23 Jan 2025 12:50:19 GMT
slick.css
cdn.jsdelivr.net/jquery.slick/1.6.0/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick.css
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5454365
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230083-FRA, cache-vie6321-VIE
server
cloudflare
etag
W/"6c1-bp0TNCoRqM/Z5C7iQ+rq4BzaTiU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEXAIsjMGmCuVfsGySpnamJHq7YNYzQC2UlvneXaHHgzOxilVOcg3SyclfCKC6kQiauxH8vJl0lwpjGofordEPm8Dmu4%2FydDifeHlTznx8MPimYpQwDToHUnk3s%2B74W%2BmP7NVV7gi7APcKIm6ng%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
84a6673c4d3b266d-TXL
slick-theme.css
cdn.jsdelivr.net/jquery.slick/1.6.0/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick-theme.css
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5196442
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230115-FRA, cache-bma1678-BMA
server
cloudflare
etag
W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgIAcGtX3NiGuhGSYHQZjlGC5P5pRoirJEqllTQPrBU25Jp6m2CcLbqi3Px5JGS6y974O%2FsKovdGcYMT5w1vJagMZgbWYe4SdnPMyTAMoKeyZ9nK%2BjEwnXORNJQSB18PjiGDhj7a0ciDIf%2FZyK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
84a6673c4d43266d-TXL
cookies.min.js
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/cookies.min.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8a32eb3c1d6bfd89189d8b25f75c3365e45760f8d10de20f16f26e9da727db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-middleware-start
t=1703191024571680
alt-svc
h3=":443"; ma=86400
x-request-id
75d092b5-1e92-4677-a588-ab6e27d8ca01
x-runtime
0.061951
x-content-digest
7ce0f0ac3ceb70d0e2e8d8377144e7463ccbb0a7
server
cloudflare
etag
W/"9f8a32eb3c1d6bfd89189d8b25f75c33"
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31556952
cf-ray
84a6673c59be58f0-TXL
x-rack-cache
fresh
expires
Thu, 23 Jan 2025 12:50:19 GMT
paywall.min.js
assets.inplayer.com/paywall/v3/ 		6 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.inplayer.com/paywall/v3/paywall.min.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:d600:19:eb8b:91c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba80e3d77b488c783448e05881d3be16230d9250150a4c421f393cbe45d4874d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
w_CYF4.VGFLhJBM33H6FWMfbZ_95eHYR
content-encoding
br
via
1.1 9f25aa45df27e50f380232059fde4c1a.cloudfront.net (CloudFront)
date
Wed, 24 Jan 2024 07:01:06 GMT
last-modified
Thu, 26 Oct 2023 12:46:01 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
age
31
x-amz-server-side-encryption
AES256
etag
W/"d77930dd237daba0c7e3b23c9c8bf181"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
zAaTVakPZuFBtzT0gQHzoTj7SchHrRz4IYKEFlgiZtNMVfvhUlKlgQ==
theme.css
rebelnewscss-1756d.kxcdn.com/ 		1009 KB
143 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rebelnewscss-1756d.kxcdn.com/theme.css
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
265763bfcb13cf0fd010fc6eb315c6992f4f3e817642c2aa906e0cb940bee7ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:06 GMT
content-encoding
br
last-modified
Tue, 26 Jan 2021 22:51:22 GMT
server
keycdn
x-edge-location
defr
etag
W/"60109cea-fc583"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-headers
*
expires
Wed, 31 Jan 2024 07:01:06 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/dark-hive/ 		30 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/dark-hive/jquery-ui.css
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b891794d1d6d5c58c744ec2bb2ca47684d75ca6ec8c63b7b34be1886f7e19906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 17:58:10 GMT
x-content-type-options
nosniff
age
392576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30588
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 17:58:10 GMT
main-c2d17f5c65a7fbd197b7a65357ac82be1a4ff51b2932b32fd233152158bca307.js
assets.nationbuilder.com/assets/liquid/ 		812 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.nationbuilder.com/assets/liquid/main-c2d17f5c65a7fbd197b7a65357ac82be1a4ff51b2932b32fd233152158bca307.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2d17f5c65a7fbd197b7a65357ac82be1a4ff51b2932b32fd233152158bca307

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:06 GMT
x-amz-version-id
3djU.lA8T1Eg_CNyxh4hh1QCg9SV1DFP
via
1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
content-encoding
br
x-amz-cf-pop
AMS1-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 22:39:53 GMT
server
cloudflare
etag
W/"33ac058d504357859fb32d50b5b1d386"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cf-ray
84a6673c5b52453a-TXL
x-amz-cf-id
O5idGWjiO3-L65qNS7Di7aB9usb3q86HgLFpdcNyqXDt28bFvpqeLQ==
expires
Wed, 31 Jan 2024 07:01:06 GMT
iframeresizer.min.js
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/iframeresizer.min.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a01583bb1046d42e54d2ddf18e6659d54025b7db0a792464dba2a2572e23c696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-middleware-start
t=1703191024255757
alt-svc
h3=":443"; ma=86400
x-request-id
1e2d4561-8a72-4166-903e-0a2441fe5d6a
x-runtime
0.084730
x-content-digest
0ed978b46b2f78990bfda4241d2853e30ae87ed3
server
cloudflare
etag
W/"a01583bb1046d42e54d2ddf18e6659d5"
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31556952
cf-ray
84a6673c59c458f0-TXL
x-rack-cache
fresh
expires
Thu, 23 Jan 2025 12:50:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f584e3b30b74471dbad77fc4d0e56a1c116eb29288fc35fa2509950ca1a1e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51496
x-xss-protection
0
server
cafe
etag
4173278737885640140
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 24 Jan 2024 07:01:08 GMT
jquery.ui.effect.min.js
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/jquery.ui.effect.min.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f3ca08629dbf4b97858143154de2a7b48c4c671d6849b56aa592033a2546cf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-middleware-start
t=1703191024510126
alt-svc
h3=":443"; ma=86400
x-request-id
faba08a1-76fc-4779-a2b6-2071b9601235
x-runtime
0.103806
x-content-digest
1b3c129be8aafb7c1d1cc795870d3e25365fc2a9
server
cloudflare
etag
W/"5f3ca08629dbf4b97858143154de2a7b"
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31556952
cf-ray
84a6673c59c058f0-TXL
x-rack-cache
fresh
expires
Thu, 23 Jan 2025 12:50:19 GMT
jquery.ui.effect-slide.min.js
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ 		774 B
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/jquery.ui.effect-slide.min.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c56ffc47b4761b0396058aa73916486a33095af06bba5e72072ae332483dc7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-middleware-start
t=1703191024249027
alt-svc
h3=":443"; ma=86400
x-request-id
4ac0f6b8-f7fb-413d-af90-6bb66ac9c0f4
x-runtime
0.080902
x-content-digest
2d0b4629f786724cb9ceba70e34ff5775fa16084
server
cloudflare
etag
W/"1c56ffc47b4761b0396058aa73916486"
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31556952
cf-ray
84a6673c59c158f0-TXL
x-rack-cache
fresh
expires
Thu, 23 Jan 2025 12:50:19 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
14cc7fca3d03e0749d878e1e44fa525aaa7f251f7363c757df59ae957701b6c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.rebelnews.com/
Origin
https://www.rebelnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 07:01:08 GMT
content-md5
LeJ29Fcawl7yYN87VODotg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-debug
OaMODzfjgmZPQXb/gVp66ACFmGhss+K7+v3tdJFALN4HpUgsUIiGB9Ffk6oHmkjYYu13IhVnuY+U72rq3D8d3Q==
x-fb-content-md5
8d60d3d25a5affee08e43feddea14f19
cross-origin-opener-policy
same-origin-allow-popups
etag
"3975ad8ac8e8073beaf17328c2441729"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 24 Jan 2024 07:09:38 GMT
Rumble_logo_white.png
d3n8a8pro7vhmx.cloudfront.net/themes/5fd9329f4764e88b10364fad/attachments/original/1619012729/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/themes/5fd9329f4764e88b10364fad/attachments/original/1619012729/Rumble_logo_white.png?1619012729
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-77.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1bcd36950e0cd2e7c1d94806420176e3a46a5e59685b23bb5f52e0bf1bd0c62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 24 Jan 2024 06:35:32 GMT
via
1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
last-modified
Wed, 21 Apr 2021 13:45:30 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
age
2240
x-amz-server-side-encryption
AES256
etag
"c157b6fc2a3e3b143ee2c281d3cf219b"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
6447
x-amz-cf-id
CMfwZUN-mEZjr6LkqmA4KIle9NSDviRCOpmfExWT-bWuK9THkUyWIQ==
odysee_png.png
d3n8a8pro7vhmx.cloudfront.net/themes/60bbc8a0c2948067eccb8a0a/attachments/original/1623433300/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/themes/60bbc8a0c2948067eccb8a0a/attachments/original/1623433300/odysee_png.png?1623433300
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-77.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cad8491124a34a04a98cc1ccabdd735e6e8cf35c753b73afc1765ce4723fdd49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 23 Jan 2024 08:49:56 GMT
via
1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
last-modified
Fri, 11 Jun 2021 17:41:41 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
age
79872
x-amz-server-side-encryption
AES256
etag
"179026c0233283178b3af5f8bef375f1"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
5279
x-amz-cf-id
8CxPkad4obbbobFMdU6J-25SyX9L6fsfPoyrq7wolPVXQfqvp2QrOQ==
_rn-logo-2.png
assets.nationbuilder.com/therebel/sites/1092/meta_images/original/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nationbuilder.com/therebel/sites/1092/meta_images/original/_rn-logo-2.png?1582397021
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcfee70144904fd3988afe1169ffc8d774b0a6366d7cd9dc214dbee02d8a41cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:06 GMT
x-amz-version-id
null
via
1.1 bc92c7a079ec548fd10416e41c612926.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
WAW51-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
27160
last-modified
Sat, 22 Feb 2020 18:43:43 GMT
server
cloudflare
etag
"a3200783169a9b88d8affd6fe1e8bf40"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84a6673ccc2f453a-TXL
x-amz-cf-id
LeZ-tgtOI4MlnAWhQHh-MuDJWZ7VQPCGE3mRddPnx27NC7ZtoB-xTQ==
expires
Wed, 24 Jan 2024 11:01:06 GMT
rfts_banner_wide_%281%29.gif
assets.nationbuilder.com/therebel/pages/53757/attachments/original/1689693160/ 		9 MB
9 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nationbuilder.com/therebel/pages/53757/attachments/original/1689693160/rfts_banner_wide_%281%29.gif?1689693160
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bb57745ba47c60e3b9d83a09cf4df3bbf2f7f43ffe175caabd5a745bccb5d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
x-amz-version-id
null
via
1.1 749a671e906c28858bfa6b66ced6ce58.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
CDG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
9955355
last-modified
Tue, 18 Jul 2023 15:12:41 GMT
server
cloudflare
etag
"662ced8e676d2753e16897ff82af2558"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84a667466c3eaca7-TXL
x-amz-cf-id
MdArIA0padNdH5l-S2gxXJZqUlFWYdK0ynC7IyLb9OMgy6ZzJrMi_g==
expires
Wed, 24 Jan 2024 11:01:08 GMT
rfts_banner_4.gif
assets.nationbuilder.com/therebel/pages/53757/attachments/original/1689693235/ 		9 MB
9 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nationbuilder.com/therebel/pages/53757/attachments/original/1689693235/rfts_banner_4.gif?1689693235
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb79cc0b38c8a65eaf64497af2c70b4f8e8c4a762ad5e485d2ce4d7329e835e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
x-amz-version-id
null
via
1.1 4dacb01807cb4c0e8eb52307b7de1392.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
CDG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
9897265
last-modified
Tue, 18 Jul 2023 15:13:56 GMT
server
cloudflare
etag
"19c994273662ea86fb0232db7a3c390a"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84a667466c43aca7-TXL
x-amz-cf-id
nhXe1OHEWoBTfsUnkz5XyAnSi-uZfOXTpg76injlzg2I6yaMDqLGMQ==
expires
Wed, 24 Jan 2024 11:01:08 GMT
email-decode.min.js
www.rebelnews.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rebelnews.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Jan 2024 15:56:35 GMT
server
cloudflare
etag
W/"65aa9bb3-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
84a6673ccc656a78-TXL
expires
Fri, 26 Jan 2024 07:01:06 GMT
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
27597
x-served-by
cache-iad-kjyo7100044-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
ausbla_th.jpg
assets.nationbuilder.com/therebel/pages/73612/features/original/ 		397 KB
398 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nationbuilder.com/therebel/pages/73612/features/original/ausbla_th.jpg?1706065084
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aabc37e6197d7a0afa907a7772bab33faa29080f7b82be074385abee7424c0ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
via
1.1 1e1b63f715ae11e79ed87d9679a26800.cloudfront.net (CloudFront)
x-amz-version-id
ui.wTSNNXssc020XUo6a7nkLgblgH0XL
cf-cache-status
REVALIDATED
x-amz-cf-pop
WAW51-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
406696
cf-bgj
h2pri
last-modified
Wed, 24 Jan 2024 02:58:06 GMT
server
cloudflare
etag
"f260a86de791533a65c7f74c53a53ec6"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84a667466c44aca7-TXL
x-amz-cf-id
miI2v7nSw7Oij4wIyBzbofLGnscK2h-Y2ji6PUWkTGJ-Ty5RYaTzNA==
expires
Wed, 24 Jan 2024 11:01:08 GMT
villa_th.jpg
assets.nationbuilder.com/therebel/pages/73580/features/original/ 		839 KB
839 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nationbuilder.com/therebel/pages/73580/features/original/villa_th.jpg?1705980604
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadbdfb11bdf9239bd44b5a55849d6147d088c6e5ea3fb5d1a1775f6a93772bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
via
1.1 218366faeb88f6d265d2589e37ea2dac.cloudfront.net (CloudFront)
x-amz-version-id
.dmwfATA44MtttLct9JBS4pR1HO.sbOI
cf-cache-status
REVALIDATED
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
858966
cf-bgj
h2pri
last-modified
Tue, 23 Jan 2024 03:30:07 GMT
server
cloudflare
etag
"e26ba5302f67c5846cd82aac5a5db6f4"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84a667466c46aca7-TXL
x-amz-cf-id
fRQ7_0pIvPCyrrvYU0SpYvlB0d4xTJHj6k_McWPGKtSK1bDLWrAT5w==
expires
Wed, 24 Jan 2024 11:01:09 GMT
tenpal_th.jpg
assets.nationbuilder.com/therebel/pages/73578/features/original/ 		753 KB
754 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nationbuilder.com/therebel/pages/73578/features/original/tenpal_th.jpg?1705971184
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dc3828575a6159a21cbc657c52d9fff8c7459043998f611bede58901c3c8a4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
via
1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
x-amz-version-id
IScP_WdHyiZ0yeWX9dkgMRU3zRyDVzoM
cf-cache-status
REVALIDATED
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
771355
cf-bgj
h2pri
last-modified
Tue, 23 Jan 2024 00:53:06 GMT
server
cloudflare
etag
"7e3d0f1a32f1bae23e093839d598aa06"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84a667466c47aca7-TXL
x-amz-cf-id
u91aMKB8gXKE60g5Ku-8-m9BJvW4iJIvqnWNnCOxDxCcMciOSL7Fpw==
expires
Wed, 24 Jan 2024 11:01:08 GMT
avigym_th.jpg
assets.nationbuilder.com/therebel/pages/73576/features/original/ 		434 KB
434 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nationbuilder.com/therebel/pages/73576/features/original/avigym_th.jpg?1705966718
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e62d57e6fabd03514be731093543778965e7e5f0157c096f90a9d556e4761dda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
via
1.1 487e773bc809cb87809f770954ce1e22.cloudfront.net (CloudFront)
x-amz-version-id
phVTdCHX4nFG4UMPyjofl2KLQ6mZ1NI9
cf-cache-status
REVALIDATED
x-amz-cf-pop
BAH53-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
444072
cf-bgj
h2pri
last-modified
Mon, 22 Jan 2024 23:38:40 GMT
server
cloudflare
etag
"57d0583076011dae9a5a9a482e0698ff"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84a667466c48aca7-TXL
x-amz-cf-id
vH0TLz0QO9qPm7zzO8nVPH2cNGpaftbzG5_Ono5eanYn4Ll3pCDkVA==
expires
Wed, 24 Jan 2024 11:01:09 GMT
wheres_th.jpg
assets.nationbuilder.com/therebel/pages/73557/features/original/ 		326 KB
326 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nationbuilder.com/therebel/pages/73557/features/original/wheres_th.jpg?1705886118
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1d69dc2fbc3f9cd2ad73d96d5dbb68ae8058a15fdcfbf9a8244d50042b712a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
via
1.1 acc5f68eb88a8e6d59815a0246ec23f0.cloudfront.net (CloudFront)
x-amz-version-id
93SdDhSlchpQQyq1rlmd9m0jx4.7h6xz
cf-cache-status
REVALIDATED
x-amz-cf-pop
AMS1-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
333489
cf-bgj
h2pri
last-modified
Mon, 22 Jan 2024 01:15:20 GMT
server
cloudflare
etag
"b9984ca86dbe96c50a331d3610191bf2"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84a667466c4aaca7-TXL
x-amz-cf-id
FJF0NOaU4jCUrpW_NjW6Pn4IjZjk1p2leOrGc6IUUMPrFnmgZ1E4ZA==
expires
Wed, 24 Jan 2024 11:01:09 GMT
crick_th.jpg
assets.nationbuilder.com/therebel/pages/73556/features/original/ 		630 KB
631 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nationbuilder.com/therebel/pages/73556/features/original/crick_th.jpg?1705880737
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b05603811f4c9d049d6ce2f97c69c8cfe2a6a17c2b07f7e9b910387b6850f121

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
via
1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
x-amz-version-id
.7LEbfDkujWGWh7m.EC5mpzdPDw7v8YO
cf-cache-status
REVALIDATED
x-amz-cf-pop
AMS1-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
645566
cf-bgj
h2pri
last-modified
Sun, 21 Jan 2024 23:45:40 GMT
server
cloudflare
etag
"c47f8efca6d9c48234a5e8637c4a1c95"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84a667466c4caca7-TXL
x-amz-cf-id
PdYzRham7qI_jgOUh_gsGrk8YvxhurJlZdcLNkN1U4jWK2ZjpGo-4g==
expires
Wed, 24 Jan 2024 11:01:09 GMT
liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js
assets.nationbuilder.com/assets/ 		174 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.nationbuilder.com/assets/liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:06 GMT
x-amz-version-id
XMew1ySJZEbqZHOttyLjYEji5MMXxzWm
via
1.1 dcb9765526b3272617b95932c8fefee2.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 12 Jan 2024 21:30:10 GMT
server
cloudflare
etag
W/"c5d34981e474397332adfa4081ceecaa"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
cf-ray
84a6673cec7b453a-TXL
x-amz-cf-id
rHKbKp7TasPW43aGiM0PGqrG0JedWEE-rMhmwRXMSUnVUz43xZLqYA==
expires
Wed, 31 Jan 2024 07:01:06 GMT
tinymce-1044caa1178bd6d7aa1cd3d7da31070cd443b4c3e78d6055867520c0e56114b5.js
assets.nationbuilder.com/assets/ 		872 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.nationbuilder.com/assets/tinymce-1044caa1178bd6d7aa1cd3d7da31070cd443b4c3e78d6055867520c0e56114b5.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1044caa1178bd6d7aa1cd3d7da31070cd443b4c3e78d6055867520c0e56114b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:06 GMT
x-amz-version-id
gbxoOR2mKJASbIdVX8UJMPuKRaQzK09q
via
1.1 1b300ac0fc08f49360b62bb3f1350070.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
BAH53-P1
age
254
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Jan 2024 23:21:52 GMT
server
cloudflare
etag
W/"2d5aa065a9ce8f660bbcfa0f1277eb33"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cf-ray
84a6673d5d3f453a-TXL
x-amz-cf-id
9wiTMyaSrlNfu_0J8v3kBE8NYaBJBOD1iT_YYJRKoGrl3t6kmUIpbA==
expires
Wed, 31 Jan 2024 07:01:06 GMT
bootstrap.js
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ 		65 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/bootstrap.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4a90e5c0f890d1f8668b26236db8f1d35448714f9812270008613d7b0ad0d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-middleware-start
t=1703191024688587
alt-svc
h3=":443"; ma=86400
x-request-id
f4c01a54-b6a1-4aa9-ac94-1995e76316b7
x-runtime
0.055860
x-content-digest
56444859edd76300f8d6e734de0ba8af21539070
server
cloudflare
etag
W/"bc4a90e5c0f890d1f8668b26236db8f1"
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31556952
cf-ray
84a6673d5b7558f0-TXL
x-rack-cache
fresh
expires
Thu, 23 Jan 2025 12:50:19 GMT
_nm-scripts.js
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ 		94 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/_nm-scripts.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7dff9464425212bb2e58ba741cb4ed312280a7202aeae38d3469e2f917cb57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-middleware-start
t=1703191024383515
alt-svc
h3=":443"; ma=86400
x-request-id
35b8d50a-81b1-4eca-a8da-df510d0291d6
x-runtime
0.054180
x-content-digest
c84982e3ddac199d2e5038f99b340bc48689dcbf
server
cloudflare
etag
W/"0a7dff9464425212bb2e58ba741cb4ed"
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31556952
cf-ray
84a6673dcc3658f0-TXL
x-rack-cache
fresh
expires
Thu, 23 Jan 2025 12:50:19 GMT
remodal.min.js
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/remodal.min.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21ea2a0ec1a9c48686c58d481b308e247fa9f747d2208099ce598ef823e555c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-middleware-start
t=1703191024560476
alt-svc
h3=":443"; ma=86400
x-request-id
1ea1e420-61ec-4ada-8c8b-a698be928cc1
x-runtime
0.045517
x-content-digest
84ce6b3f9b2de38a68253c6b8fdee77273b00962
server
cloudflare
etag
W/"c21ea2a0ec1a9c48686c58d481b308e2"
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31556952
cf-ray
84a6674078ff58f0-TXL
x-rack-cache
fresh
expires
Thu, 23 Jan 2025 12:50:19 GMT
jquery.magnific-popup.min.js
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/jquery.magnific-popup.min.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
666ea8fccc6357315c19049cba0ee7b821e5898d5b0d7d2273c03196e664cef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-middleware-start
t=1703191025141481
alt-svc
h3=":443"; ma=86400
x-request-id
66784d6a-09f9-4255-9703-5500c7cff7bc
x-runtime
0.057256
x-content-digest
9e524854b53bfc43171ec8283ba0dd2b300893af
server
cloudflare
etag
W/"666ea8fccc6357315c19049cba0ee7b8"
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31556952
cf-ray
84a66741bba944fe-TXL
x-rack-cache
fresh
expires
Thu, 23 Jan 2025 12:50:19 GMT
clipboard.min.js
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/clipboard.min.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-middleware-start
t=1703191024933776
alt-svc
h3=":443"; ma=86400
x-request-id
f79a3a29-14df-4223-a8e7-78731f46bff2
x-runtime
0.055843
x-content-digest
6371ec0a8e242395c7d4d008d2b98e472c9dcc52
server
cloudflare
etag
W/"8a7739925f4c03586479852df840b706"
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31556952
cf-ray
84a667439f3f44fe-TXL
x-rack-cache
fresh
expires
Thu, 23 Jan 2025 12:50:20 GMT
ad-blocker.js
therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ 		114 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/ad-blocker.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0738f6af798c2dd78ada1779be0b1f57cd151ef746e38c2849cebd53b839dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-middleware-start
t=1703191025146161
alt-svc
h3=":443"; ma=86400
x-request-id
ddb961f1-9169-4a66-9c16-4c1528a623f0
x-runtime
0.116215
x-content-digest
cc840394955b5906a9218b004e9cc6f1555246af
server
cloudflare
etag
W/"b0738f6af798c2dd78ada1779be0b1f5"
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31556952
cf-ray
84a667466bec44fe-TXL
x-rack-cache
fresh
expires
Thu, 23 Jan 2025 12:50:20 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://www.rebelnews.com/
Origin
https://www.rebelnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
84a66746ff2e44f2-TXL
v3
js.stripe.com/ 		586 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: assets.inplayer.com
URL: https://assets.inplayer.com/paywall/v3/paywall.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3113bf467de4971f85467af36358ce6000e13b77b4e8991a8a0e746a07eb73f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
9
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:43:59 GMT
server
Cloudfront
etag
W/"a91e0aff9b48ab71024887a3d829f605"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
6en_x6lVDL8U2vtHndGJSqvAxGswMl_ST6ax8ycwqHEs6uDF0CzRiw==
gtm.js
www.googletagmanager.com/ 		257 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NSB758F
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d5ce1cf2856f51afcb0c617dd6beb4f32d4082636e514c02ae2544e0574fa5ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91864
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 Jan 2024 07:01:08 GMT
en.json
assets.inplayer.com/i18n/latest/ 		24 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.inplayer.com/i18n/latest/en.json
Requested by
Host: assets.inplayer.com
URL: https://assets.inplayer.com/paywall/v3/paywall.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:d600:19:eb8b:91c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b50ca410d6ac5611af69438f071ab9b9e3881d0d5d134fb6dec83a0bf06d57ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
qLt_OEbetj7a_ahfTRljleyZgZwvZKBA
content-encoding
gzip
via
1.1 ff571229df9f46b01b0e434bcb36f9e6.cloudfront.net (CloudFront)
date
Wed, 24 Jan 2024 07:00:03 GMT
x-amz-cf-pop
ZRH55-P1
age
101
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Oct 2022 15:14:24 GMT
server
AmazonS3
etag
W/"e2459705d43cce140802e28b1fbea46c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
lGL78mqaaRJAXzReuFmOXkj-8uA122G-NmKQAqJhMzcolk8P8w48uw==
media.html
cdn.embedly.com/widgets/ Frame DAA3 		0
0
Rumble_logo_white.png
d3n8a8pro7vhmx.cloudfront.net/themes/5fd9329f4764e88b10364fad/attachments/original/1619012729/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/themes/5fd9329f4764e88b10364fad/attachments/original/1619012729/Rumble_logo_white.png?1619012729
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-77.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1bcd36950e0cd2e7c1d94806420176e3a46a5e59685b23bb5f52e0bf1bd0c62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 24 Jan 2024 06:35:32 GMT
via
1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
last-modified
Wed, 21 Apr 2021 13:45:30 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
age
2242
x-amz-server-side-encryption
AES256
etag
"c157b6fc2a3e3b143ee2c281d3cf219b"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
6447
x-amz-cf-id
qaE_Eh4e6l5qhQkztahu6YJ9njxXJA8f5vNKUbUkOkq89w1HrN2Xbw==
odysee_png.png
d3n8a8pro7vhmx.cloudfront.net/themes/60bbc8a0c2948067eccb8a0a/attachments/original/1623433300/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/themes/60bbc8a0c2948067eccb8a0a/attachments/original/1623433300/odysee_png.png?1623433300
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-77.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cad8491124a34a04a98cc1ccabdd735e6e8cf35c753b73afc1765ce4723fdd49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 23 Jan 2024 08:49:56 GMT
via
1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
last-modified
Fri, 11 Jun 2021 17:41:41 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
age
79874
x-amz-server-side-encryption
AES256
etag
"179026c0233283178b3af5f8bef375f1"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
5279
x-amz-cf-id
IVTdXc6_QF7iBTHRf1KI1gqF7OQFUauT2kFda6eqJ4DbPs5vSelMxg==
/
fundist-rebel-news.herokuapp.com/form/ Frame 11A8 		31 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
b2bd2a54b7031d15ccb1697d33ca0c30c4697dbf8e95c51e23c844849b968722

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=60
Connection
keep-alive
Content-Length
31421
Content-Type
text/html; charset=utf-8
Date
Wed, 24 Jan 2024 07:01:08 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079668&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e6ftY1VATMuDPEQnuwTJUtWam6P6RbaAglWK2Rs6PiY%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079668&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e6ftY1VATMuDPEQnuwTJUtWam6P6RbaAglWK2Rs6PiY%3D
Server
hypercorn-h11
Via
1.1 vegur
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bd66f5176f2a635feea425701d5a82db31276dc37c02e128c2df0843c95646b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51494
x-xss-protection
0
server
cafe
etag
2323821146696455022
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 24 Jan 2024 07:01:08 GMT
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
27597
x-served-by
cache-iad-kjyo7100044-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
/
fundist-rebel-news.herokuapp.com/form/ Frame 729A 		31 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
b2bd2a54b7031d15ccb1697d33ca0c30c4697dbf8e95c51e23c844849b968722

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=60
Connection
keep-alive
Content-Length
31421
Content-Type
text/html; charset=utf-8
Date
Wed, 24 Jan 2024 07:01:08 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079668&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e6ftY1VATMuDPEQnuwTJUtWam6P6RbaAglWK2Rs6PiY%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079668&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e6ftY1VATMuDPEQnuwTJUtWam6P6RbaAglWK2Rs6PiY%3D
Server
hypercorn-h11
Via
1.1 vegur
cd-arrow.svg
d3n8a8pro7vhmx.cloudfront.net/themes/5dfbe26ec29480731ae5e3d9/attachments/original/1484575955/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/themes/5dfbe26ec29480731ae5e3d9/attachments/original/1484575955/cd-arrow.svg?1484575955
Requested by
Host: rebelnewscss-1756d.kxcdn.com
URL: https://rebelnewscss-1756d.kxcdn.com/theme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-77.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53ba6e49ea8e838495e817f4a8f410a426f8083bfe560ea623823985b1a005cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rebelnewscss-1756d.kxcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 23 Jan 2024 10:45:43 GMT
via
1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
last-modified
Thu, 19 Dec 2019 20:53:00 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
age
72982
x-amz-server-side-encryption
AES256
etag
"e4f3e937b8ec432626789fbea7a06a6f"
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
1037
x-amz-cf-id
COYu6srCx8r1mB6lXQuRVad_ONN-gN_f4RRyabxUR_pQPOAtyxLY9g==
fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: rebelnewscss-1756d.kxcdn.com
URL: https://rebelnewscss-1756d.kxcdn.com/theme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rebelnewscss-1756d.kxcdn.com/
Origin
https://www.rebelnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
5121739
cdn-cachedat
12/27/2021 13:08:34
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
71896
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
8ad7be9e6b4391a0cc8b015776796347
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
84a66746fd9b58ea-TXL
cdn-requestpullsuccess
True
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rebelnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:38:42 GMT
x-content-type-options
nosniff
age
26546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24408
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:14:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:38:42 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rebelnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 00:59:34 GMT
x-content-type-options
nosniff
age
108094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 00:59:34 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rebelnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:27:28 GMT
x-content-type-options
nosniff
age
38020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 20:27:28 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rebelnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 22:07:30 GMT
x-content-type-options
nosniff
age
118418
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 22:07:30 GMT
email-decode.min.js
www.rebelnews.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rebelnews.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Jan 2024 15:56:35 GMT
server
cloudflare
etag
W/"65aa9bb3-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
84a6674699276a78-TXL
expires
Fri, 26 Jan 2024 07:01:08 GMT
/
fundist-rebel-news.herokuapp.com/form/ Frame 3182 		31 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
b2bd2a54b7031d15ccb1697d33ca0c30c4697dbf8e95c51e23c844849b968722

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=60
Connection
keep-alive
Content-Length
31421
Content-Type
text/html; charset=utf-8
Date
Wed, 24 Jan 2024 07:01:08 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079668&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e6ftY1VATMuDPEQnuwTJUtWam6P6RbaAglWK2Rs6PiY%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079668&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e6ftY1VATMuDPEQnuwTJUtWam6P6RbaAglWK2Rs6PiY%3D
Server
hypercorn-h11
Via
1.1 vegur
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
14cc7fca3d03e0749d878e1e44fa525aaa7f251f7363c757df59ae957701b6c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 07:01:08 GMT
content-md5
LeJ29Fcawl7yYN87VODotg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-debug
OaMODzfjgmZPQXb/gVp66ACFmGhss+K7+v3tdJFALN4HpUgsUIiGB9Ffk6oHmkjYYu13IhVnuY+U72rq3D8d3Q==
x-fb-content-md5
8d60d3d25a5affee08e43feddea14f19
cross-origin-opener-policy
same-origin-allow-popups
etag
"3975ad8ac8e8073beaf17328c2441729"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 24 Jan 2024 07:09:38 GMT
media.html
cdn.embedly.com/widgets/ Frame 8CC2 		394 KB
99 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FfaWDFvv7lUc%3Fwmode%3Dtransparent%26rel%3D0&wmode=transparent&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DfaWDFvv7lUc&image=http%3A%2F%2Fi.ytimg.com%2Fvi%2FfaWDFvv7lUc%2Fhqdefault.jpg&key=e23856ccc1f011e0b5e44040d3dc5c07&type=text%2Fhtml&schema=youtube
Requested by
Host: assets.nationbuilder.com
URL: https://assets.nationbuilder.com/assets/liquid/main-c2d17f5c65a7fbd197b7a65357ac82be1a4ff51b2932b32fd233152158bca307.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.89.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d455980edce2584f189cdb5ca018b9378d064b9583634e9c282a30f8ee9bd9db

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
HIT
CF-RAY
84a667475fb34504-TXL
Cache-Control
public, max-age=300
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Jan 2024 07:01:08 GMT
Expires
Wed, 24 Jan 2024 07:06:08 GMT
Last-Modified
Fri, 20 Oct 2023 15:40:19 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
3em89+ker6fw4JB/xBjMrj4AngfPCZrSXkNeynIzGJgYHaJ0gnLw5ONIO0w4auLyMuqx7piwuJE=
x-amz-request-id
RA6MB8C8D4QYVSG1
x-amz-server-side-encryption
AES256
x-amz-version-id
dPatn9cWy1a3koYXW__a8L1O26GGb2jB
sdk.js
connect.facebook.net/en_US/ 		303 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=dd6581eb2a78fd46f12c2ed61f3ffabd
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6f62ddc67ea2d9a9991bddee58ee42040505399538ed6b4c74425857d7f8098a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.rebelnews.com/
Origin
https://www.rebelnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 07:01:08 GMT
content-md5
oJz5oXqrCFiMOZuC60m1pg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88457
x-fb-debug
NXUQ7l9yLUaOhsmCoPwylHRU+fsFAXulB+p+QLs8wns7mNpBOA8fYzvFHep2LHNFdcoto9IqJ6mehCVjrxS4Xw==
x-fb-content-md5
d9ded04c593385c1c3fc3653ccad8d93
cross-origin-opener-policy
same-origin-allow-popups
etag
"7e74a857f5d34728c36767734350544e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 23 Jan 2025 02:17:06 GMT
iframe_api
www.youtube.com/ Frame 8CC2 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: cdn.embedly.com
URL: https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FfaWDFvv7lUc%3Fwmode%3Dtransparent%26rel%3D0&wmode=transparent&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DfaWDFvv7lUc&image=http%3A%2F%2Fi.ytimg.com%2Fvi%2FfaWDFvv7lUc%2Fhqdefault.jpg&key=e23856ccc1f011e0b5e44040d3dc5c07&type=text%2Fhtml&schema=youtube
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
703cc28e737acb7f534f81cbb649d9e790cbb000bc38c67417b19a1f3e3998fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.embedly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 24 Jan 2024 07:01:08 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=1679673749184434&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=dd6581eb2a78fd46f12c2ed61f3ffabd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
strict-transport-security
max-age=15552000; preload
date
Wed, 24 Jan 2024 07:01:08 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
LwvkB0mqhTgeQNNNuSEoAckmZODYLt2mrH5NNY6C+RYlysCtln+xsaM0MA4c+2xKmzNf5hhQ5wyqbd9+FHdCiA==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.rebelnews.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires
Sat, 01 Jan 2000 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 		403 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2971918791097124&plah=www.rebelnews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d8ca61d985732f0d5453cc95e7b47b1624111c59a7c22d5526815021cd2786b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139801
x-xss-protection
0
server
cafe
etag
8332051071612191834
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 07:01:08 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 4BC6 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26431
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 23:40:37 GMT
etag
3890843268177463596
expires
Tue, 06 Feb 2024 23:40:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		292 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZHKF44EVZV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSB758F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c72cc5ebd8b6f66c563d9a227d32c57739ce4078bbedb38875714d6e5771c5fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96290
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 07:01:08 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSB758F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 05:30:44 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5424
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 24 Jan 2024 07:30:44 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/942226283/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942226283/?random=1706079668649&cv=11&fst=1706079668649&bg=ffffff&guid=ON&async=1&gtm=45He41m0v831594648&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&hn=www.googleadservices.com&frm=0&tiba=Threats%20against%20Avi%20continue%20to%20ESCALATE%20as%20his%20former%20gym%20is%20FIREBOMBED!%20-%20Rebel%20News&pscdl=noapi&auid=107430785.1706079669&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSB758F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfe1c4260e681755d3c436f57618b097e7a46b613eb4841033db619970949c50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1399
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/b31b88f2/www-widgetapi.vflset/ Frame 8CC2 		216 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b31b88f2/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4d07513670eaa456a8c421f89b78eda11dcecbd5d49456a1e60774f3ef491c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.embedly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:55:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
326
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68592
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:13:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 23 Jan 2025 06:55:42 GMT
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 7731 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.rebelnews.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 07:01:08 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kjyo7100176-IAD, cache-fra-eddf8230021-FRA
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 8506 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1431
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:37:24 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 19 Jan 2024 21:19:51 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
q-ASUGeMnH4HLsDSGtlasSGwfNtmdJveW1ckoNnnf56RcTX7T1GlLw==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
comments.php
www.facebook.com/v18.0/plugins/ Frame 86A5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v18.0/plugins/comments.php?app_id=1679673749184434&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9a66fb5eb16a0a6d%26domain%3Dwww.rebelnews.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rebelnews.com%252Ffca59c784b8478f73%26relation%3Dparent.parent&container_width=766&height=100&href=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&locale=en_US&sdk=joey&version=v18.0&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=dd6581eb2a78fd46f12c2ed61f3ffabd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 24 Jan 2024 07:01:08 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
5Ok+gmqaLI0u+LJoWyLIYyVZsgqAqQWd0E+mZMkW0XwRcJ53yIV6j+PZF3vpAibpeeeZdcuW6Mmeb2SgU9PHZw==
x-frame-options
DENY
x-xss-protection
0
main.js
www.rebelnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 61FC
Redirect Chain
  • https://www.rebelnews.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.rebelnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rebelnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e8e36bbeaed676fc3e6a551525846901b2447fc80b5afcf0d7b3845161bc386
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
84a66749d8986a78-TXL
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 24 Jan 2024 07:01:08 GMT
server
cloudflare
vary
accept-encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
84a667499ff86a78-TXL
alt-svc
h3=":443"; ma=86400
default
services.inplayer.com/branding/paywall/650d87b1-cd03-491a-af27-d4a109b83a46/ 		908 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.inplayer.com/branding/paywall/650d87b1-cd03-491a-af27-d4a109b83a46/default
Requested by
Host: assets.inplayer.com
URL: https://assets.inplayer.com/paywall/v3/paywall.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4600:5:2cea:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront / InPlayer/2.0 (+https://services.inplayer.com)
Resource Hash
0366197940c089239ccf24a538c6570ecb13718d1b2b30aa21edd6b609ad1a03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Accept
application/json
Referer
https://www.rebelnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-inplayer-token
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImp0aSI6IiJ9.eyJhdWQiOiIiLCJqdGkiOiIiLCJpYXQiOjAsIm5iZiI6MCwiZXhwIjowLCJzdWIiOiIiLCJzY29wZXMiOltdLCJtaWQiOjAsImFpZCI6MCwibXVpIjoiIiwiY3R4IjpbXSwidGlkIjowLCJ0dXVpZCI6IiIsIm9pZCI6MH0.rntcaTcrPAGjv-8U_DfWehT_ZWwy1D5S5d6S-iPFZ2o
date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
via
1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-cf-pop
ZRH50-C1
x-powered-by
InPlayer/2.0 (+https://services.inplayer.com)
x-cache
Miss from cloudfront
content-length
450
x-request-id
c7ffd471bb24aeb20e3bf0fc34456313
last-modified
Sat, 22 Feb 2020 18:32:00 GMT
server
CloudFront
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-InPlayer-Token
cache-control
public, max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Authorization, X-Requested-With, Content-Type, Accept
x-amz-cf-id
wVuvu1eRRfQXxwfkjofbTwY0RMArw3U0gXYKG0sey3Brey2qUyYN6Q==
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 8506 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:37:24 GMT
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
1430
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 19 Jan 2024 21:19:50 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
fD-OUBZj4P5fCFCZHp_Vct7Y75s5PbIM_B-XjPWUOhSoF7pLMIVTFQ==
csp-report
q.stripe.com/ Frame 8506 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079669293682
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079669293066
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 8506 		0
718 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079669293349
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079669292953
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
collect
region1.analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-ZHKF44EVZV&gtm=45je41m0v9117528280z8831594648&_p=1706079668211&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1962594539.1706079669&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706079668&sct=1&seg=0&dl=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&dt=Threats%20against%20Avi%20continue%20to%20ESCALATE%20as%20his%20former%20gym%20is%20FIREBOMBED!%20-%20Rebel%20News&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3289
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHKF44EVZV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 07:01:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rebelnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZHKF44EVZV&cid=1962594539.1706079669&gtm=45je41m0v9117528280z8831594648&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHKF44EVZV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 07:01:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rebelnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZHKF44EVZV&cid=1962594539.1706079669&gtm=45je41m0v9117528280z8831594648&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1593801672
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 07:01:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame 7731 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=169ad7e2186263f1cc27fd0c20cbb887af91a738
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.rebelnews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
108
date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 24 Jan 2024 07:01:09 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
2d2a4298c4eae482
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7469935968
x-connection-hash
17fe8512d2a6f1336a6f3d4c98499dfaae5785e67c78033d83e5e904f96ee0f3
content-length
337
inner.html
m.stripe.network/ Frame 8EDF 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:f800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
189
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:58:01 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 478446fb4d72a1fd99b9a7a5157265f4.cloudfront.net (CloudFront)
x-amz-cf-id
Mf5OjKXs7p5N0h4UtLgLqEJtvusNvL0E_SdtFZuskPmL7N3nASoBbw==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
css2
fonts.googleapis.com/ Frame 3182 		5 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 06:16:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jan 2024 07:01:08 GMT
fundist.min.css
fundist-rebel-news.herokuapp.com/static/dist/ Frame 3182 		385 KB
385 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.css?ver=30
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
1816fd7a1782e9aa79243318eb8a02554df96f69a3ef42845f342e9155044570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 07:01:08 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Thu, 21 Dec 2023 23:01:04 GMT
Server
hypercorn-h11
Etag
"1703199664.0-393732-935202633"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079668&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e6ftY1VATMuDPEQnuwTJUtWam6P6RbaAglWK2Rs6PiY%3D"}]}
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
393732
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079668&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=e6ftY1VATMuDPEQnuwTJUtWam6P6RbaAglWK2Rs6PiY%3D
Expires
Wed, 24 Jan 2024 19:01:08 GMT
protect_avi_donation_fundist.jpg
assets.nationbuilder.com/therebel/pages/72194/attachments/original/1699568535/ Frame 3182 		333 KB
333 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nationbuilder.com/therebel/pages/72194/attachments/original/1699568535/protect_avi_donation_fundist.jpg?1699568535
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
614f47e5c39ec4c2423f03d9085aa3f774ce7cca803d075ed7da4541df527fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
via
1.1 63433181ad575db593361f546b85514e.cloudfront.net (CloudFront)
x-amz-version-id
5_JBFyIA0jpQmqd4dPpJRk5AknloqIf3
cf-cache-status
HIT
x-amz-cf-pop
WAW51-P2
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
340828
cf-bgj
h2pri
last-modified
Thu, 09 Nov 2023 22:22:16 GMT
server
cloudflare
etag
"a3dc369df0e70442148203668a7c4b6b"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84a6674a5bb7aca7-TXL
x-amz-cf-id
sopcFG-qP5lTfy_5ir2dVigQIgJGptQW9GJCdClHbpxo0M7TpQhKJQ==
expires
Wed, 24 Jan 2024 11:01:08 GMT
css2
fonts.googleapis.com/ Frame 11A8 		5 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 06:38:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jan 2024 07:01:08 GMT
fundist.min.css
fundist-rebel-news.herokuapp.com/static/dist/ Frame 11A8 		385 KB
385 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.css?ver=30
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
1816fd7a1782e9aa79243318eb8a02554df96f69a3ef42845f342e9155044570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 07:01:09 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Thu, 21 Dec 2023 23:01:04 GMT
Server
hypercorn-h11
Etag
"1703199664.0-393732-935202633"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D"}]}
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
393732
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D
Expires
Wed, 24 Jan 2024 19:01:09 GMT
protect_avi_donation_fundist.jpg
assets.nationbuilder.com/therebel/pages/72194/attachments/original/1699568535/ Frame 11A8 		333 KB
333 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nationbuilder.com/therebel/pages/72194/attachments/original/1699568535/protect_avi_donation_fundist.jpg?1699568535
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
614f47e5c39ec4c2423f03d9085aa3f774ce7cca803d075ed7da4541df527fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
via
1.1 63433181ad575db593361f546b85514e.cloudfront.net (CloudFront)
x-amz-version-id
5_JBFyIA0jpQmqd4dPpJRk5AknloqIf3
cf-cache-status
REVALIDATED
x-amz-cf-pop
WAW51-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
340828
cf-bgj
h2pri
last-modified
Thu, 09 Nov 2023 22:22:16 GMT
server
cloudflare
etag
"a3dc369df0e70442148203668a7c4b6b"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84a6674a5bd3aca7-TXL
x-amz-cf-id
sopcFG-qP5lTfy_5ir2dVigQIgJGptQW9GJCdClHbpxo0M7TpQhKJQ==
expires
Wed, 24 Jan 2024 11:01:08 GMT
css2
fonts.googleapis.com/ Frame 729A 		5 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 06:46:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jan 2024 07:01:08 GMT
fundist.min.css
fundist-rebel-news.herokuapp.com/static/dist/ Frame 729A 		385 KB
385 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.css?ver=30
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
1816fd7a1782e9aa79243318eb8a02554df96f69a3ef42845f342e9155044570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 07:01:09 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Thu, 21 Dec 2023 23:01:04 GMT
Server
hypercorn-h11
Etag
"1703199664.0-393732-935202633"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D"}]}
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
393732
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D
Expires
Wed, 24 Jan 2024 19:01:09 GMT
protect_avi_donation_fundist.jpg
assets.nationbuilder.com/therebel/pages/72194/attachments/original/1699568535/ Frame 729A 		333 KB
333 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nationbuilder.com/therebel/pages/72194/attachments/original/1699568535/protect_avi_donation_fundist.jpg?1699568535
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
614f47e5c39ec4c2423f03d9085aa3f774ce7cca803d075ed7da4541df527fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
via
1.1 63433181ad575db593361f546b85514e.cloudfront.net (CloudFront)
x-amz-version-id
5_JBFyIA0jpQmqd4dPpJRk5AknloqIf3
cf-cache-status
HIT
x-amz-cf-pop
WAW51-P2
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
340828
cf-bgj
h2pri
last-modified
Thu, 09 Nov 2023 22:22:16 GMT
server
cloudflare
etag
"a3dc369df0e70442148203668a7c4b6b"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84a6674a6bf2aca7-TXL
x-amz-cf-id
sopcFG-qP5lTfy_5ir2dVigQIgJGptQW9GJCdClHbpxo0M7TpQhKJQ==
expires
Wed, 24 Jan 2024 11:01:08 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 19AC 		0
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&adk=1812271804&adf=3025194257&lmt=1706079668&plaf=1%3A2%2C2%3A2&plat=1%3A128%2C2%3A128%2C3%3A16%2C4%3A16%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668605&bpp=3&bdt=2053&idt=253&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8338586917157&frm=20&pv=2&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=271
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2971918791097124&plah=www.rebelnews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 07:01:09 GMT
expires
Wed, 24 Jan 2024 07:01:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
84a66739ffd56a74
www.rebelnews.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 61FC 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rebelnews.com/cdn-cgi/challenge-platform/h/g/jsd/r/84a66739ffd56a74
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
br
server
cloudflare
cf-ray
84a6674b2b206a78-TXL
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
ads
googleads.g.doubleclick.net/pagead/ Frame B6D6 		135 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=2567848006&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079668&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668608&bpp=1&bdt=2056&idt=376&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=380
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2971918791097124&plah=www.rebelnews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c77966b5f9c6df1ce9dbc18844c96a5dc38bdef5553ab72b367221c13e7e07f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43457
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 07:01:10 GMT
expires
Wed, 24 Jan 2024 07:01:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		16 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1371541683&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&ul=en-us&de=UTF-8&dt=Threats%20against%20Avi%20continue%20to%20ESCALATE%20as%20his%20former%20gym%20is%20FIREBOMBED!%20-%20Rebel%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2138461388&gjid=1553177236&cid=1962594539.1706079669&tid=UA-151986661-1&_gid=1671825454.1706079669&_r=1&_slc=1&gtm=45He41m0n81NSB758Fv831594648&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&z=1333934958
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
4dfda583d0aad93d493f4eb9f7623c2746149a36ef4f92e8eeca47dd54cd1030
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rebelnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 07:01:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rebelnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/942226283/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/942226283/?random=1706079668649&cv=11&fst=1706079600000&bg=ffffff&guid=ON&async=1&gtm=45He41m0v831594648&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&frm=0&tiba=Threats%20against%20Avi%20continue%20to%20ESCALATE%20as%20his%20former%20gym%20is%20FIREBOMBED!%20-%20Rebel%20News&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Y-e7IwYo8wHPRe9KQ7kKaO115wZ8MA&random=3181333196&rmt_tld=0&ipr=y
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 07:01:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/942226283/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/942226283/?random=1706079668649&cv=11&fst=1706079600000&bg=ffffff&guid=ON&async=1&gtm=45He41m0v831594648&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&frm=0&tiba=Threats%20against%20Avi%20continue%20to%20ESCALATE%20as%20his%20former%20gym%20is%20FIREBOMBED!%20-%20Rebel%20News&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Y-e7IwYo8wHPRe9KQ7kKaO115wZ8MA&random=3181333196&rmt_tld=1&ipr=y
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 07:01:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
faWDFvv7lUc
www.youtube.com/embed/ Frame 620B 		93 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
689abbd8adccbeb19847bec888f2cbd0bd0a8ee88f2b5b03f5e35ff1994507c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.embedly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 07:01:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5774 		133 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2057&idt=409&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=413
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2971918791097124&plah=www.rebelnews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b892d116167915ffae9a964454a6b179e58a4be94c893d40deb859ce84dea8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43523
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 07:01:09 GMT
expires
Wed, 24 Jan 2024 07:01:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
iframeResizer.contentWindow.min.js
fundist-rebel-news.herokuapp.com/static/dist/ Frame 3182 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/static/dist/iframeResizer.contentWindow.min.js
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
adb0b68a61c32480585085ef7fe5e2618fb67179a24a572d947808fabadecd0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 07:01:09 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Mon, 02 Aug 2021 13:43:38 GMT
Server
hypercorn-h11
Etag
"1627911818.0-13615-2828801753"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D"}]}
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13615
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D
Expires
Wed, 24 Jan 2024 19:01:09 GMT
bootstrap.min.js
fundist-rebel-news.herokuapp.com/static/dist/ Frame 3182 		59 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/static/dist/bootstrap.min.js
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 07:01:09 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Tue, 22 Jun 2021 18:29:16 GMT
Server
hypercorn-h11
Etag
"1624386556.0-60089-1222578110"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D"}]}
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60089
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D
Expires
Wed, 24 Jan 2024 19:01:09 GMT
/
js.stripe.com/v3/ Frame 3182 		586 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3113bf467de4971f85467af36358ce6000e13b77b4e8991a8a0e746a07eb73f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
10
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:43:59 GMT
server
Cloudfront
etag
W/"a91e0aff9b48ab71024887a3d829f605"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
ndj2d3ELClYV48VPxADa97NRsmRAE71v-HA6YqmD4iy1dify4Gsm0w==
fundist.min.js
fundist-rebel-news.herokuapp.com/static/dist/ Frame 3182 		73 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.js?ver=30
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
b9cca2c30baac21c67aef5c0d78e527453340d961f61d2b06ec2f1e9e5b089c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 07:01:09 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Wed, 18 Oct 2023 22:51:24 GMT
Server
hypercorn-h11
Etag
"1697669484.0-75094-679677661"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D"}]}
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75094
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D
Expires
Wed, 24 Jan 2024 19:01:09 GMT
iframeResizer.contentWindow.min.js
fundist-rebel-news.herokuapp.com/static/dist/ Frame 11A8 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/static/dist/iframeResizer.contentWindow.min.js
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
adb0b68a61c32480585085ef7fe5e2618fb67179a24a572d947808fabadecd0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 07:01:09 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Mon, 02 Aug 2021 13:43:38 GMT
Server
hypercorn-h11
Etag
"1627911818.0-13615-2828801753"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D"}]}
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13615
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D
Expires
Wed, 24 Jan 2024 19:01:09 GMT
bootstrap.min.js
fundist-rebel-news.herokuapp.com/static/dist/ Frame 11A8 		59 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/static/dist/bootstrap.min.js
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 07:01:09 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Tue, 22 Jun 2021 18:29:16 GMT
Server
hypercorn-h11
Etag
"1624386556.0-60089-1222578110"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D"}]}
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60089
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D
Expires
Wed, 24 Jan 2024 19:01:09 GMT
/
js.stripe.com/v3/ Frame 11A8 		586 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3113bf467de4971f85467af36358ce6000e13b77b4e8991a8a0e746a07eb73f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:00:58 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
12
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:44:00 GMT
server
Cloudfront
etag
W/"a91e0aff9b48ab71024887a3d829f605"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
MrX5Graacgm4WILYD4PqKbgiX1xDzv6C0rOAFU22z8mJ1s9BRj5RNg==
fundist.min.js
fundist-rebel-news.herokuapp.com/static/dist/ Frame 11A8 		73 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.js?ver=30
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
b9cca2c30baac21c67aef5c0d78e527453340d961f61d2b06ec2f1e9e5b089c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 07:01:09 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Wed, 18 Oct 2023 22:51:24 GMT
Server
hypercorn-h11
Etag
"1697669484.0-75094-679677661"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D"}]}
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75094
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D
Expires
Wed, 24 Jan 2024 19:01:09 GMT
iframeResizer.contentWindow.min.js
fundist-rebel-news.herokuapp.com/static/dist/ Frame 729A 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/static/dist/iframeResizer.contentWindow.min.js
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
adb0b68a61c32480585085ef7fe5e2618fb67179a24a572d947808fabadecd0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 07:01:09 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Mon, 02 Aug 2021 13:43:38 GMT
Server
hypercorn-h11
Etag
"1627911818.0-13615-2828801753"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D"}]}
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13615
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D
Expires
Wed, 24 Jan 2024 19:01:09 GMT
bootstrap.min.js
fundist-rebel-news.herokuapp.com/static/dist/ Frame 729A 		59 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/static/dist/bootstrap.min.js
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 07:01:09 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Tue, 22 Jun 2021 18:29:16 GMT
Server
hypercorn-h11
Etag
"1624386556.0-60089-1222578110"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D"}]}
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60089
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D
Expires
Wed, 24 Jan 2024 19:01:09 GMT
/
js.stripe.com/v3/ Frame 729A 		586 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3113bf467de4971f85467af36358ce6000e13b77b4e8991a8a0e746a07eb73f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:08 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
10
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:43:59 GMT
server
Cloudfront
etag
W/"a91e0aff9b48ab71024887a3d829f605"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
GtALn3NXI9uw2AwvZD5jLkwoX-x7Ez2-lSqzq-4mumpu44fobAJcSw==
fundist.min.js
fundist-rebel-news.herokuapp.com/static/dist/ Frame 729A 		73 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundist-rebel-news.herokuapp.com/static/dist/fundist.min.js?ver=30
Requested by
Host: fundist-rebel-news.herokuapp.com
URL: https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-24.compute-1.amazonaws.com
Software
hypercorn-h11 /
Resource Hash
b9cca2c30baac21c67aef5c0d78e527453340d961f61d2b06ec2f1e9e5b089c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/form/?iframe=1&tag=protect_avi_donation_fundist&title=Help+protect+Avi+Yemini&subtitle=Avi+is+used+to+haters+and+threats+on+the+streets+as+a+reporter.+But+it+has+crossed+the+line+and+gone+to+the+next+level.+Help+Avi+protect+himself+and+his+family+so+he+can+continue+to+tell+the+other+side+of+the+story+without+fear.&image=https%3A%2F%2Fassets.nationbuilder.com%2Ftherebel%2Fpages%2F72194%2Fattachments%2Foriginal%2F1699568535%2Fprotect_avi_donation_fundist.jpg%3F1699568535&amounts=10%2C25%2C50%2C75%2C100%2C250%2C500%2C1000%2C2500&amount=100&currency=aud&country_code=au&custom_field=tags%3Aavi+fan&goal=1000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 07:01:09 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Wed, 18 Oct 2023 22:51:24 GMT
Server
hypercorn-h11
Etag
"1697669484.0-75094-679677661"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D"}]}
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75094
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706079669&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=1mjRSv1kRknvHw9M1lK4ONOxHAF%2FKJmSZHLCkiuAU2s%3D
Expires
Wed, 24 Jan 2024 19:01:09 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EC45 		119 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2058&idt=421&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=423
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2971918791097124&plah=www.rebelnews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45e0dc24777f9a72a69a05c0430712ea5fb6e1b984faf764955cd516419db9b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42564
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 07:01:09 GMT
expires
Wed, 24 Jan 2024 07:01:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csp-report
q.stripe.com/ Frame 8EDF 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079669294010
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1706079669293013
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 8EDF 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:f800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:56:58 GMT
content-encoding
gzip
via
1.1 478446fb4d72a1fd99b9a7a5157265f4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
252
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
ZRH55-P1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
6ONLW2-BifNeycg4ZCfy7p__QpKHvTSjdBYLrxQMqPulMIu3EgbSCw==
ads
googleads.g.doubleclick.net/pagead/ Frame 1F79 		172 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2971918791097124&plah=www.rebelnews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f456f13db428283ed31e3ee83aeda8ddefe8bf16cc0ed4ec863367e602dc1a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
50394
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 07:01:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-151986661-1&cid=1962594539.1706079669&jid=2138461388&gjid=1553177236&_gid=1671825454.1706079669&_u=YADAAEAAAAAAACAAI~&z=238983277
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rebelnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 24 Jan 2024 07:01:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rebelnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		296 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZHKF44EVZV&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d1082b9b0eb476a372e4dc55b29047cbb87dc4516f0338a0d8de9030578e67d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98051
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 07:01:09 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame DB88 		135 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668611&bpp=1&bdt=2060&idt=691&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=694
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2971918791097124&plah=www.rebelnews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7bf03e458ec6f6bf423c86be020695d379a7621d21dbf50287e5dd568bb7e71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
43629
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 07:01:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/b31b88f2/ Frame 620B 		359 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b31b88f2/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
750b740cf3d6feb3e22d428027094fd0fc10899748f9616271b124cc1b7136d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:05:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
3322
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47496
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:13:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 23 Jan 2025 06:05:47 GMT
embed.js
www.youtube.com/s/player/b31b88f2/player_ias.vflset/de_DE/ Frame 620B 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e4af6e233457507fd1acf1acca6aa2d70281c1e73fdf7f257d17eeb3f8f0712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:38:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
26572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16815
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:13:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 22 Jan 2025 23:38:17 GMT
www-embed-player.js
www.youtube.com/s/player/b31b88f2/www-embed-player.vflset/ Frame 620B 		319 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b31b88f2/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ae564acdae2fc6ba5260123cbde9eaf28d1d2b18e47b6d063c956db466accfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
26190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97378
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:13:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 22 Jan 2025 23:44:39 GMT
base.js
www.youtube.com/s/player/b31b88f2/player_ias.vflset/de_DE/ Frame 620B 		2 MB
770 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d1e4b05acf8581095a48181a460dfa234834603c80a4a3a5ef75f5c62db9ac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
788730
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:13:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 22 Jan 2025 23:31:19 GMT
88959
services.inplayer.com/items/650d87b1-cd03-491a-af27-d4a109b83a46/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.inplayer.com/items/650d87b1-cd03-491a-af27-d4a109b83a46/88959
Requested by
Host: assets.inplayer.com
URL: https://assets.inplayer.com/paywall/v3/paywall.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4600:5:2cea:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront / InPlayer/2.0 (+https://services.inplayer.com)
Resource Hash
d0a280e23c0dbdd7ae4b610f0a74fb0a7259d58ddadccc2ddef2e590f1325d3d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Accept
application/json
Referer
https://www.rebelnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-inplayer-token
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImp0aSI6IiJ9.eyJhdWQiOiIiLCJqdGkiOiIiLCJpYXQiOjAsIm5iZiI6MCwiZXhwIjowLCJzdWIiOiIiLCJzY29wZXMiOltdLCJtaWQiOjAsImFpZCI6MCwibXVpIjoiIiwiY3R4IjpbXSwidGlkIjowLCJ0dXVpZCI6IiIsIm9pZCI6MH0.rntcaTcrPAGjv-8U_DfWehT_ZWwy1D5S5d6S-iPFZ2o
date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
via
1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-cf-pop
ZRH50-C1
x-powered-by
InPlayer/2.0 (+https://services.inplayer.com)
x-cache
Miss from cloudfront
content-length
494
x-request-id
292361cde5762d2cc37233b3d14103eb
last-modified
Sun, 27 Jun 2021 21:49:34 GMT
server
CloudFront
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-InPlayer-Token
cache-control
public, max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Authorization, X-Requested-With, Content-Type, Accept
x-amz-cf-id
XjjL2G7ZUlLsoOuOgGE3QI9ou-qlYdJmgtO24aTDNAjkyH39-oqAmg==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 620B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 05:31:50 GMT
x-content-type-options
nosniff
age
178159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 05:31:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 620B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 09:09:14 GMT
x-content-type-options
nosniff
age
78715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 09:09:14 GMT
tweet.d7aeb21a88e025d2ea5f5431a103f586.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/tweet.d7aeb21a88e025d2ea5f5431a103f586.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
2725
x-served-by
cache-iad-kjyo7100154-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 11 Dec 2023 17:19:47 GMT
etag
"1836187c57e3f0873abebe6985a39f5a+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
6
m.stripe.com/ Frame 8EDF 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.50.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-50-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
de683c3bdf10d8bb3f97ee1da27198798aabf857379b757e9469da1da7d7522a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079669913393
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1706079669913006
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
Tweet.html
platform.twitter.com/embed/ Frame 8526 		345 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c39b484830fe9d9a4ab6386523a55932b2798d53eda0256828c1c7019f30db5

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=1800
content-encoding
gzip
content-length
214
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 07:01:09 GMT
etag
"f6d70a110dacf784d914a7bbb2a7d61b+gzip"
last-modified
Sat, 07 Oct 2023 22:50:35 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kjyo7100138-IAD, cache-fra-eddf8230021-FRA
Tweet.html
platform.twitter.com/embed/ Frame 7B01 		345 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749548156617146559&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c39b484830fe9d9a4ab6386523a55932b2798d53eda0256828c1c7019f30db5

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=1800
content-encoding
gzip
content-length
214
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 07:01:09 GMT
etag
"f6d70a110dacf784d914a7bbb2a7d61b+gzip"
last-modified
Sat, 07 Oct 2023 22:50:35 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kjyo7100138-IAD, cache-fra-eddf8230021-FRA
truncated
/ Frame 3182 		183 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
829ad3ed0c2f892e7df84989078dd4246fc0a5f1a179439e6314462465dbb2f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 3182 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fundist-rebel-news.herokuapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:27:28 GMT
x-content-type-options
nosniff
age
38021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 20:27:28 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 3182 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fundist-rebel-news.herokuapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 22:07:30 GMT
x-content-type-options
nosniff
age
118419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 22:07:30 GMT
S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ Frame 3182 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fundist-rebel-news.herokuapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:34 GMT
x-content-type-options
nosniff
age
26975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17728
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:31:34 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ Frame 3182 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fundist-rebel-news.herokuapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:38:42 GMT
x-content-type-options
nosniff
age
26547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24408
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:14:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:38:42 GMT
embed.runtime.30e39e232aef74d6b314.js
platform.twitter.com/embed/ Frame 8526 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
54e0bff3b45c5a11d6cbc7173c2bc1f95ed306d1dc968edd966ce6747c2ab6a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
4231
x-served-by
cache-iad-kcgs7200110-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"a94f2c8e562dd94ba8264b04299bbc31+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.9449.143d97ea3ade6f4824dc.js
platform.twitter.com/embed/ Frame 8526 		488 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.9449.143d97ea3ade6f4824dc.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d821142be15916ca24d5c5257de8c518b37021e70b346af8e96cbd3aac5a1971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
162768
x-served-by
cache-iad-kiad7000078-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"a096d4d712d8664b5f72fc16777f624e+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.Tweet.61c9a11318b778002223.js
platform.twitter.com/embed/ Frame 8526 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.61c9a11318b778002223.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a293e1e62926607a91fac1e70be95cff6b357be1162f8425a4ed1aba339e186d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
14004
x-served-by
cache-iad-kjyo7100134-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"72cf5b19f8c06f163ed659346b6c0234+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.runtime.30e39e232aef74d6b314.js
platform.twitter.com/embed/ Frame 7B01 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749548156617146559&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
54e0bff3b45c5a11d6cbc7173c2bc1f95ed306d1dc968edd966ce6747c2ab6a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749548156617146559&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
4231
x-served-by
cache-iad-kcgs7200110-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"a94f2c8e562dd94ba8264b04299bbc31+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.9449.143d97ea3ade6f4824dc.js
platform.twitter.com/embed/ Frame 7B01 		488 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.9449.143d97ea3ade6f4824dc.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749548156617146559&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d821142be15916ca24d5c5257de8c518b37021e70b346af8e96cbd3aac5a1971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749548156617146559&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
162768
x-served-by
cache-iad-kiad7000078-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"a096d4d712d8664b5f72fc16777f624e+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.Tweet.61c9a11318b778002223.js
platform.twitter.com/embed/ Frame 7B01 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.61c9a11318b778002223.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749548156617146559&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a293e1e62926607a91fac1e70be95cff6b357be1162f8425a4ed1aba339e186d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749548156617146559&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
14004
x-served-by
cache-iad-kjyo7100134-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"72cf5b19f8c06f163ed659346b6c0234+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.749.467388cca0b3fe9c3291.js
platform.twitter.com/embed/ Frame 8526 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
6789
x-served-by
cache-iad-kjyo7100026-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"d3483b9c737e990765e6ba56d01154a3+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.i18n.en-js.3605b847d2e4afc15c0d.js
platform.twitter.com/embed/ Frame 8526 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.3605b847d2e4afc15c0d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd59c3bc5375338336d621772a3e26ecf1f58c7253cc5e3dcf802047173a84b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
1583
x-served-by
cache-iad-kcgs7200154-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"11ef2c964d5d614da8c769c495a8855b+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js
platform.twitter.com/embed/ Frame 8526 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
11289
x-served-by
cache-iad-kiad7000026-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"df117930505b95292615fd76b0e9369c+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.749.467388cca0b3fe9c3291.js
platform.twitter.com/embed/ Frame 7B01 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749548156617146559&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
6789
x-served-by
cache-iad-kjyo7100026-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"d3483b9c737e990765e6ba56d01154a3+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.i18n.en-js.3605b847d2e4afc15c0d.js
platform.twitter.com/embed/ Frame 7B01 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.3605b847d2e4afc15c0d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd59c3bc5375338336d621772a3e26ecf1f58c7253cc5e3dcf802047173a84b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749548156617146559&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
1583
x-served-by
cache-iad-kcgs7200154-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"11ef2c964d5d614da8c769c495a8855b+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js
platform.twitter.com/embed/ Frame 7B01 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749548156617146559&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
11289
x-served-by
cache-iad-kiad7000026-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"df117930505b95292615fd76b0e9369c+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame B3D9 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1432
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:37:24 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 19 Jan 2024 21:19:51 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
zsyrjmMXOLoTzaUiiGGZRyg9MG0LX-2n2JKTTmFzt6NAWOwBNAL7eQ==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
js.stripe.com/v3/ Frame 5090 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
5fc8ee00cc47368f6fdf6519a5df026aae2aac44b3c3cb79012027af13c1b17e
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
31
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 07:01:03 GMT
etag
"a8f00e403bc9538a7c1880ae6b6a2dc3"
last-modified
Tue, 23 Jan 2024 21:04:49 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
unArz0jKrOJLENX9f_uzlvu89yb2KUYmDw4dZkSY7w5Y3IAgGjViNQ==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
js.stripe.com/v3/ Frame 2B82 		408 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9fd703e836a5c337b7d201803a8a3f62f1d83e709f14bc5660bf1d8828f1e896
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2475
cache-control
max-age=31536000
content-length
408
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:19:56 GMT
etag
"663151670dfe2e17a3bc350be932abd3"
last-modified
Tue, 23 Jan 2024 21:05:05 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
X3RsEINdLjdWMZpfTE5-p6R4hQ-ylK17aSjJ1SIZ506G06_PYvNu3A==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
js.stripe.com/v3/ Frame 7478 		344 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b46d3024a6c36b8cd64ac80c86cc0ab15d5302944b0e09c0919889395579338f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
47
cache-control
max-age=60
content-length
344
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 07:00:23 GMT
etag
"2c6547c20acd86dbd815d5f2ec7d5a4f"
last-modified
Tue, 23 Jan 2024 21:05:05 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
HKZahgierN0osPi1UfSHvugZggnzHnaHaUBfia8MVNt5JyEOD2ifPg==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 952B 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1432
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:37:24 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 19 Jan 2024 21:19:51 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
76W27EIbAU7kjC90EyV0TAR6_OpEyUjUtSohcaw4-fDWQXlbpBmVXQ==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
js.stripe.com/v3/ Frame 4185 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
5fc8ee00cc47368f6fdf6519a5df026aae2aac44b3c3cb79012027af13c1b17e
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
31
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 07:01:03 GMT
etag
"a8f00e403bc9538a7c1880ae6b6a2dc3"
last-modified
Tue, 23 Jan 2024 21:04:49 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
6Jat52jPZ0pZXC07FpjFF_HQNRnqtLpG2zzTT-gh2tpS62YjBErk4Q==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
js.stripe.com/v3/ Frame 66B7 		408 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9fd703e836a5c337b7d201803a8a3f62f1d83e709f14bc5660bf1d8828f1e896
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2475
cache-control
max-age=31536000
content-length
408
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:19:56 GMT
etag
"663151670dfe2e17a3bc350be932abd3"
last-modified
Tue, 23 Jan 2024 21:05:05 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
exQYNg5KFJGV0rtxAcJI1becUNoKgbUVWVXSfTHK9Y6S5Bw0LZZF_g==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
js.stripe.com/v3/ Frame BD6F 		344 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b46d3024a6c36b8cd64ac80c86cc0ab15d5302944b0e09c0919889395579338f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
47
cache-control
max-age=60
content-length
344
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 07:00:23 GMT
etag
"2c6547c20acd86dbd815d5f2ec7d5a4f"
last-modified
Tue, 23 Jan 2024 21:05:05 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
YpqDLawINqSklcraIzXkKWkDE3kv38Z9cDRnmN7C0-0J23sBqqUrhQ==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
embed.9203.97b040640e3b329435c9.js
platform.twitter.com/embed/ Frame 8526 		267 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.9203.97b040640e3b329435c9.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1c009f307e70e03237797c7e3bbcc29fb1e683086cd36fe298cecdd8457921cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
83738
x-served-by
cache-iad-kcgs7200056-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"691b9586fce0d937b25fcf4f3130bc97+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.Tweet.af3480c242f6c21a47e5.js
platform.twitter.com/embed/ Frame 8526 		88 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.af3480c242f6c21a47e5.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37442f83b7b4a4b95f0bf937cc8a545b218593f4d37f9176ab91374ba36894f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
20752
x-served-by
cache-iad-kiad7000110-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"984e7cbd45e0ff91dc7b610ed59f333d+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.9203.97b040640e3b329435c9.js
platform.twitter.com/embed/ Frame 7B01 		267 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.9203.97b040640e3b329435c9.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1c009f307e70e03237797c7e3bbcc29fb1e683086cd36fe298cecdd8457921cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749548156617146559&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
83738
x-served-by
cache-iad-kcgs7200056-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"691b9586fce0d937b25fcf4f3130bc97+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.Tweet.af3480c242f6c21a47e5.js
platform.twitter.com/embed/ Frame 7B01 		88 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.af3480c242f6c21a47e5.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37442f83b7b4a4b95f0bf937cc8a545b218593f4d37f9176ab91374ba36894f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749548156617146559&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
20752
x-served-by
cache-iad-kiad7000110-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"984e7cbd45e0ff91dc7b610ed59f333d+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
4691061690816554023
tpc.googlesyndication.com/simgad/ Frame EC45 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4691061690816554023
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2058&idt=421&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef7192bf2c6dbef1bb27d2673a22610dfdbf6b9322e4b9aa45009c207d7b7699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 15:25:09 GMT
date
Tue, 23 Jan 2024 15:25:09 GMT
x-content-type-options
nosniff
age
56160
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153581
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 13:48:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame B3D9 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:37:24 GMT
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
1431
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 19 Jan 2024 21:19:50 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
bHY6JCxoAkKJEwI-F37op3YVMCNYdPVlmbuy7IcgQUk9O6gnUhr-zQ==
id
googleads.g.doubleclick.net/pagead/ Frame 620B 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b21c0985d94cf821da229867458987c0fe2693913bdb09820fd8a91df488c88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 620B 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:53:35 GMT
x-content-type-options
nosniff
age
454
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Jan 2024 07:08:35 GMT
pay.js
pay.google.com/gp/p/js/ Frame 2B82 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b13ac5db06aaef364bbea670ddcd08f23abd89018ced6134df333c0b35251afc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--SFMkxS13du_gBZcvmYYjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--SFMkxS13du_gBZcvmYYjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjqtHikmLw0pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEA_H1teH1rIJ_Og5f4wZAOl4N9w"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 24 Jan 2024 07:01:09 GMT
shared-04b07963a2be4592c691734b7eed0673.js
js.stripe.com/v3/fingerprinted/js/ Frame 2B82 		534 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:06:16 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3357
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:03 GMT
server
Cloudfront
etag
W/"95aa681b281a5fd9fb2c047afb2affcb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
PB5gRQF7yWDmyX4pdGx8uWD-sNYb7mgwAqHK-IOb7qmKmVPsOwwanA==
payment-request-inner-google-pay-d432dd3294f1501fc61a2463928f5b86.js
js.stripe.com/v3/fingerprinted/js/ Frame 2B82 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-d432dd3294f1501fc61a2463928f5b86.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
42fa6c755c6427833572147096b10125f7dd9f965e0bbc45763625e08f80f016
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:09:32 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3107
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Fri, 19 Jan 2024 18:03:23 GMT
server
Cloudfront
etag
W/"a535e80a392a5f530d16d7eeee51483d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
quYMXff_QP-ptCbH_m9v-viUJT6JJem1tjUTvBW8zZdDkzqeIlcAyg==
csp-report
q.stripe.com/ Frame B3D9 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079669905287
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079669904716
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame B3D9 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079669905493
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079669904726
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-04b07963a2be4592c691734b7eed0673.js
js.stripe.com/v3/fingerprinted/js/ Frame 5090 		534 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:06:16 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3357
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:03 GMT
server
Cloudfront
etag
W/"95aa681b281a5fd9fb2c047afb2affcb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
9bmTMJ3Am4ptsaVePLhFcd3ZxycBCoBFf5h-WESzhS-r7HtbE9Vyaw==
controller-5191fe85359757d5b3779b41498f0625.js
js.stripe.com/v3/fingerprinted/js/ Frame 5090 		693 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-5191fe85359757d5b3779b41498f0625.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
efef889adaef80d21e620d06956618a3f355c23961901039c0aae1d8893bda99
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:33:28 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1685
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:01 GMT
server
Cloudfront
etag
W/"ed234fd8d7109acdbdd95f9489614c03"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
pWqBPkvi1qkIg6bk0Xz7wuEAv2NF7RAtPDWlxZAUku_3Z0vgVMXPEw==
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 24 Jan 2024 07:01:09 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 620B 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96474b95032a99edec516e38c3ca03232373e014102ab0876b01673294273c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41031
x-xss-protection
0
remote.js
www.youtube.com/s/player/b31b88f2/player_ias.vflset/de_DE/ Frame 620B 		117 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8a873c290cf089d77847a47f22ffe849cbd52c14b168ce5b01d56bc85192ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:32:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
26945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33918
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:13:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 22 Jan 2025 23:32:04 GMT
cHoal1GHrde4YWVmtNRS7rfNld6iV6ittWnnuOkThR0.js
www.google.com/js/th/ Frame 620B 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/cHoal1GHrde4YWVmtNRS7rfNld6iV6ittWnnuOkThR0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
707a1a975187add7b8616566b4d452eeb7cd95dea257a8adb569e7b8e913851d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:20:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
49216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19856
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 17:20:53 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/faWDFvv7lUc/ Frame 620B 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/faWDFvv7lUc/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
461d7aa8fc681417fd386a23b2554b9826473375ba536cbe089ee653f8d63544
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22080
x-xss-protection
0
server
sffe
etag
"1699845481"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 24 Jan 2024 09:01:09 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 9D2C 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1432
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:37:24 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 19 Jan 2024 21:19:51 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
s6apIn6jyC_bf7WO7-kI5E7jKhPxSp9mKtRyWT0XSs6ePGM4Uh9HRw==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
js.stripe.com/v3/ Frame E225 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
5fc8ee00cc47368f6fdf6519a5df026aae2aac44b3c3cb79012027af13c1b17e
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
31
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 07:01:03 GMT
etag
"a8f00e403bc9538a7c1880ae6b6a2dc3"
last-modified
Tue, 23 Jan 2024 21:04:49 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
8spQIt7YQd6yRGya0zO6R3nysZsjfckIFD0NxPCuwkCRXAG1QBW41g==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
js.stripe.com/v3/ Frame 89A0 		408 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9fd703e836a5c337b7d201803a8a3f62f1d83e709f14bc5660bf1d8828f1e896
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2475
cache-control
max-age=31536000
content-length
408
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:19:56 GMT
etag
"663151670dfe2e17a3bc350be932abd3"
last-modified
Tue, 23 Jan 2024 21:05:05 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
BCS0prXXl9rRqZaxEjqR05fay-LOzNx4xOHSoArY-xao0LgYiRqoCw==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
js.stripe.com/v3/ Frame 5793 		344 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b46d3024a6c36b8cd64ac80c86cc0ab15d5302944b0e09c0919889395579338f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
47
cache-control
max-age=60
content-length
344
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 07:00:23 GMT
etag
"2c6547c20acd86dbd815d5f2ec7d5a4f"
last-modified
Tue, 23 Jan 2024 21:05:05 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
cfI_TH0V1PIqlipeoS8eeNA3nNEJuS2DHs8ZqNZbKrkefdfTE9zVEQ==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 2B82 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079669949200
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079669948826
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 2B82 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079669949099
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079669948797
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-04b07963a2be4592c691734b7eed0673.js
js.stripe.com/v3/fingerprinted/js/ Frame 7478 		534 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:06:16 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3357
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:03 GMT
server
Cloudfront
etag
W/"95aa681b281a5fd9fb2c047afb2affcb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
ASq0ae3diej9H4wS4A4_3O9cIuyRZD-jaP1yBhdiqBTAg8xQTHupFg==
payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js
js.stripe.com/v3/fingerprinted/js/ Frame 7478 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:57:57 GMT
content-encoding
gzip
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
195
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Fri, 19 Jan 2024 21:19:50 GMT
server
Cloudfront
etag
W/"9d64070358354c97251ee8d4e282ba7b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
PkpAyKX-hVLlR_wLTSOwl3a-nQpQZ75_K0ic6No0lI1QQgGJHquVkw==
truncated
/ Frame 620B 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
AIf8zZRUghBovfYtllJAJNGrV1wxIFK2nVEsGdf0Oz05mw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 620B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AIf8zZRUghBovfYtllJAJNGrV1wxIFK2nVEsGdf0Oz05mw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2d7e2e06bb155de66ce32619ad487dffdd7abeb587a70e35a5136a4769dba447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 05:06:55 GMT
x-content-type-options
nosniff
age
6855
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3152
x-xss-protection
0
server
fife
etag
"v172"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 25 Jan 2024 05:06:55 GMT
shared-04b07963a2be4592c691734b7eed0673.js
js.stripe.com/v3/fingerprinted/js/ Frame 4185 		534 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:06:16 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3357
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:03 GMT
server
Cloudfront
etag
W/"95aa681b281a5fd9fb2c047afb2affcb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
8hVgFy-HdrAGRoPPj95Snzr0AMA1quKnJUTLLtr_OJ0RUhbk2zV7eQ==
controller-5191fe85359757d5b3779b41498f0625.js
js.stripe.com/v3/fingerprinted/js/ Frame 4185 		693 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-5191fe85359757d5b3779b41498f0625.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
efef889adaef80d21e620d06956618a3f355c23961901039c0aae1d8893bda99
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:33:28 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1685
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:01 GMT
server
Cloudfront
etag
W/"ed234fd8d7109acdbdd95f9489614c03"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
6bCEx7N74aVO0G5_UV5tpJG2PgnYKKgbTusJd48YR-qSMdIJUPyzOw==
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame EC45 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2058&idt=421&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:36:36 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 12D6 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2058&idt=421&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2058&idt=421&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=423
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 06:30:51 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame EC45 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2058&idt=421&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
26746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:35:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame EC45 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2058&idt=421&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
26352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:41:57 GMT
l
www.google.com/ads/measurement/ Frame EC45 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQphWQtT0z92lNCbtosO527dxtJgLf7emk9YjUAuWvRwR9LSTmV3yCMjWwvuFrxx0aUG8n9hpGaZYjU6rTJBbApln1XiQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2058&idt=421&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EC45 		205 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2058&idt=421&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:35:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
1531
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63000
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 07:35:38 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame EC45 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2058&idt=421&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:30:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
27042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14823
x-xss-protection
0
server
cafe
etag
5840398140224802838
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:30:27 GMT
shared-04b07963a2be4592c691734b7eed0673.js
js.stripe.com/v3/fingerprinted/js/ Frame BD6F 		534 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:06:16 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3357
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:03 GMT
server
Cloudfront
etag
W/"95aa681b281a5fd9fb2c047afb2affcb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
K2I_2bxCz4k5zJyHr1dqqF5wjVLAy-EBgN-pD02U6y1u_iYR8j5Mcg==
payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js
js.stripe.com/v3/fingerprinted/js/ Frame BD6F 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
195
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Mon, 08 Jan 2024 21:41:57 GMT
server
Cloudfront
etag
W/"9d64070358354c97251ee8d4e282ba7b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
D48cXDNR_pRaJf6H9TDQrVWkZVK4Cxj0bOxPJXh14aQmSxFJh_Glwg==
pay.js
pay.google.com/gp/p/js/ Frame 66B7 		119 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b13ac5db06aaef364bbea670ddcd08f23abd89018ced6134df333c0b35251afc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce--ljMeZEa-O8iCdJrVzve2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce--ljMeZEa-O8iCdJrVzve2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjqtHikmJw0ZBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEA_H1teH1rIJbFi--TwzAOUWN5Y"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 24 Jan 2024 07:01:09 GMT
shared-04b07963a2be4592c691734b7eed0673.js
js.stripe.com/v3/fingerprinted/js/ Frame 66B7 		534 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:06:16 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3357
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:03 GMT
server
Cloudfront
etag
W/"95aa681b281a5fd9fb2c047afb2affcb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
AcGXVNYpiEOMAKF1htxtOVKlz__m2cFAyj9lx0wQkhByogjeb06haQ==
payment-request-inner-google-pay-d432dd3294f1501fc61a2463928f5b86.js
js.stripe.com/v3/fingerprinted/js/ Frame 66B7 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-d432dd3294f1501fc61a2463928f5b86.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
42fa6c755c6427833572147096b10125f7dd9f965e0bbc45763625e08f80f016
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:09:32 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3108
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Fri, 19 Jan 2024 18:03:23 GMT
server
Cloudfront
etag
W/"a535e80a392a5f530d16d7eeee51483d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
c-jkzdxuNRtB9tNKCo7YmqmE49fXNgBLnrDeNIUjoMtAdOYzroncKA==
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 952B 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:37:24 GMT
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
1431
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 19 Jan 2024 21:19:50 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
2chB1CoQZYx2eKVFUvBTU8KCguKbFLlk-dSItRHlITZhMcKDhgC1Zg==
csp-report
q.stripe.com/ Frame 5090 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079669983580
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079669983289
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 7478 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079669983835
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079669983302
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 7478 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079669983928
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079669983314
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
css
fonts.googleapis.com/ Frame 5774 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2057&idt=409&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 06:42:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jan 2024 07:01:09 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 5774 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2057&idt=409&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
26864
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:33:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 5774 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2057&idt=409&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:36:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 5774 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2057&idt=409&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
26746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:35:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 5774 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2057&idt=409&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
26352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5774 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2057&idt=409&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66080
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705966741457425"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Jan 2024 07:01:10 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 5774 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2057&idt=409&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 23:31:36 GMT
csp-report
q.stripe.com/ Frame 4185 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079669992101
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079669991363
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame BD6F 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670111196
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079670110480
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame BD6F 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670110789
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079670110488
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 66B7 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670111083
x-envoy-upstream-service-time
4
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079670110498
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 66B7 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670111033
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079670110508
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 952B 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670111388
x-envoy-upstream-service-time
4
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079670110517
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 952B 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670111078
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079670110525
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 174F 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:f800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
190
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:58:01 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 478446fb4d72a1fd99b9a7a5157265f4.cloudfront.net (CloudFront)
x-amz-cf-id
Ql_s2TCPQxciuaUsuj3eree39UQrYyT155MRtPFTp__fBLVoWg637w==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 9D2C 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:37:24 GMT
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
1431
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 19 Jan 2024 21:19:50 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
QJEIJamHdH14MMgoQokxtez6XXkCvHNNXQn1LwPzGy_ET16IfCfLWg==
shared-04b07963a2be4592c691734b7eed0673.js
js.stripe.com/v3/fingerprinted/js/ Frame E225 		534 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:06:16 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3357
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:03 GMT
server
Cloudfront
etag
W/"95aa681b281a5fd9fb2c047afb2affcb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
X85qF6DvQ--u3wR68nG_hujHxMrTlnUlEkk6XFRqmMxC7fuJBrWqNA==
controller-5191fe85359757d5b3779b41498f0625.js
js.stripe.com/v3/fingerprinted/js/ Frame E225 		693 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-5191fe85359757d5b3779b41498f0625.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
efef889adaef80d21e620d06956618a3f355c23961901039c0aae1d8893bda99
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:33:28 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1685
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:01 GMT
server
Cloudfront
etag
W/"ed234fd8d7109acdbdd95f9489614c03"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
-BP0spSkYzdOODm4WBNMo8JTkE5qz_XgsOLMLiO-BQUxzHkDkF447Q==
pay.js
pay.google.com/gp/p/js/ Frame 89A0 		119 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b13ac5db06aaef364bbea670ddcd08f23abd89018ced6134df333c0b35251afc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-GNK0hG8il4SrYLuZA-2mqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-GNK0hG8il4SrYLuZA-2mqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjqtHikmJw1pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEA_H1teH1rIJ7Pj17DgzAOaNOBs"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 24 Jan 2024 07:01:09 GMT
shared-04b07963a2be4592c691734b7eed0673.js
js.stripe.com/v3/fingerprinted/js/ Frame 89A0 		534 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:06:16 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3357
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:03 GMT
server
Cloudfront
etag
W/"95aa681b281a5fd9fb2c047afb2affcb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
u93Ha9_EM95gdzz-xFYhS3MJOedIswS9eIRrLkriMRCoMLdzb3ge7Q==
payment-request-inner-google-pay-d432dd3294f1501fc61a2463928f5b86.js
js.stripe.com/v3/fingerprinted/js/ Frame 89A0 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-d432dd3294f1501fc61a2463928f5b86.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
42fa6c755c6427833572147096b10125f7dd9f965e0bbc45763625e08f80f016
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:09:32 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3108
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Fri, 19 Jan 2024 18:03:23 GMT
server
Cloudfront
etag
W/"a535e80a392a5f530d16d7eeee51483d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
g1IiRC7vh56o1DMeSg6eJclzFZN1boegmYkZA88QyHkSONlvPBWO7g==
shared-04b07963a2be4592c691734b7eed0673.js
js.stripe.com/v3/fingerprinted/js/ Frame 5793 		534 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:06:16 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3357
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:03 GMT
server
Cloudfront
etag
W/"95aa681b281a5fd9fb2c047afb2affcb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
vVJBDecIxHxpZT0UlOlYearwS2JfG4bfY9cxwoNyuwpR1b52rGJQlw==
payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js
js.stripe.com/v3/fingerprinted/js/ Frame 5793 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:09 GMT
content-encoding
gzip
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
195
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Mon, 08 Jan 2024 21:41:57 GMT
server
Cloudfront
etag
W/"9d64070358354c97251ee8d4e282ba7b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
32h_RbxsMHOFEib6cQLyFzaf-2KeYHGy7vu2PqKleyJGPk0Xb8SOXA==
14763004658117789537
tpc.googlesyndication.com/simgad/18433260498402669188/ Frame 5774 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18433260498402669188/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2057&idt=409&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
701435a4a151abdaf824a3e7fabf7d79b169332d06116c08e95356ce5e6c9976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 23:19:48 GMT
date
Tue, 23 Jan 2024 23:19:48 GMT
x-content-type-options
nosniff
age
27681
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14878
x-xss-protection
0
last-modified
Sat, 25 Jun 2022 16:37:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 5774 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5774 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
csp-report
q.stripe.com/ Frame 9D2C 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670111239
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079670110535
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 9D2C 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670111793
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079670110915
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame E225 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670111277
x-envoy-upstream-service-time
4
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079670110639
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 5090 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 07:00:54 GMT
via
1.1 b03c46754456cd1729ff37c2faafd4ec.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 21:44:00 GMT
server
Cloudfront
age
21
x-amz-cf-pop
ZRH55-P1
etag
"a1c509b5224a793d214c820498fafb8b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
oxY0h2GF3p9CcYg6a-_qk0G0d8EpZJDSLfZ8U87IyOKnCEKlBs3EMg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 5090 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 07:00:54 GMT
via
1.1 b03c46754456cd1729ff37c2faafd4ec.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 21:44:00 GMT
server
Cloudfront
age
21
x-amz-cf-pop
ZRH55-P1
etag
"a1c509b5224a793d214c820498fafb8b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
nDIP2Ey15Ri_lRTG6ex9r9HPBY0PLZxd6fiC-ULfQUc2iPScHW2NEw==
csp-report
q.stripe.com/ Frame 89A0 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670154486
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079670154055
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 89A0 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670155025
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079670154037
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 5793 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670154376
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079670154066
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 5793 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670154704
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079670154207
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
css
fonts.googleapis.com/ Frame DB88 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CDM%20Serif%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668611&bpp=1&bdt=2060&idt=691&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
892c8b84e09c970fc1a60018f0d4f3ae76d632c5ce4ad037776bab839ea80db1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 06:50:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jan 2024 07:01:10 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame DB88 		2 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668611&bpp=1&bdt=2060&idt=691&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
26865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:33:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame DB88 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668611&bpp=1&bdt=2060&idt=691&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26674
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:36:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame DB88 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668611&bpp=1&bdt=2060&idt=691&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
26747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:35:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame DB88 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668611&bpp=1&bdt=2060&idt=691&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
26353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:41:57 GMT
l
www.google.com/ads/measurement/ Frame DB88 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSde-KO15gxuukQPUJwQdHSCxT_yi8TepQgKFyu8z3eWM5uL52iuZxrp4Nz59SPtzMK-z3fht9Hrrid_kAi68JTzytG4w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668611&bpp=1&bdt=2060&idt=691&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DB88 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668611&bpp=1&bdt=2060&idt=691&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66080
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705966741457425"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Jan 2024 07:01:10 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame DB88 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668611&bpp=1&bdt=2060&idt=691&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 23:31:36 GMT
tweet-result
cdn.syndication.twimg.com/ Frame 8526 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3A%3Btfw_follower_count_sunset%3Atrue%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_fosnr_soft_interventions_enabled%3Aon%3Btfw_mixed_media_15897%3Atreatment%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_show_birdwatch_pivots_enabled%3Aon%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_use_profile_image_shape_enabled%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_legacy_timeline_sunset%3Atrue%3Btfw_tweet_edit_frontend%3Aon&id=1749579756855767453&lang=en&token=48ogt4775lm&n2vv6p=8fsmj80ydxrj&2jia3l=5287n8im40ir&mthj7r=g1fo28wnj5co&5atcaq=40vb6s86g1cj&uqdxgq=dhj8tkp1tgfa&q477e2=4y7n8lwvtda2&l6f4dg=8cgih83z9q2l
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.9449.143d97ea3ade6f4824dc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
edc1342cec96d9dec7efa725ae435393a179c868db59ada576668dc41594cc5c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=631138519
x-powered-by
Express
server-timing
x-cache;desc= ,x-tw-cdn;desc=VZ
content-length
1326
x-response-time
144
server
tsa_f
etag
W/"d67-vOd4xWgS0yH364hf6KMYtwlV15E"
vary
Accept-Encoding, Accept-Language
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
68a67aa9910a787b
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
perf
7469935968
x-connection-hash
2275098b8b135868f261f44908674745c30d3b9501f4213ebed31c398034ddf6
x-tw-cdn
VZ, VZ, VZ
access-contol-allow-origin
platform.twitter.com
tweet-result
cdn.syndication.twimg.com/ Frame 7B01 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3A%3Btfw_follower_count_sunset%3Atrue%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_fosnr_soft_interventions_enabled%3Aon%3Btfw_mixed_media_15897%3Atreatment%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_show_birdwatch_pivots_enabled%3Aon%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_use_profile_image_shape_enabled%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_legacy_timeline_sunset%3Atrue%3Btfw_tweet_edit_frontend%3Aon&id=1749548156617146559&lang=en&token=48od8gf6uhj&ix92ux=33lrb78b9e54&ec06nx=2148nkf21ohg&t99zv4=4m8i5ps6jt1&qlvner=3eygww8z5wuv&grxef0=5u8hiru6x6t3&q3sb31=99mdg8x0prh9
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.9449.143d97ea3ade6f4824dc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
b69b2b518d3258291f9becb70aca2b7a801086634a0f39f58d0dce95693242d1
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=631138519
x-powered-by
Express
server-timing
x-cache;desc= ,x-tw-cdn;desc=VZ
content-length
1103
x-response-time
161
server
tsa_f
etag
W/"9fe-FKZ9sE87VcZpB/3NRJeAY/2i05U"
vary
Accept-Encoding, Accept-Language
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
118828569b9a3357
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
perf
7469935968
x-connection-hash
23c345fd9c43c6a6e0f2036ff3ae612966cd94e39f3d65f1b6041c313eb67a64
x-tw-cdn
VZ, VZ, VZ
access-contol-allow-origin
platform.twitter.com
.deploy_status_henson.json
js.stripe.com/v3/ Frame 4185 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 07:00:54 GMT
via
1.1 b03c46754456cd1729ff37c2faafd4ec.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 21:44:00 GMT
server
Cloudfront
age
21
x-amz-cf-pop
ZRH55-P1
etag
"a1c509b5224a793d214c820498fafb8b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
3DBUSZ5DZOLFTPSeRgtt1ycvrwkUYi0nks9AvUZqLFm_9-Y3MzRPhw==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 4185 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 07:00:54 GMT
via
1.1 b03c46754456cd1729ff37c2faafd4ec.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 21:44:00 GMT
server
Cloudfront
age
21
x-amz-cf-pop
ZRH55-P1
etag
"a1c509b5224a793d214c820498fafb8b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
iVvMU6F2wVSyIy3GpDzLCbSzLhEzAVtQAbbqg-aEACZWVmv5d-uc_g==
14763004658117789537
tpc.googlesyndication.com/simgad/7108142842000566029/ Frame DB88 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7108142842000566029/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668611&bpp=1&bdt=2060&idt=691&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d1277d8482793c394edbed0d48ac11633bdcc5fbca78a5e817ac6701d590153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 23 Jan 2025 05:13:54 GMT
date
Wed, 24 Jan 2024 05:13:54 GMT
x-content-type-options
nosniff
age
6436
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17608
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 14:49:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame DB88 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame DB88 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 620B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Jan 2024 07:01:10 GMT
inner.html
m.stripe.network/ Frame 7878 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:f800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
191
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:58:01 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 478446fb4d72a1fd99b9a7a5157265f4.cloudfront.net (CloudFront)
x-amz-cf-id
k8K-QRQ9ey4e3dAOgVcjkRH7wv0tJw2E79N5vUXfHIR7p-USqXKETQ==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 174F 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670196297
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1706079670195450
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 174F 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:f800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:56:58 GMT
content-encoding
gzip
via
1.1 478446fb4d72a1fd99b9a7a5157265f4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
253
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
ZRH55-P1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
_MerHTgBfU4_-yt5iJVE9FrczjR5n2A3BCHJnoiP-AQ0gP1gjRYgwQ==
inner.html
m.stripe.network/ Frame 9FD9 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:f800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
191
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:58:01 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 478446fb4d72a1fd99b9a7a5157265f4.cloudfront.net (CloudFront)
x-amz-cf-id
nzQ2hlbgA83kxGq8ZoiQyrrITfEHTpHFSTtY_3tzvxVrZt8Z-EIF3Q==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
wallet-config
merchant-ui-api.stripe.com/elements/ Frame 5090 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.137.150.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3bf5a9163eb1c331f64d20e488214038bd46dc06f486c912fab6d7de8eca98c
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
2475
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to=https://q.stripe.com/coop-report
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame E225 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 07:00:54 GMT
via
1.1 b03c46754456cd1729ff37c2faafd4ec.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 21:44:00 GMT
server
Cloudfront
age
21
x-amz-cf-pop
ZRH55-P1
etag
"a1c509b5224a793d214c820498fafb8b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
oBlQZ0dUemuk9NCZxzU7mhT_ThlbFhTL07XweM6h8GESQvjEheqsDg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame E225 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 07:00:54 GMT
via
1.1 b03c46754456cd1729ff37c2faafd4ec.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 21:44:00 GMT
server
Cloudfront
age
21
x-amz-cf-pop
ZRH55-P1
etag
"a1c509b5224a793d214c820498fafb8b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
LFTGYPNGsUOwtfbVMqFypmI48NCR47a1SGLg1UcSd3s9BvQSHpCrpQ==
truncated
/ Frame EC45 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02b7de9efcebe992b6dc36ec18ddc07187481e6cc845b0259cbf7723ce40d583

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
generate_204
www.youtube.com/ Frame 620B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?8Rk8gw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
wallet-config
merchant-ui-api.stripe.com/elements/ Frame 4185 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.137.150.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7efc6dbf61e3a649be3ecd808ac8cb71dbb1c51b9ed6c092a5f7f1cd88bc1788
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
2475
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to=https://q.stripe.com/coop-report
expires
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 24 Jan 2024 07:01:10 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 620B 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d10ec638d45edb0823a651e7e99f3eb3f6b1e394a5cca3bf8a714f72ab6fb1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 12D6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2058&idt=421&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 07:01:10 GMT
expires
Wed, 24 Jan 2024 07:01:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 07:01:10 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
wallet-config
merchant-ui-api.stripe.com/elements/ Frame E225 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.137.150.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
061b76e05c3fc7f4a7c2dfc5e6799ab02a435990d0d3c1359140699fe59ea1e9
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
2475
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to=https://q.stripe.com/coop-report
expires
0
payframe
pay.google.com/gp/p/ui/ Frame 0A71 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
23ea1280ba337b7b71663bb790a6c56866cc600f5f59175c879c3193589a4363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GZN6OPdMNHg6WfMM4nsrpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-GZN6OPdMNHg6WfMM4nsrpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Wed, 24 Jan 2024 07:01:10 GMT
expires
Wed, 24 Jan 2024 07:01:10 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjqtHikmJw0ZBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEA_HtteH1rIJrLjQNJ0RAOSYN00"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
csp-report
q.stripe.com/ Frame 7878 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670368217
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1706079670367545
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 7878 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:f800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:56:58 GMT
content-encoding
gzip
via
1.1 478446fb4d72a1fd99b9a7a5157265f4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
253
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
ZRH55-P1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
0et2Hp4jZMfmBpQ_6N77Ptdij64p-idAbmQtSeXZiPe9_pSvRN5s1w==
csp-report
q.stripe.com/ Frame 9FD9 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670437475
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1706079670437124
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 9FD9 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:f800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:56:58 GMT
content-encoding
gzip
via
1.1 478446fb4d72a1fd99b9a7a5157265f4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
253
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
ZRH55-P1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
i65zZc8go8fm8qIv94tbSzKkNH_zhbmfSz0uaOOvi8l5aR_gnWwSpg==
payframe
pay.google.com/gp/p/ui/ Frame A068 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b786b631cd69b49183d7f0e4e93f662e35b370621c42f0aa0294f010bcec9c93
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-q8izzKbv6ZgTuNO4ZGZl-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-q8izzKbv6ZgTuNO4ZGZl-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Wed, 24 Jan 2024 07:01:10 GMT
expires
Wed, 24 Jan 2024 07:01:10 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjqtHikmJw0ZBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEA_HtteH1rIJbNhy8CAjAOVhN6I"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame EC45
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cq_XjtbWwZf7CBPaE_NUPu-2DoAyD-eq8dZ360-ydEb_hHhABIKy4nSRglfrwgYwHoAGg8KCXKcgBA6gDAcgDyQSqBMkCT9BdFulrQm111XmFSlFbphyh4ISASelVpIFsoCLQOixc4DJOSir...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225492354954126366488%22,%22debug_reporting%22:true,%22destination%22:%22https://myka.com%22,%22event_report_window%22:%2225...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225492354954126366488%22,%22debug_reporting%22:true,%22destination%22:%22https://myka.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211054626848%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211620420891634565313%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2058&idt=421&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=423
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"5492354954126366488","debug_reporting":true,"destination":"https://myka.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11054626848"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"11620420891634565313"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 24 Jan 2024 07:01:10 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 24 Jan 2024 07:01:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5492354954126366488","debug_reporting":true,"destination":"https://myka.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11054626848"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"11620420891634565313"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
b
r.stripe.com/ Frame 5090 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:10 GMT
x-stripe-server-envoy-start-time-us
1706079670464814
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
8
x-stripe-client-envoy-start-time-us
1706079670463913
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 5090 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:10 GMT
x-stripe-server-envoy-start-time-us
1706079670464742
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1706079670463949
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4185 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:10 GMT
x-stripe-server-envoy-start-time-us
1706079670464317
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
6
x-stripe-client-envoy-start-time-us
1706079670463842
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4185 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:10 GMT
x-stripe-server-envoy-start-time-us
1706079670464782
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1706079670463842
access-control-allow-credentials
true
content-length
0
payframe
pay.google.com/gp/p/ui/ Frame 34F0 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5f059ec8de7342dcd0e41020f77e06ba9980beb9637a1986a1c23249815d42ca
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-wWyLFc_418Ti4wtvJpGifg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-wWyLFc_418Ti4wtvJpGifg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Wed, 24 Jan 2024 07:01:10 GMT
expires
Wed, 24 Jan 2024 07:01:10 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjqtHikmJw0ZBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEA_HtteH1rIJLJjz9hojAOVfN7s"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
6
m.stripe.com/ Frame 174F 		156 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.50.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-50-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6d9d74c9bceaecbefdb49582c4b7e16f6373d34f0b8e6b3e33c64f15c3bff0bf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670503626
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1706079670503033
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
b
r.stripe.com/ Frame E225 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:10 GMT
x-stripe-server-envoy-start-time-us
1706079670519592
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
6
x-stripe-client-envoy-start-time-us
1706079670519129
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame E225 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:10 GMT
x-stripe-server-envoy-start-time-us
1706079670520260
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1706079670519993
access-control-allow-credentials
true
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 620B 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 09:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 24 Jan 2024 09:44:07 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 0A71 		159 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64538376e8856edd3e56379eff18fc2755cea3d3e8ae91157b7910f29f43ca02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57441
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 05:46:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 17:53:21 GMT
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame 1F79 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 21:36:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 23:27:09 GMT
bd96eb2150f7ae7816c9ef0533313b28.js
www.gstatic.com/mysidia/ Frame 1F79 		146 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/bd96eb2150f7ae7816c9ef0533313b28.js?tag=video_mra/web_raspberry_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa85fc3c9a3ef2d7f169a93d93e00457905dbc08c7dfc1bfa162672e5b020d66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54782
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 23:35:40 GMT
css
fonts.googleapis.com/ Frame 1F79 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 06:40:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jan 2024 07:01:10 GMT
css
fonts.googleapis.com/ Frame 1F79 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 06:35:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jan 2024 07:01:10 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 1F79 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
26865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:33:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 1F79 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26674
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:36:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 1F79 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
26747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:35:23 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 1F79 		67 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 18:16:17 GMT
x-content-type-options
nosniff
server
cafe
age
45893
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Wed, 24 Jan 2024 18:16:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 1F79 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
26353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:41:57 GMT
l
www.google.com/ads/measurement/ Frame 1F79 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxKToASnh7LMtor0_3txNjtVEJHzRTY9LnOZnQP7jLEGJ3ezYLYywIqMBvaX-6sqtI_wvF0ohZW_6yI85yDdqwynTTBg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1F79 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66080
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705966741457425"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Jan 2024 07:01:10 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 1F79 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 23:31:36 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 0A71 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
truncated
/ Frame 5774 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc07f69d82c00d9082e4e99922c044d64c9fd735cb017997b04caa1c0a6a98b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame A068 		159 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64538376e8856edd3e56379eff18fc2755cea3d3e8ae91157b7910f29f43ca02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57441
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 05:46:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 17:53:21 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5774 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 00:19:37 GMT
x-content-type-options
nosniff
age
110493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 00:19:37 GMT
6
m.stripe.com/ Frame 7878 		156 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.50.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-50-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b3383a1b9c7b10806480b2b85ba1f14f75eca6987b148cb56ce7e1fee081f57f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670586921
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1706079670586419
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225492354954126366488%22,%22debug_reporting%22:true,%22destination%22:%22https://myka.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211054626848%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211620420891634565313%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
embed.886.2f72edca4e14266f8bf0.js
platform.twitter.com/embed/ Frame 8526 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.886.2f72edca4e14266f8bf0.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5cf1106a7417e52c66f83b87be422a6be738327d91bca5b3556a912f36bd3bd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
3411
x-served-by
cache-iad-kjyo7100074-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"8f82c0a1048af0302ae1572602c9f839+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.5731.21a38d427c079d171432.js
platform.twitter.com/embed/ Frame 8526 		141 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.5731.21a38d427c079d171432.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
67a45fd51e0333b4d50c4921b425342d8735eb1a7520f3959e4843e88391bd5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
42279
x-served-by
cache-iad-kjyo7100024-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"23201287531670bc936c706c9f41c46a+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.9935.551987f9e1d82df07124.js
platform.twitter.com/embed/ Frame 8526 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.9935.551987f9e1d82df07124.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d22de5a473d4ea8e47cf768771d3a1e2b168d51e30e85bed45f1a5e12a6be98c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
20000
x-served-by
cache-iad-kiad7000146-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"58e7b6696f63b7fc2dccd829a92af55a+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.4384.d9a8a6060e32d36ce97a.js
platform.twitter.com/embed/ Frame 8526 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.4384.d9a8a6060e32d36ce97a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5c6d6f4189840f0557ce4381b89f4d30b7a2b9e22f3414b99cfe8abf1c95bb80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
4175
x-served-by
cache-iad-kiad7000143-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"9e037c7706b6326bbaf3e17423605f89+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.2796.08a444204f993a582441.js
platform.twitter.com/embed/ Frame 8526 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.2796.08a444204f993a582441.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
446bff0a39a71a6c57e3b5bf67d2e59e4e63f051178235e0c1e102cc5418d4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
13985
x-served-by
cache-iad-kcgs7200028-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"f2adfa73051fe72621c89fca4459b722+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.TweetVideo.06a8f385c489c4e0aaf2.js
platform.twitter.com/embed/ Frame 8526 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.TweetVideo.06a8f385c489c4e0aaf2.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c5186b33b7596f083f6058572e841e98736d2f897a77d7d4609d9b179361e89c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
4256
x-served-by
cache-iad-kjyo7100108-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"b45c10c49750ef66a37ecc71305b8178+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
1f6a8.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 8526 		1 KB
979 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f6a8.svg
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5ed681717a4679f291aa6076a88951cc5dea77f2e85ad52009f35c9eca5662e0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 07:01:10 GMT
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
577
x-served-by
cache-fty21321-FTY, cache-fra-eddf8230066-FRA
last-modified
Wed, 21 Feb 2018 22:31:11 GMT
etag
"tW5BCICP+eiGx1oTXM23hA=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
x-transaction-id
9566fa2b34a30332
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 25 Jul 2024 20:44:54 GMT
embeds
syndication.twitter.com/i/jot/ Frame 8526 		43 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1706079670512%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22RebelNewsOnline%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222423e1d6feef8%3A1696717678980%22%2C%22item_ids%22%3A%5B%221749579756855767453%22%5D%2C%22item_details%22%3A%7B%221749579756855767453%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
109
date
Wed, 24 Jan 2024 07:01:09 GMT
strict-transport-security
max-age=631138519
last-modified
Wed, 24 Jan 2024 07:01:10 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
c56b192372a211c6
cache-control
must-revalidate, max-age=600
perf
7469935968
x-connection-hash
17fe8512d2a6f1336a6f3d4c98499dfaae5785e67c78033d83e5e904f96ee0f3
content-length
43
truncated
/ Frame DB88 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76078a009a1a15ee461954a0c72262344e59f0a6106e44fcc0e5adc6d4fc9801

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
embeds
syndication.twitter.com/i/jot/ Frame 7B01 		43 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1706079670538%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22RebelNewsOnline%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222423e1d6feef8%3A1696717678980%22%2C%22item_ids%22%3A%5B%221749548156617146559%22%5D%2C%22item_details%22%3A%7B%221749548156617146559%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
104
date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=631138519
last-modified
Wed, 24 Jan 2024 07:01:10 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
0c794727e7313d4b
cache-control
must-revalidate, max-age=600
perf
7469935968
x-connection-hash
17fe8512d2a6f1336a6f3d4c98499dfaae5785e67c78033d83e5e904f96ee0f3
content-length
43
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame A068 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
fonts.gstatic.com/s/dmserifdisplay/v15/ Frame DB88 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmserifdisplay/v15/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CDM%20Serif%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:35:30 GMT
x-content-type-options
nosniff
age
26740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24768
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:45:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:35:30 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame DB88 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CDM%20Serif%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 00:19:37 GMT
x-content-type-options
nosniff
age
110493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 00:19:37 GMT
6
m.stripe.com/ Frame 9FD9 		156 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.50.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-50-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b334c85509659a37d32f46e3ae55b0c278269ff50776d2f5e7d12f813b50f463
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079670658603
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1706079670658104
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
okxmKEX5_bigger.jpg
pbs.twimg.com/profile_images/1244750495136321548/ Frame 8526 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1244750495136321548/okxmKEX5_bigger.jpg
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F717) /
Resource Hash
4189dccc89eb1f7fa6ccc197236db245095fdfc9ba7e7a74bfacde7057377898
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
39925
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
2617
x-response-time
107
surrogate-key
profile_images profile_images/bucket/8 profile_images/1244750495136321548
last-modified
Mon, 30 Mar 2020 22:14:59 GMT
server
ECS (ska/F717)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
ccb12aaeef191d42
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
a35f985e757037a5f5c31da64dd2a4482ca4164be58aeeaf2e5f4d660920d007
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 34F0 		159 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64538376e8856edd3e56379eff18fc2755cea3d3e8ae91157b7910f29f43ca02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57441
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 05:46:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 17:53:21 GMT
i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
pagead2.googlesyndication.com/bg/ Frame 4B70 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=2178216223&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2058&idt=421&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
53267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19704
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 16:13:23 GMT
okxmKEX5_bigger.jpg
pbs.twimg.com/profile_images/1244750495136321548/ Frame 7B01 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1244750495136321548/okxmKEX5_bigger.jpg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.9203.97b040640e3b329435c9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F717) /
Resource Hash
4189dccc89eb1f7fa6ccc197236db245095fdfc9ba7e7a74bfacde7057377898
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
39925
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
2617
x-response-time
107
surrogate-key
profile_images profile_images/bucket/8 profile_images/1244750495136321548
last-modified
Mon, 30 Mar 2020 22:14:59 GMT
server
ECS (ska/F717)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
ccb12aaeef191d42
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
a35f985e757037a5f5c31da64dd2a4482ca4164be58aeeaf2e5f4d660920d007
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
okxmKEX5_bigger.jpg
pbs.twimg.com/profile_images/1244750495136321548/ Frame 8526 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1244750495136321548/okxmKEX5_bigger.jpg
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F717) /
Resource Hash
4189dccc89eb1f7fa6ccc197236db245095fdfc9ba7e7a74bfacde7057377898
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
39925
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
2617
x-response-time
107
surrogate-key
profile_images profile_images/bucket/8 profile_images/1244750495136321548
last-modified
Mon, 30 Mar 2020 22:14:59 GMT
server
ECS (ska/F717)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
ccb12aaeef191d42
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
a35f985e757037a5f5c31da64dd2a4482ca4164be58aeeaf2e5f4d660920d007
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
okxmKEX5_bigger.jpg
pbs.twimg.com/profile_images/1244750495136321548/ Frame 7B01 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1244750495136321548/okxmKEX5_bigger.jpg
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F717) /
Resource Hash
4189dccc89eb1f7fa6ccc197236db245095fdfc9ba7e7a74bfacde7057377898
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
39925
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
2617
x-response-time
107
surrogate-key
profile_images profile_images/bucket/8 profile_images/1244750495136321548
last-modified
Mon, 30 Mar 2020 22:14:59 GMT
server
ECS (ska/F717)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
ccb12aaeef191d42
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
a35f985e757037a5f5c31da64dd2a4482ca4164be58aeeaf2e5f4d660920d007
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
ungit5Ic_normal.jpg
pbs.twimg.com/profile_images/1332624725160300544/ Frame 7B01 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1332624725160300544/ungit5Ic_normal.jpg
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F711) /
Resource Hash
2ab92d766741cdfbc632ff508d53663cd028bf566acde70ffe47ce89aed1bcef
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
476331
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
2111
x-response-time
121
surrogate-key
profile_images profile_images/bucket/4 profile_images/1332624725160300544
last-modified
Sat, 28 Nov 2020 09:55:48 GMT
server
ECS (ska/F711)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
b8820d8455859ab7
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
71ff850f89ab08972c8608d04ef17caae13c34630ec87081822b595600c36d6a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 34F0 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
/
www.googleadservices.com/pagead/ar-adview/ Frame 5774
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cihk4tbWwZaqCBLO2x_APhJCS0AGRoeG_dZOkhsLBC2QQASCsuJ0kYJX68IGMB6ABqNON_wPIAQmpAn-MYyoiOLI-qAMByAPLBKoE0wJP0ENkhXwGN73x3xz7cjhTZKW1MkO4ZIGEtBp4pNN...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213465980273266685158%22,%22debug_reporting%22:true,%22destination%22:%22https://impulse-schule.de%22,%22event_report_windo...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213465980273266685158%22,%22debug_reporting%22:true,%22destination%22:%22https://impulse-schule.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221071868328%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226072697460332938417%22}&andc=true
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"13465980273266685158","debug_reporting":true,"destination":"https://impulse-schule.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1071868328"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"6072697460332938417"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 24 Jan 2024 07:01:10 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 24 Jan 2024 07:01:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13465980273266685158","debug_reporting":true,"destination":"https://impulse-schule.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1071868328"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"6072697460332938417"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
YYZ1cWVv_normal.jpg
pbs.twimg.com/profile_images/1502138376396640259/ Frame 8526 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1502138376396640259/YYZ1cWVv_normal.jpg
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F709) /
Resource Hash
7963049570fe07bdf6ca7fdb174d3ab1996cc09f6cbd7f9505294d8b4a4e94b0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
367898
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
2111
x-response-time
114
surrogate-key
profile_images profile_images/bucket/8 profile_images/1502138376396640259
last-modified
Fri, 11 Mar 2022 04:22:31 GMT
server
ECS (ska/F709)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
bb79e5660c5649b3
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
2ad217ca60112bff22c2eac68faedb03fb5d78106831fdef2ff335152252feea
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
GEekxhgawAAvXfk
pbs.twimg.com/media/ Frame 7B01 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/GEekxhgawAAvXfk?format=jpg&name=240x240
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F71A) /
Resource Hash
bd9ae164dc4de3ecbaa6c266a7b5a1304ec350b7184aff3d64e4b585ce5bfe14
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
119902
x-cache
MISS
server-timing
x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length
10507
x-response-time
129
surrogate-key
media media/bucket/8 media/1749548150971613184
last-modified
Mon, 22 Jan 2024 21:40:38 GMT
server
ECS (ska/F71A)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
2464fb13ff996f50
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
9aafb32ee1b7b4b06bc2384376f0ea7e2a1298eec6dd751b882151b372b17342
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
GEekxhgawAAvXfk
pbs.twimg.com/media/ Frame 7B01 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/GEekxhgawAAvXfk?format=jpg&name=360x360
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F71A) /
Resource Hash
9a81a7b1903abc239f57bd156158c43f764aa26e0ca148b06fe097a25b709674
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
119908
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
15386
x-response-time
227
surrogate-key
media media/bucket/8 media/1749548150971613184
last-modified
Mon, 22 Jan 2024 21:40:38 GMT
server
ECS (ska/F71A)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
fcda08826d6bd2a7
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
b0d00fba66e505f608d34afdc553838df80d8ff517e5de61ed89893b2636cdfb
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
pagead2.googlesyndication.com/bg/ Frame 8669 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=1575736038&adf=3948133423&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668609&bpp=1&bdt=2057&idt=409&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
53267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19704
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 16:13:23 GMT
csi
csi.gstatic.com/ Frame 1F79 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lrrfsaxu&c=4754882507159&slotId=2377441253579.5&qqid=CJe-j4W69YMDFQ03VQgdeCcLnw&sei=44752538%2C44809796%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1&ua_e=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bd96eb2150f7ae7816c9ef0533313b28.js?tag=video_mra/web_raspberry_ms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2c0f:fb50:4002:802::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 07:01:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/2498367586579666398/ Frame 1F79 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2498367586579666398/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28225419d47ffa2f642919d8861a121c9266ccb312a5065a8c9b30afebebc402
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 16:37:23 GMT
date
Tue, 23 Jan 2024 16:37:23 GMT
x-content-type-options
nosniff
age
51827
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2778
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 10:29:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 1F79 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
14763004658117789537
tpc.googlesyndication.com/simgad/2841398570971534447/ Frame 1F79 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2841398570971534447/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ba23a346d2a7c9137be731cc0ad89bf2aec41e14f26a902ebf637266380372a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 23 Jan 2025 05:01:14 GMT
date
Wed, 24 Jan 2024 05:01:14 GMT
x-content-type-options
nosniff
age
7196
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55532
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 17:54:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
/
www.googleadservices.com/pagead/ar-adview/ Frame DB88
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CFizYtbWwZe2vFbSH1PIPvea9WOr7pa90yfbxxP4RZBABIKy4nSRglfrwgYwHoAH366btA8gBCakCwiPiglw2sj6oAwHIA8sEqgTLAk_QTHFncXigAhl7Fde9Qz2tWyKLxwZHGy1EzaDsTz9...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221210625448264396052%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221210625448264396052%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221034532343%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215784429940347833601%22}&andc=true
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"1210625448264396052","debug_reporting":true,"destination":"https://kroftman.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1034532343"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"15784429940347833601"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 24 Jan 2024 07:01:11 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 24 Jan 2024 07:01:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1210625448264396052","debug_reporting":true,"destination":"https://kroftman.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1034532343"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"15784429940347833601"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
videoplayback
rr3---sn-5go7ynl6.googlevideo.com/ Frame 1F79 		207 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1706108470&ei=trWwZc_ZEoKip-oPob6v8Ak&ip=2a03:1b20:b:f011::1e&id=b6c852d8fda5cf56&itag=18&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=aY&mm=31&mn=sn-5go7ynl6&ms=au&mv=m&mvi=3&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=127.129&lmt=1658612353531601&mt=1706079417&cpn=d2IBvPYVUcRvY1LW&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRQIgLYZOd7_Rd5_3McnwmS8_b10576jMInFu5C7yMlUHsXQCIQDYjA0JGokrjyWIaJb7sdt-ZkxCK4KozJL6lt-F8EF54Q==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRQIhAPO9w1fgOAhrUc5u60VrxZZG2tsnBVH3ElYfHAufv9ZKAiAaKI-24jvZ-HNHdjd804RCIb3UDlq0EJu3yqwPA2QROw==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:2::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 24 Jan 2024 07:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Jul 2022 21:39:13 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-9022066/9022067
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
9022067
Expires
Wed, 24 Jan 2024 07:01:11 GMT
embed.loaders.video.VideoPlayerDefaultUI.1f5db80c88a5d23aa7a7.js
platform.twitter.com/embed/ Frame 8526 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.loaders.video.VideoPlayerDefaultUI.1f5db80c88a5d23aa7a7.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9c5a2740605aa903c3cd60b821ebeb3da1d6c7815b7b098c8440df58097310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
14166
x-served-by
cache-iad-kiad7000060-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"d591596b970733954492394fe0cfd2b8+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.loaders.video.PlayerHls1.1.693f03f36e383b5840b8.js
platform.twitter.com/embed/ Frame 8526 		343 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.693f03f36e383b5840b8.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
43f5b1d077a57956241f2ad28530c8f8e7c6a4c8db69c342942ac2eca8c44a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1749579756855767453&lang=en&origin=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed&sessionId=169ad7e2186263f1cc27fd0c20cbb887af91a738&siteScreenName=RebelNewsOnline&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
99580
x-served-by
cache-iad-kcgs7200082-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 07 Oct 2023 22:50:34 GMT
etag
"4c14d0a42c1e01ee4a6ed1eb9708f9de+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
DU4Ia4aBx5rSTHRD.jpg
pbs.twimg.com/amplify_video_thumb/1749579627864236032/img/ Frame 8526 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/amplify_video_thumb/1749579627864236032/img/DU4Ia4aBx5rSTHRD.jpg
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F71E) /
Resource Hash
575d4cc1d4429643e00bc74ca53d3ec0d9e1d919d31083569f7646046c9f1be4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
112375
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
31135
x-response-time
220
surrogate-key
amplify_video_thumb amplify_video_thumb/bucket/5 amplify_video_thumb/1749579627864236032
last-modified
Mon, 22 Jan 2024 23:45:43 GMT
server
ECS (ska/F71E)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
c47556243bbe545c
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
bc36a58738c6780fba9a32470f8e8666f0375331dda69e63392fbe4b03eec1f5
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_B... Frame 0A71 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriN2nznL-loDI02_dPJe4LAHmXlzg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4994cb03158c7f362f375ee70bbdac9dffc6d02dbe979a9f1069dbf6e353e925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27641
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 06:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 17:53:22 GMT
m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_B... Frame 0A71 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriN2nznL-loDI02_dPJe4LAHmXlzg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68ec9616894234c98e9398e3b0bda72dc52b48cb4424ea70075df3248438a85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:55:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3730
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 06:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 20:55:57 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_B... Frame 0A71 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriN2nznL-loDI02_dPJe4LAHmXlzg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ad38fde14463f677c827b60d05e33a2f222de47a6825f96e27621621ee105cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:55:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 06:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 20:55:57 GMT
truncated
/ Frame 1F79 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05477efeffa3078c94f16781df9496a38fdc402737e6a3ebc5337fccd6561bc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
pagead2.googlesyndication.com/bg/ Frame 2A69 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=3771106678&adf=1581067940&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079669&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668611&bpp=1&bdt=2060&idt=691&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188%2C360x280&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
53267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19704
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 16:13:23 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213465980273266685158%22,%22debug_reporting%22:true,%22destination%22:%22https://impulse-schule.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221071868328%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226072697460332938417%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
js.stripe.com/v3/fingerprinted/js/ Frame 11A8 		148 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:02:49 GMT
content-encoding
gzip
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3517
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Fri, 19 Jan 2024 21:19:50 GMT
server
Cloudfront
etag
W/"f7a3e754fa2fa9117506f69f618b5778"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
h_j0piBtLW45390tjFdkby_0XmoBKM4pGHVTp_6K_gExp-9qIN3tTA==
phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
js.stripe.com/v3/fingerprinted/js/ Frame 729A 		148 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:46:10 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3517
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Mon, 08 Jan 2024 21:41:57 GMT
server
Cloudfront
etag
W/"f7a3e754fa2fa9117506f69f618b5778"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
oR-FbkzwcevRiqLuoCiFcHtumoULe5fTjVKR9CBaTM8YnQbPO4sktA==
phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
js.stripe.com/v3/fingerprinted/js/ Frame 3182 		148 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:46:10 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3517
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Mon, 08 Jan 2024 21:41:57 GMT
server
Cloudfront
etag
W/"f7a3e754fa2fa9117506f69f618b5778"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
NtMMTkWNfOkNdFmyijHumMDV3Kb1ugV4TrNlShQPuXkTjgWdcFialw==
rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame 1F79 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 18:18:36 GMT
x-content-type-options
nosniff
server
cafe
age
45754
etag
9923804599063086578
vary
Accept-Encoding
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2033
x-xss-protection
0
expires
Wed, 24 Jan 2024 18:18:36 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221210625448264396052%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221034532343%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215784429940347833601%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame B6D6 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=2567848006&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079668&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668608&bpp=1&bdt=2056&idt=376&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 06:33:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jan 2024 07:01:10 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame B6D6 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=2567848006&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079668&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668608&bpp=1&bdt=2056&idt=376&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
26865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:33:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame B6D6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=2567848006&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079668&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668608&bpp=1&bdt=2056&idt=376&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26674
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:36:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame B6D6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=2567848006&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079668&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668608&bpp=1&bdt=2056&idt=376&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
26747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:35:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame B6D6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=2567848006&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079668&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668608&bpp=1&bdt=2056&idt=376&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
26353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 23:41:57 GMT
l
www.google.com/ads/measurement/ Frame B6D6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1y4errFbOUfR40aQQvFjKjfiX-8-wSXuLomIDL9zC-_ar5uviDtdXWz1aswgbAUdHfjdzewg18ds22-JlmjERNpZWHQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=2567848006&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079668&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668608&bpp=1&bdt=2056&idt=376&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B6D6 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=2567848006&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079668&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668608&bpp=1&bdt=2056&idt=376&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66080
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705966741457425"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Jan 2024 07:01:10 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame B6D6 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=2567848006&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079668&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668608&bpp=1&bdt=2056&idt=376&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 23:31:36 GMT
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_B... Frame A068 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriN2nznL-loDI02_dPJe4LAHmXlzg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4994cb03158c7f362f375ee70bbdac9dffc6d02dbe979a9f1069dbf6e353e925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27641
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 06:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 17:53:22 GMT
b
r.stripe.com/ Frame 4185 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
x-stripe-server-envoy-start-time-us
1706079671031540
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1706079671030870
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 5090 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
x-stripe-server-envoy-start-time-us
1706079671037791
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1706079671036883
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame E225 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
x-stripe-server-envoy-start-time-us
1706079671038570
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1706079671037845
access-control-allow-credentials
true
content-length
0
14763004658117789537
tpc.googlesyndication.com/simgad/2841398570971534447/ Frame B6D6 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2841398570971534447/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=2567848006&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079668&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668608&bpp=1&bdt=2056&idt=376&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6ad57dbb9c27b931ee3223079900e8f4eb3084d40abef8ed435019473453244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 23 Jan 2025 05:00:53 GMT
date
Wed, 24 Jan 2024 05:00:53 GMT
x-content-type-options
nosniff
age
7218
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10730
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 17:54:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame B6D6 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B6D6 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_B... Frame 34F0 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriN2nznL-loDI02_dPJe4LAHmXlzg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4994cb03158c7f362f375ee70bbdac9dffc6d02dbe979a9f1069dbf6e353e925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27641
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 06:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 17:53:22 GMT
6
m.stripe.com/ Frame 174F 		156 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.50.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-50-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6d9d74c9bceaecbefdb49582c4b7e16f6373d34f0b8e6b3e33c64f15c3bff0bf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079671112914
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1706079671112591
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame 174F 		156 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.50.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-50-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6d9d74c9bceaecbefdb49582c4b7e16f6373d34f0b8e6b3e33c64f15c3bff0bf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079671162508
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1706079671162184
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
/
www.googleadservices.com/pagead/ar-adview/ Frame 1F79
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CnxSNtbWwZdePC43u1PIP-M6s-An-hsDVdI-X3KyDD7_hHhABIKy4nSRglfrwgYwHoAH366btA8gBCakCj5s4s183sj6oAwHIA8sEqgTLAk_QDkl5aQUi41MDb4WXAkmJ6vekLjV56sy-S_J...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221483867508687341483%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221483867508687341483%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221034532343%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228327067615642866561%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"1483867508687341483","debug_reporting":true,"destination":"https://kroftman.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1034532343"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"8327067615642866561"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 24 Jan 2024 07:01:11 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 24 Jan 2024 07:01:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1483867508687341483","debug_reporting":true,"destination":"https://kroftman.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1034532343"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"8327067615642866561"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pay
pay.google.com/gp/p/ui/ Frame 0A71 		1 MB
378 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f329de7a50dd262538e00de72fa4c07206e6f3b308dd0e107b8d3a045e4df011
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-X1TeGDEPQSEJL_E23QDqrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-X1TeGDEPQSEJL_E23QDqrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjqtHikmJw0ZBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEDfH9teH1rIJ_Hi3xgQArtQ3gQ"
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 24 Jan 2024 07:01:11 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1F79 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 00:19:37 GMT
x-content-type-options
nosniff
age
110494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 00:19:37 GMT
_vur-PU7KiW1EsHV.m3u8
video.twimg.com/amplify_video/1749579627864236032/pl/ Frame 8526 		471 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/amplify_video/1749579627864236032/pl/_vur-PU7KiW1EsHV.m3u8?tag=14&container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.693f03f36e383b5840b8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F766) /
Resource Hash
002c9cb94200a758b60701ed89604582ad5c046dbee0d4afd157266570b6ea1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112377
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
281
x-response-time
12
surrogate-key
amplify_video amplify_video/bucket/5 amplify_video/1749579627864236032
last-modified
Mon, 22 Jan 2024 23:45:43 GMT
server
ECAcc (ska/F766)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
x-transaction-id
4257eef4a6a3bf45
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
ea73427ac1ec50134095010fdbd9e229b5e6c0c48b1d6010fafed29ee41e5707
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
DU4Ia4aBx5rSTHRD.jpg
pbs.twimg.com/amplify_video_thumb/1749579627864236032/img/ Frame 8526 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/amplify_video_thumb/1749579627864236032/img/DU4Ia4aBx5rSTHRD.jpg
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F71E) /
Resource Hash
575d4cc1d4429643e00bc74ca53d3ec0d9e1d919d31083569f7646046c9f1be4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
112376
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
31135
x-response-time
220
surrogate-key
amplify_video_thumb amplify_video_thumb/bucket/5 amplify_video_thumb/1749579627864236032
last-modified
Mon, 22 Jan 2024 23:45:43 GMT
server
ECS (ska/F71E)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
c47556243bbe545c
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
bc36a58738c6780fba9a32470f8e8666f0375331dda69e63392fbe4b03eec1f5
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
6
m.stripe.com/ Frame 7878 		156 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.50.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-50-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b3383a1b9c7b10806480b2b85ba1f14f75eca6987b148cb56ce7e1fee081f57f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079671212398
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1706079671212150
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame 7878 		156 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.50.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-50-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b3383a1b9c7b10806480b2b85ba1f14f75eca6987b148cb56ce7e1fee081f57f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079671262967
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1706079671262707
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
embeds
syndication.twitter.com/i/jot/ Frame 7B01 		43 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1706079671089%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22RebelNewsOnline%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222423e1d6feef8%3A1696717678980%22%2C%22item_ids%22%3A%5B%221749548156617146559%22%5D%2C%22item_details%22%3A%7B%221749548156617146559%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1584.5%7D
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
105
date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=631138519
last-modified
Wed, 24 Jan 2024 07:01:11 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
b43c322deef575ea
cache-control
must-revalidate, max-age=600
perf
7469935968
x-connection-hash
17fe8512d2a6f1336a6f3d4c98499dfaae5785e67c78033d83e5e904f96ee0f3
content-length
43
6
m.stripe.com/ Frame 9FD9 		156 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.50.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-50-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b334c85509659a37d32f46e3ae55b0c278269ff50776d2f5e7d12f813b50f463
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079671313319
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1706079671312783
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame 9FD9 		156 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.50.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-50-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b334c85509659a37d32f46e3ae55b0c278269ff50776d2f5e7d12f813b50f463
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079671362403
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1706079671362190
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
pay
pay.google.com/gp/p/ui/ Frame A068 		1 MB
379 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d214f264ad949f218369e5b2f439cf8b4c22b6715e1a610d5ef2a9240061a359
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8wI_TG1qIrP2sGiT-kXYxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8wI_TG1qIrP2sGiT-kXYxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjqtHikmJw0ZBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEDfH9teH1rIJTNg2ww8ArH425w"
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 24 Jan 2024 07:01:11 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221483867508687341483%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221034532343%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228327067615642866561%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pay
pay.google.com/gp/p/ui/ Frame 34F0 		1 MB
379 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a49421adf8d0e901748db8efca60798bfa6ad2ed7b20ea1d0c148b64f86d1235
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-dHGIKAelAVSl8vQ8zx__DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-dHGIKAelAVSl8vQ8zx__DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjqtHikmJw0ZBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEDfH9teH1rIJfLi5MQoArqU3jw"
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 24 Jan 2024 07:01:11 GMT
truncated
/ Frame B6D6 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3d51058f6e8a424bdfccf7d242e60a927b2e8302d4b488372f81fb64ac09312

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_B... Frame A068 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriN2nznL-loDI02_dPJe4LAHmXlzg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68ec9616894234c98e9398e3b0bda72dc52b48cb4424ea70075df3248438a85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3730
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 06:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 17:53:22 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_B... Frame A068 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriN2nznL-loDI02_dPJe4LAHmXlzg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ad38fde14463f677c827b60d05e33a2f222de47a6825f96e27621621ee105cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 06:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 17:53:22 GMT
log
play.google.com/ Frame A068 		131 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 07:01:11 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:11 GMT
expires
Wed, 24 Jan 2024 07:01:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A068 		131 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 07:01:11 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:11 GMT
expires
Wed, 24 Jan 2024 07:01:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A068 		131 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 07:01:11 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:11 GMT
expires
Wed, 24 Jan 2024 07:01:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A068 		131 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 07:01:11 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:11 GMT
expires
Wed, 24 Jan 2024 07:01:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A068 		131 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 07:01:11 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:11 GMT
expires
Wed, 24 Jan 2024 07:01:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
embeds
syndication.twitter.com/i/jot/ Frame 8526 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1706079671141%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22RebelNewsOnline%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222423e1d6feef8%3A1696717678980%22%2C%22item_ids%22%3A%5B%221749579756855767453%22%5D%2C%22item_details%22%3A%7B%221749579756855767453%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1685.3000001907349%7D
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
110
date
Wed, 24 Jan 2024 07:01:10 GMT
strict-transport-security
max-age=631138519
last-modified
Wed, 24 Jan 2024 07:01:11 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
8bf2e82ee7e1e272
cache-control
must-revalidate, max-age=600
perf
7469935968
x-connection-hash
17fe8512d2a6f1336a6f3d4c98499dfaae5785e67c78033d83e5e904f96ee0f3
content-length
43
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_B... Frame 34F0 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriN2nznL-loDI02_dPJe4LAHmXlzg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68ec9616894234c98e9398e3b0bda72dc52b48cb4424ea70075df3248438a85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3730
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 06:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 17:53:22 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_B... Frame 34F0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriN2nznL-loDI02_dPJe4LAHmXlzg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ad38fde14463f677c827b60d05e33a2f222de47a6825f96e27621621ee105cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 06:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 17:53:22 GMT
log
play.google.com/ Frame 34F0 		131 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 07:01:11 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:11 GMT
expires
Wed, 24 Jan 2024 07:01:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:11 GMT
expires
Wed, 24 Jan 2024 07:01:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 34F0 		131 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 07:01:11 GMT
log
play.google.com/ Frame 34F0 		131 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 07:01:11 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:11 GMT
expires
Wed, 24 Jan 2024 07:01:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 34F0 		131 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 07:01:11 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:11 GMT
expires
Wed, 24 Jan 2024 07:01:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 34F0 		131 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 07:01:11 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:11 GMT
expires
Wed, 24 Jan 2024 07:01:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B6D6 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 00:19:37 GMT
x-content-type-options
nosniff
age
110494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 00:19:37 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame B6D6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CLxR9tbWwZaj_Ac6w1PIPsMmxuAX-hsDVdI-X3KyDD7_hHhABIKy4nSRglfrwgYwHoAH366btA8gBCakCj5s4s183sj6oAwHIA8sEqgTOAk_QQTBPrqSbU-P47xagwQHx6j6KmwLarirj6kk...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229441993142560844019%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229441993142560844019%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221034532343%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212065516069871836753%22}&andc=true
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"9441993142560844019","debug_reporting":true,"destination":"https://kroftman.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1034532343"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"12065516069871836753"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 24 Jan 2024 07:01:11 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 24 Jan 2024 07:01:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9441993142560844019","debug_reporting":true,"destination":"https://kroftman.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1034532343"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"12065516069871836753"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
log
play.google.com/ Frame A068 		131 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 07:01:11 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:11 GMT
expires
Wed, 24 Jan 2024 07:01:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
pagead2.googlesyndication.com/bg/ Frame 8281 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=188&slotname=4985954053&adk=2066471989&adf=2567848006&pi=t.ma~as.4985954053&w=750&fwrn=4&lmt=1706079668&rafmt=11&format=750x188&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668608&bpp=1&bdt=2056&idt=376&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
53268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19704
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 16:13:23 GMT
log
play.google.com/ Frame 34F0 		131 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 07:01:11 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:11 GMT
expires
Wed, 24 Jan 2024 07:01:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
b
r.stripe.com/ Frame E225 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
x-stripe-server-envoy-start-time-us
1706079671272308
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1706079671272006
access-control-allow-credentials
true
content-length
0
elements-inner-payment-request-826937446387873540409d20f5b074f5.html
js.stripe.com/v3/ Frame E93C 		820 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f5f8cbd0f5ba7a05c6caedd3b32ba05d22f2afd1be44c49bf757590ec080e9c3
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1594
cache-control
max-age=31536000
content-length
820
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:34:39 GMT
etag
"826937446387873540409d20f5b074f5"
last-modified
Tue, 23 Jan 2024 21:04:50 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
VnQbNI0nM6iD0aJbSIbMJycLwWXL2t1__twzk7bHWgKKELexjRA7_A==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 3182 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fundist-rebel-news.herokuapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 09:08:21 GMT
x-content-type-options
nosniff
age
78770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 09:08:21 GMT
b
r.stripe.com/ Frame E225 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
x-stripe-server-envoy-start-time-us
1706079671288233
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
6
x-stripe-client-envoy-start-time-us
1706079671287870
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4185 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
x-stripe-server-envoy-start-time-us
1706079671290225
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
6
x-stripe-client-envoy-start-time-us
1706079671289733
access-control-allow-credentials
true
content-length
0
elements-inner-payment-request-826937446387873540409d20f5b074f5.html
js.stripe.com/v3/ Frame F4D9 		820 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f5f8cbd0f5ba7a05c6caedd3b32ba05d22f2afd1be44c49bf757590ec080e9c3
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundist-rebel-news.herokuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1594
cache-control
max-age=31536000
content-length
820
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:34:39 GMT
etag
"826937446387873540409d20f5b074f5"
last-modified
Tue, 23 Jan 2024 21:04:50 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-cf-id
ffM-LeznH8rI82HMgLCgOxRq-ZzSiieUX8BV6nWYSjXsEaowCBNbPw==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
b
r.stripe.com/ Frame 4185 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
x-stripe-server-envoy-start-time-us
1706079671295337
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1706079671294968
access-control-allow-credentials
true
content-length
0
Ci6TDNmKUBJG3kGO.m3u8
video.twimg.com/amplify_video/1749579627864236032/pl/avc1/320x564/mp4a/32000/ Frame 8526 		2 KB
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/amplify_video/1749579627864236032/pl/avc1/320x564/mp4a/32000/Ci6TDNmKUBJG3kGO.m3u8?container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.693f03f36e383b5840b8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F6B0) /
Resource Hash
53f97f251e7ee2bff8c93ee4c091b5da1317a329b22cb9c939130a33c8521f33
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112374
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
505
x-response-time
8
surrogate-key
amplify_video amplify_video/bucket/5 amplify_video/1749579627864236032
last-modified
Mon, 22 Jan 2024 23:45:43 GMT
server
ECAcc (ska/F6B0)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
x-transaction-id
61b385c4268b8abd
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
925bd236d12b8448fe8262fadbef0edebb69da11149bcdef7761a9cd6845eec0
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
shared-04b07963a2be4592c691734b7eed0673.js
js.stripe.com/v3/fingerprinted/js/ Frame E93C 		534 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:06:16 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3359
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:03 GMT
server
Cloudfront
etag
W/"95aa681b281a5fd9fb2c047afb2affcb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
aV59_q64M3yqExtZ4Rnw0TCYr4_dyki-VlCumN6H3teTIRtFwvs2PA==
ui-shared-57ae7f3964c396f11299f2619763cf2b.js
js.stripe.com/v3/fingerprinted/js/ Frame E93C 		406 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-57ae7f3964c396f11299f2619763cf2b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
97a2cd2c3a554b54b1f41eda4ec4e6e7038240a01503c6e8203b61a3640510a3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:09:17 GMT
content-encoding
gzip
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3117
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:04 GMT
server
Cloudfront
etag
W/"74750a2b46f29b49f65512111bd8dac0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
e2IoP2QPDWWm29DOYYw-uvl5SF6u6r3trqEv8V3kKs9g5P_hg3444g==
elements-inner-payment-request-3ffc11299cc450c4bdf1d2675b9d9ac7.js
js.stripe.com/v3/fingerprinted/js/ Frame E93C 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-3ffc11299cc450c4bdf1d2675b9d9ac7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3f534a74830530483c1dd97b3689ee418a6499b5d0925aa9f009ffcfcc317fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:28:58 GMT
content-encoding
gzip
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1936
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Fri, 19 Jan 2024 21:19:48 GMT
server
Cloudfront
etag
W/"ac57b4658a09416a9b023bb26ee29cac"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
G8LTjaFxPKp00jhJxwiTSblqKxDDJw6uCe4C36Ow0A1ad7bf1Ia_rg==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame E93C 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:16:09 GMT
content-encoding
gzip
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2703
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Fri, 19 Jan 2024 21:19:38 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
ovfMNi2QHgaP8Qj2ShB60dor-N1DWiVy95Sr4fpNUOI9AJSn3fhMiA==
elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
js.stripe.com/v3/fingerprinted/css/ Frame E93C 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:53:58 GMT
content-encoding
gzip
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
434
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Fri, 19 Jan 2024 21:19:37 GMT
server
Cloudfront
etag
W/"828ee6578d45b518446bf74a1cc39038"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
saCqS2bR8QP9aYf9dowW6eoPrbGO9HZ23z5f7k0nNtCEdDaz4tYa3A==
csp-report
q.stripe.com/ Frame E93C 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079671323611
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079671323244
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame E93C 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079671323600
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079671323285
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-04b07963a2be4592c691734b7eed0673.js
js.stripe.com/v3/fingerprinted/js/ Frame F4D9 		534 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:06:16 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3359
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:03 GMT
server
Cloudfront
etag
W/"95aa681b281a5fd9fb2c047afb2affcb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
PK4dwvLI1GgQ8M45Db24zAFU9oONxGfCFflSlq4bv7GACc1THOdp0Q==
ui-shared-57ae7f3964c396f11299f2619763cf2b.js
js.stripe.com/v3/fingerprinted/js/ Frame F4D9 		406 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-57ae7f3964c396f11299f2619763cf2b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
97a2cd2c3a554b54b1f41eda4ec4e6e7038240a01503c6e8203b61a3640510a3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:09:47 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3117
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:05:04 GMT
server
Cloudfront
etag
W/"74750a2b46f29b49f65512111bd8dac0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
eCD6W3t9pvDCJ9tDIBVq3FacYww6Fbd8F4y9GD7hOuswApiFnVqGvA==
elements-inner-payment-request-3ffc11299cc450c4bdf1d2675b9d9ac7.js
js.stripe.com/v3/fingerprinted/js/ Frame F4D9 		72 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-3ffc11299cc450c4bdf1d2675b9d9ac7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3f534a74830530483c1dd97b3689ee418a6499b5d0925aa9f009ffcfcc317fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1936
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Fri, 12 Jan 2024 18:09:19 GMT
server
Cloudfront
etag
W/"ac57b4658a09416a9b023bb26ee29cac"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
PnXmnYY3JBvCN7xpw3RzCof2tGDXaSS7UXIY4lXBV7kFZkU2fNLE8Q==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame F4D9 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:20:52 GMT
content-encoding
br
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2703
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Mon, 08 Jan 2024 21:41:44 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
LCjRezXMHjsVVUotrhgNgRgXjTs7w9DfH2YWEpMa6lcxqlB5QK9Alg==
elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
js.stripe.com/v3/fingerprinted/css/ Frame F4D9 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:53:58 GMT
content-encoding
gzip
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
434
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Fri, 19 Jan 2024 21:19:37 GMT
server
Cloudfront
etag
W/"828ee6578d45b518446bf74a1cc39038"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
scDjtQwndmBrsOO4vAOz5TimiM4jYOM3RUsqTRKSNyNwR569YNXVvQ==
uoIvXHXFh81PkP0M.m4s
video.twimg.com/amplify_video/1749579627864236032/vid/avc1/0/3000/320x564/ Frame 8526 		143 KB
143 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/amplify_video/1749579627864236032/vid/avc1/0/3000/320x564/uoIvXHXFh81PkP0M.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.693f03f36e383b5840b8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F6D8) /
Resource Hash
1008286b821e38e52eea8f8b37579caa05d0cc68ae0b3c99ef773749508687d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
x-content-type-options
nosniff
age
112365
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
146403
x-response-time
17
surrogate-key
amplify_video amplify_video/bucket/5 amplify_video/1749579627864236032
last-modified
Mon, 22 Jan 2024 23:45:43 GMT
server
ECAcc (ska/F6D8)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
x-transaction-id
e49be5f539f71dd6
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
dcc8f19c835731218686dd2fc55402b6c5e4a42334022eaee0e7ae188e214c2a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229441993142560844019%22,%22debug_reporting%22:true,%22destination%22:%22https://kroftman.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221034532343%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212065516069871836753%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 24 Jan 2024 07:01:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csp-report
q.stripe.com/ Frame F4D9 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079671376635
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079671376322
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame F4D9 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.rebelnews.com
URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706079671377301
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706079671376349
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame E93C 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 07:00:54 GMT
via
1.1 b03c46754456cd1729ff37c2faafd4ec.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 21:44:00 GMT
server
Cloudfront
age
22
x-amz-cf-pop
ZRH55-P1
etag
"a1c509b5224a793d214c820498fafb8b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
9UNJqORKrm9n_L42MuzeVN6TjFUCtFAJYbO8XpHpQF249oH0OKCi-w==
i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
pagead2.googlesyndication.com/bg/ Frame FABA 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2971918791097124&output=html&h=280&slotname=8633662822&adk=3689583134&adf=706173186&pi=t.ma~as.8633662822&w=360&fwrn=4&fwrnh=100&lmt=1706079669&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706079668610&bpp=1&bdt=2059&idt=527&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x188%2C750x188%2C750x188&nras=1&correlator=8338586917157&frm=20&pv=1&ga_vid=1962594539.1706079669&ga_sid=1706079669&ga_hid=1371541683&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080533%2C31080588%2C95320892%2C95321626%2C95322163&oid=2&pvsid=507006043981804&tmod=1183851660&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
53268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19704
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 16:13:23 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame F4D9 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 07:00:54 GMT
via
1.1 b03c46754456cd1729ff37c2faafd4ec.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 21:44:00 GMT
server
Cloudfront
age
22
x-amz-cf-pop
ZRH55-P1
etag
"a1c509b5224a793d214c820498fafb8b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
PVgPuw144qFUP2KBMK0VlJ6CsCKYzwlFBEhhpYDUmAw-sZM8_Wc2tw==
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2971918791097124&plah=www.rebelnews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce12fabc832085837f9d7f86f9834d30f28c368674a34d6287c22cf7a2466ad4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12130
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-ZHKF44EVZV&gtm=45je41m0v9117528280&_p=1706079668211&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1962594539.1706079669&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1706079668&sct=1&seg=0&dl=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&dt=Threats%20against%20Avi%20continue%20to%20ESCALATE%20as%20his%20former%20gym%20is%20FIREBOMBED!%20-%20Rebel%20News&_s=2&tfd=5830
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHKF44EVZV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.rebelnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 07:01:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rebelnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
www.rebelnews.com/cdn-cgi/ 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rebelnews.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.rebelnews.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
84a66759fb4a6a78-TXL
b
r.stripe.com/ Frame 5090 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
x-stripe-server-envoy-start-time-us
1706079671467018
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1706079671466202
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4185 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
x-stripe-server-envoy-start-time-us
1706079671477916
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1706079671477275
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame E225 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
x-stripe-server-envoy-start-time-us
1706079671477679
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
6
x-stripe-client-envoy-start-time-us
1706079671477343
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame E225 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
x-stripe-server-envoy-start-time-us
1706079671482062
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1706079671481139
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame E225 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
x-stripe-server-envoy-start-time-us
1706079671482376
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1706079671481722
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame E225 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:11 GMT
x-stripe-server-envoy-start-time-us
1706079671594049
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1706079671593384
access-control-allow-credentials
true
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2971918791097124&plah=www.rebelnews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Jan 2024 07:01:11 GMT
aCQqiywoutX-_H9x.mp4
video.twimg.com/amplify_video/1749579627864236032/vid/avc1/0/0/320x564/ Frame 8526 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/amplify_video/1749579627864236032/vid/avc1/0/0/320x564/aCQqiywoutX-_H9x.mp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.693f03f36e383b5840b8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F794) /
Resource Hash
84d859cae1fe6a015852cfc1d266118efe504902ba6955472c7f0020c92acc7b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
x-content-type-options
nosniff
age
112342
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
1125
x-response-time
16
surrogate-key
amplify_video amplify_video/bucket/5 amplify_video/1749579627864236032
last-modified
Mon, 22 Jan 2024 23:45:43 GMT
server
ECAcc (ska/F794)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
x-transaction-id
402826d73e5f1af2
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
aed479f014c84bfa52a1353ba781acf7f12b17f62152ad29f2c3387d85a38646
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E97 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
40188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 19:51:23 GMT
expires
Wed, 22 Jan 2025 19:51:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F07C 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
503a76977af28b4c73a9f708c41fd52675a3c0e2837fa02fab9124fd703b1174
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K-6kEL-k7COSBS-aw2PIKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.rebelnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-K-6kEL-k7COSBS-aw2PIKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 07:01:11 GMT
expires
Wed, 24 Jan 2024 07:01:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
uoIvXHXFh81PkP0M.m4s
video.twimg.com/amplify_video/1749579627864236032/vid/avc1/0/3000/320x564/ Frame 8526 		143 KB
143 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/amplify_video/1749579627864236032/vid/avc1/0/3000/320x564/uoIvXHXFh81PkP0M.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.693f03f36e383b5840b8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F6D8) /
Resource Hash
1008286b821e38e52eea8f8b37579caa05d0cc68ae0b3c99ef773749508687d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
x-content-type-options
nosniff
age
112365
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
146403
x-response-time
17
surrogate-key
amplify_video amplify_video/bucket/5 amplify_video/1749579627864236032
last-modified
Mon, 22 Jan 2024 23:45:43 GMT
server
ECAcc (ska/F6D8)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
x-transaction-id
e49be5f539f71dd6
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
dcc8f19c835731218686dd2fc55402b6c5e4a42334022eaee0e7ae188e214c2a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
7EajNNb3XLcEvH5r.m4s
video.twimg.com/amplify_video/1749579627864236032/vid/avc1/3000/6000/320x564/ Frame 8526 		119 KB
119 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/amplify_video/1749579627864236032/vid/avc1/3000/6000/320x564/7EajNNb3XLcEvH5r.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.693f03f36e383b5840b8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F698) /
Resource Hash
5013ca7d5e877510bb5999fbc821c391f81dcfb2c74c2f54c426b56999743b75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:11 GMT
x-content-type-options
nosniff
age
112343
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
122028
x-response-time
16
surrogate-key
amplify_video amplify_video/bucket/5 amplify_video/1749579627864236032
last-modified
Mon, 22 Jan 2024 23:45:43 GMT
server
ECAcc (ska/F698)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
x-transaction-id
50966a8e762b6dda
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
52408bfeb12d488b5989cc3120fe3d6c1505f8f79c3ee84f6e48e4998f4165d7
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
sodar
pagead2.googlesyndication.com/pagead/ Frame F07C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=507006043981804&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 2E97 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:26:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
56076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 15:26:35 GMT
b
r.stripe.com/ Frame 5090 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:12 GMT
x-stripe-server-envoy-start-time-us
1706079672065218
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1706079672064807
access-control-allow-credentials
true
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 2E97 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?op1IEw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 07:01:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
b
r.stripe.com/ Frame 4185 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 07:01:12 GMT
x-stripe-server-envoy-start-time-us
1706079672314637
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1706079672313839
access-control-allow-credentials
true
content-length
0
csi
csi.gstatic.com/ Frame 1F79 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lrrfsaxz&c=4754882507159&slotId=2377441253579.5&qqid=CJe-j4W69YMDFQ03VQgdeCcLnw&umsem=0&ape=1&ple=0&met.4=vil.lrrfsbgs
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bd96eb2150f7ae7816c9ef0533313b28.js?tag=video_mra/web_raspberry_ms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2c0f:fb50:4002:802::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 07:01:12 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 620B 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-Goog-Request-Time
1706079672463
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/faWDFvv7lUc?wmode=transparent&rel=0&widget_referrer=https%3A%2F%2Fwww.rebelnews.com%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
X-YouTube-Client-Version
1.20240121.00.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtvS2lZbGNTU2dIOCi168KtBjIKCgJERRIEEgAgJg%3D%3D
X-YouTube-Ad-Signals
dt=1706079669523&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C750%2C422&vis=1&wgl=true&ca_type=image&bid=ANyPxKrs8jK8x7ahTo_-U0cTVr2SSHMXklPIHbBuB-Ezjz0VFncaliMf2nc_FN6khErE6HlTMPjFs138BMBC-a1bnat_MNFbtg

Response headers

date
Wed, 24 Jan 2024 07:01:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Wed, 24 Jan 2024 07:01:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=507006043981804&bg=!gYKlgs3NAAa8BdJLnAU7ADQBe5WfOFev2TILOYMMmQZFTqJ3G9yudsN0OZBK4NsRs8DbtdyCC_-x_YtNV0cg-4d63kaCAgAAAEJSAAAAAWgBBwoACOctgTQb5viDmQKyG_zndd2MAYwDT_gpoS5tGsysmtyYgCCkuA5ZCcwZJ65g64KymzKHsSi9XXv_uDy9fkgQ_RrLtcNhilv61lyTKuPHbgOpnz8gaHU9q3chBSRB-BXuruZeMyQHwmGIDU0h_3ZAv-ZVMIIkT_lt8rz5j-4qpOAymO0Wujesb2I3WYvmcvKZ4tdl1u0PlyiYZrsNZGGrPDD8gXFAoPqHq8MMspLzHmPyhBgo1AhreIG7ena0cGyAJ-tr_SEN5t-DkGq5W-G_HQPrVQ_KULIPI72sM823WkMcb9qJ1CFEPexmOxYjiKvMFWu9szOCDikRLQiZoWcrG1Vm_40s2Z0YkJOVxeMtM7Ua7qLLMyEHitoYELz2nHDJevo3kvRu_-trw0SpSLskYbUEG1tihe3lCVKWld0YLCyYdHMcU53iwbbwgkeRtcPFOanhL2_PFy8sEpswtg6MnL3-KcMvV1vsSh3wj_QJKbvQVvHXvvgT4M23RqPvy8IYoLpmvqQaR4Kbl5MZakhLBt1avz5HxIrGETLnL1A5CNoVlcnUl4Fuiq6Lr2qsZ-PLF5-BTxYa9hVtvTUUr6i9CAaI2NnILn_rK8YUiw1wztiAQZvvbKvSoDf7IgLQ3xSyrTvhL67gVCeUj1agaRX1ybw8UNlcDlwzoYXif-F__fVpjoC2FXofi8gQ2ljEi7mFwDZI8BTNjf5TiS-4rzTSTGvCt15hvqHa0hekDCI1RLUPcMn3kws-QODHiQLrH7kaBVHT5Bo5WGitQJmgfz6BGJVdh75paqA1b6QwWHFm1Mm-gsvtIqTmRrXhn0_4GOKSk8XZoyf3zb7gyz_I-3iIx-qMmjsSE6fe6KxZLKF51kXzDqIlsNB59nLgbqyD5kmY_W4W9uPxOkxn4tZR9UV69IK1NzeEmlH3AzE6TB05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rebelnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ Frame 729A 		176 B
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:20:37 GMT
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
2985
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
content-length
176
last-modified
Mon, 08 Jan 2024 21:41:58 GMT
server
Cloudfront
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
iil1OkAUvZ_HYgbjaHwHR5eS7Edf2Wubpwim_7atpwSpv8XF7lJ6ZA==
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ Frame 3182 		176 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:20:37 GMT
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
2986
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
content-length
176
last-modified
Mon, 08 Jan 2024 21:41:58 GMT
server
Cloudfront
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
akCmIGY2VsRyHkDrVrAmhciAjeI9_DsAKV5J2OY-gmftLkdpVduefg==
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ Frame 11A8 		176 B
678 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fundist-rebel-news.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:20:37 GMT
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
2986
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
content-length
176
last-modified
Mon, 08 Jan 2024 21:41:58 GMT
server
Cloudfront
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
k9eMv6sBJw9jmDbBRtcgOJf5C8xXtuJSXcBEXZDrE6HoZsrohH5bEw==
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-ZHKF44EVZV&gtm=45je41m0v9117528280z8831594648&_p=1706079668211&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1962594539.1706079669&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&sid=1706079668&sct=1&seg=0&dl=https%3A%2F%2Fwww.rebelnews.com%2Fthreats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed%3Futm_campaign%3Del_avifire_012424%26utm_medium%3Demail%26utm_source%3Dtherebel&dt=Threats%20against%20Avi%20continue%20to%20ESCALATE%20as%20his%20former%20gym%20is%20FIREBOMBED!%20-%20Rebel%20News&_s=3&tfd=10830
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHKF44EVZV&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.rebelnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 07:01:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rebelnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.embedly.com
URL
https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FfaWDFvv7lUc%3Fwmode%3Dtransparent%26rel%3D0&wmode=transparent&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DfaWDFvv7lUc&image=http%3A%2F%2Fi.ytimg.com%2Fvi%2FfaWDFvv7lUc%2Fhqdefault.jpg&key=e23856ccc1f011e0b5e44040d3dc5c07&type=text%2Fhtml&schema=youtube

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 undefined| Cookies object| regeneratorRuntime function| setImmediate function| clearImmediate object| webpackChunkjodit function| Payment function| InplayerPaywall number| _sf_startpt object| NB string| _auth_token_name string| _auth_token function| tweetCharacterCounter function| $j function| $ function| jQuery function| DP_jQuery_1706079668207 function| _ object| twttr function| iFrameResize object| fdMailingSlug object| fdCampaignParams object| dataLayer string| currentFundistId string| fdMailingSlugKey object| adsbygoogle function| fbAsyncInit object| GeoMap object| TinyMCERails object| tinymce number| mce-data-1hkt4bi2r object| tinyMCE object| jQuery1112008410788864689445 object| $lateral_menu_trigger object| $content_wrapper object| $navigation string| addressVariable function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| imagesLoaded object| REMODAL_GLOBALS function| ClipboardJS object| clipboard function| RNCookies object| inst object| FB object| __twttrll object| __twttr object| webpackChunkStripeJSouter function| noop function| Stripe object| __buffer object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| GooglebQhCsO object| e undefined| referrer_origin undefined| xhttp undefined| params object| __cfBeacon object| googletag function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| GoogleGcLKhOms object| google_image_requests

24 Cookies

Domain/Path Name / Value
www.rebelnews.com/ Name: _nbuild_session
Value: de650260da1dc8df4f95edcf0442387d
.www.rebelnews.com/ Name: __cf_bm
Value: K.BRSiCneI1qE_JazVQpn3prAe82csYpwN6IQCTYa1g-1706079666-1-AUARyXV/IkWhZScYvfcVpXZbGitqSNYS8KJg9BoeZv54jWBevyzpSDk2vDFQ7oLGKK90eKXlWXcKRZ9lGyNsrQg=
www.rebelnews.com/ Name: _nbuild_nocache
Value: true
www.rebelnews.com/ Name: _nbuild_token
Value: x1yHTY0qpgMrl075szoM0HGnKTQErKYK0c9fEZXJvVs%3D
.nationbuilder.com/ Name: __cf_bm
Value: tr4zDNC0yinhCP3bWU2aQcnZzsIdJ_WSE7NNc7NEjRM-1706079667-1-AduYNsnIpow3NVRdCTd1zHqltX5jiOmexMAzBrhKxmlpdSlfLNfccTk6J4DQOAocwjCFRCKU5W48IpidZqYOWwM=
www.rebelnews.com/ Name: modal_form_cookie
Value: seen
.rebelnews.com/ Name: _gcl_au
Value: 1.1.107430785.1706079669
.youtube.com/ Name: YSC
Value: 46OWAGRt9ic
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: oKiYlcSSgH8
.rebelnews.com/ Name: _ga
Value: GA1.2.1962594539.1706079669
.rebelnews.com/ Name: _gid
Value: GA1.2.1671825454.1706079669
.rebelnews.com/ Name: _gat_UA-151986661-1
Value: 1
.www.rebelnews.com/ Name: cf_clearance
Value: klLvDK8oFF464cFg3nHYHKEizRnqu_A1pmJAjbHpf4o-1706079669-1-AfRajxaeFxOW88lT2eI/Stf1mdiBgZHKoBb69M6j2IZ8NKW2t0I7AQnjLR+nlk+8md+rwbMetfGmlHFESdIcYUg=
m.stripe.com/ Name: m
Value: f12c1416-21f1-442b-9870-840a3fa8bdfc074b49
.www.rebelnews.com/ Name: __stripe_mid
Value: d431fee3-adb3-4c19-8ced-630891609478f894fb
.www.rebelnews.com/ Name: __stripe_sid
Value: d0a30f93-c05b-4718-9024-f2f80d5e45fa642da5
.rebelnews.com/ Name: __gads
Value: ID=c70aa9cd6a7cd414:T=1706079669:RT=1706079669:S=ALNI_MZnPQVrAgGXS_Nb_01YIGbQdb_HGA
.rebelnews.com/ Name: __gpi
Value: UID=00000d481471c8eb:T=1706079669:RT=1706079669:S=ALNI_MY2xKike1JlsWxiKBWb_4iErUMYMA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.rebelnews.com/ Name: __eoi
Value: ID=d102c553129d15bd:T=1706079669:RT=1706079669:S=AA-AfjaL035xL03jyPbpMv_4KPbY
.doubleclick.net/ Name: IDE
Value: AHWqTUm4hBA-EPdj6olB-wLXcSVs8VQbRs0EqvQOot1YeMf5FMVEvxrPhTV9qnAcTk0
.googleadservices.com/ Name: ar_debug
Value: 1
.rebelnews.com/ Name: _ga_ZHKF44EVZV
Value: GS1.1.1706079668.1.0.1706079671.57.0.0
.google.com/ Name: NID
Value: 511=KEINIz4JbpZuL9pnBzMo8yJTHRzWlgn2sCvMrqo9wi6jOd1-HO2jH83Ag3hAwiBtDA9Jru1To8fhKqc8KIkMwLEQ3GeRgSXhxMScevWOCMT63hBWTxPGUrZlXFq5ots035JQbuqXO58CjDK6jGBhpU-u6dMflWgIZBqRvAQa_zg

24 Console Messages

Source Level URL
Text
other warning URL: https://www.rebelnews.com/threats_against_avi_continue_to_escalate_as_his_former_gym_is_firebombed?utm_campaign=el_avifire_012424&utm_medium=email&utm_source=therebel(Line 1106)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
security error URL: https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/iframeresizer.min.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fundist-rebel-news.herokuapp.com') does not match the recipient window's origin ('https://www.rebelnews.com').
security error URL: https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/iframeresizer.min.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fundist-rebel-news.herokuapp.com') does not match the recipient window's origin ('https://www.rebelnews.com').
security error URL: https://therebel.nationbuilder.com/themes/1092/60bbc8a0c2948067eccb8a0a/0/attachments/16590333111703190695/default/iframeresizer.min.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fundist-rebel-news.herokuapp.com') does not match the recipient window's origin ('https://www.rebelnews.com').
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other warning URL: https://www.youtube.com/s/player/b31b88f2/www-widgetapi.vflset/www-widgetapi.js(Line 1254)
Message:
Unrecognized feature: 'web-share'.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs-0.twimg.com
ajax.googleapis.com
assets.inplayer.com
assets.nationbuilder.com
cdn.embedly.com
cdn.jsdelivr.net
cdn.syndication.twimg.com
connect.facebook.net
csi.gstatic.com
d3n8a8pro7vhmx.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fundist-rebel-news.herokuapp.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
pay.google.com
pbs.twimg.com
platform.twitter.com
play.google.com
q.stripe.com
r.stripe.com
rebelnewscss-1756d.kxcdn.com
region1.analytics.google.com
rr3---sn-5go7ynl6.googlevideo.com
services.inplayer.com
static.cloudflareinsights.com
static.doubleclick.net
stats.g.doubleclick.net
syndication.twitter.com
therebel.nationbuilder.com
tpc.googlesyndication.com
video.twimg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rebelnews.com
www.youtube.com
yt3.ggpht.com
cdn.embedly.com
104.16.89.50
104.244.42.136
104.244.43.131
13.224.103.77
142.250.185.130
146.75.116.157
18.165.183.38
198.137.150.201
2001:4860:4802:32::36
2600:9000:2190:4600:5:2cea:4ec0:93a1
2600:9000:25a2:d600:19:eb8b:91c0:93a1
2600:9000:25a2:f800:19:7d10:bd80:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:233:1ab3:789:1032:20e3:21
2606:4700:7::a29f:802d
2606:4700:7::a29f:8a2c
2606:4700::6810:3865
2606:4700::6810:5814
2606:4700::6812:bcf
2a00:1450:4001:802::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:811::200e
2a00:1450:4001:813::2006
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2016
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9b
2a00:1450:400f:2::8
2a00:1450:4013:c00::5c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a0b:4d07:102::1
2c0f:fb50:4002:802::2003
3.216.88.24
44.239.50.116
54.187.119.242
002c9cb94200a758b60701ed89604582ad5c046dbee0d4afd157266570b6ea1b
02b7de9efcebe992b6dc36ec18ddc07187481e6cc845b0259cbf7723ce40d583
0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0
0366197940c089239ccf24a538c6570ecb13718d1b2b30aa21edd6b609ad1a03
05477efeffa3078c94f16781df9496a38fdc402737e6a3ebc5337fccd6561bc3
061b76e05c3fc7f4a7c2dfc5e6799ab02a435990d0d3c1359140699fe59ea1e9
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0a7dff9464425212bb2e58ba741cb4ed312280a7202aeae38d3469e2f917cb57
0c9c5a2740605aa903c3cd60b821ebeb3da1d6c7815b7b098c8440df58097310
0e4af6e233457507fd1acf1acca6aa2d70281c1e73fdf7f257d17eeb3f8f0712
1008286b821e38e52eea8f8b37579caa05d0cc68ae0b3c99ef773749508687d7
1044caa1178bd6d7aa1cd3d7da31070cd443b4c3e78d6055867520c0e56114b5
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
14cc7fca3d03e0749d878e1e44fa525aaa7f251f7363c757df59ae957701b6c7
15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1816fd7a1782e9aa79243318eb8a02554df96f69a3ef42845f342e9155044570
1ba23a346d2a7c9137be731cc0ad89bf2aec41e14f26a902ebf637266380372a
1c009f307e70e03237797c7e3bbcc29fb1e683086cd36fe298cecdd8457921cf
1c56ffc47b4761b0396058aa73916486a33095af06bba5e72072ae332483dc7f
1dc3828575a6159a21cbc657c52d9fff8c7459043998f611bede58901c3c8a4c
1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
23ea1280ba337b7b71663bb790a6c56866cc600f5f59175c879c3193589a4363
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
265763bfcb13cf0fd010fc6eb315c6992f4f3e817642c2aa906e0cb940bee7ee
28225419d47ffa2f642919d8861a121c9266ccb312a5065a8c9b30afebebc402
2ab92d766741cdfbc632ff508d53663cd028bf566acde70ffe47ce89aed1bcef
2b892d116167915ffae9a964454a6b179e58a4be94c893d40deb859ce84dea8a
2bb57745ba47c60e3b9d83a09cf4df3bbf2f7f43ffe175caabd5a745bccb5d66
2d7e2e06bb155de66ce32619ad487dffdd7abeb587a70e35a5136a4769dba447
2d8ca61d985732f0d5453cc95e7b47b1624111c59a7c22d5526815021cd2786b
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3113bf467de4971f85467af36358ce6000e13b77b4e8991a8a0e746a07eb73f2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
370c49c5ba241c54b36196c644394dd9f91554a875ab4dbfae6549ca7088dee3
37442f83b7b4a4b95f0bf937cc8a545b218593f4d37f9176ab91374ba36894f3
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3ad38fde14463f677c827b60d05e33a2f222de47a6825f96e27621621ee105cd
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f534a74830530483c1dd97b3689ee418a6499b5d0925aa9f009ffcfcc317fe7
4189dccc89eb1f7fa6ccc197236db245095fdfc9ba7e7a74bfacde7057377898
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42fa6c755c6427833572147096b10125f7dd9f965e0bbc45763625e08f80f016
43f5b1d077a57956241f2ad28530c8f8e7c6a4c8db69c342942ac2eca8c44a70
446bff0a39a71a6c57e3b5bf67d2e59e4e63f051178235e0c1e102cc5418d4ec
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45e0dc24777f9a72a69a05c0430712ea5fb6e1b984faf764955cd516419db9b8
461d7aa8fc681417fd386a23b2554b9826473375ba536cbe089ee653f8d63544
4994cb03158c7f362f375ee70bbdac9dffc6d02dbe979a9f1069dbf6e353e925
4b21c0985d94cf821da229867458987c0fe2693913bdb09820fd8a91df488c88
4dfda583d0aad93d493f4eb9f7623c2746149a36ef4f92e8eeca47dd54cd1030
5013ca7d5e877510bb5999fbc821c391f81dcfb2c74c2f54c426b56999743b75
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
503a76977af28b4c73a9f708c41fd52675a3c0e2837fa02fab9124fd703b1174
53ba6e49ea8e838495e817f4a8f410a426f8083bfe560ea623823985b1a005cc
53f97f251e7ee2bff8c93ee4c091b5da1317a329b22cb9c939130a33c8521f33
54e0bff3b45c5a11d6cbc7173c2bc1f95ed306d1dc968edd966ce6747c2ab6a8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575d4cc1d4429643e00bc74ca53d3ec0d9e1d919d31083569f7646046c9f1be4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
5c6d6f4189840f0557ce4381b89f4d30b7a2b9e22f3414b99cfe8abf1c95bb80
5cf1106a7417e52c66f83b87be422a6be738327d91bca5b3556a912f36bd3bd0
5ed681717a4679f291aa6076a88951cc5dea77f2e85ad52009f35c9eca5662e0
5f059ec8de7342dcd0e41020f77e06ba9980beb9637a1986a1c23249815d42ca
5f3ca08629dbf4b97858143154de2a7b48c4c671d6849b56aa592033a2546cf3
5fc8ee00cc47368f6fdf6519a5df026aae2aac44b3c3cb79012027af13c1b17e
6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0
614f47e5c39ec4c2423f03d9085aa3f774ce7cca803d075ed7da4541df527fb9
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
64538376e8856edd3e56379eff18fc2755cea3d3e8ae91157b7910f29f43ca02
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
666ea8fccc6357315c19049cba0ee7b821e5898d5b0d7d2273c03196e664cef8
67a45fd51e0333b4d50c4921b425342d8735eb1a7520f3959e4843e88391bd5f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
689abbd8adccbeb19847bec888f2cbd0bd0a8ee88f2b5b03f5e35ff1994507c3
68ec9616894234c98e9398e3b0bda72dc52b48cb4424ea70075df3248438a85a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b986cc934432b19f05b4a2f0d0f5fbeb96cf698b545465df15cf53c35ecd196
6d1277d8482793c394edbed0d48ac11633bdcc5fbca78a5e817ac6701d590153
6d9d74c9bceaecbefdb49582c4b7e16f6373d34f0b8e6b3e33c64f15c3bff0bf
6e8e36bbeaed676fc3e6a551525846901b2447fc80b5afcf0d7b3845161bc386
6f62ddc67ea2d9a9991bddee58ee42040505399538ed6b4c74425857d7f8098a
6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a
701435a4a151abdaf824a3e7fabf7d79b169332d06116c08e95356ce5e6c9976
703cc28e737acb7f534f81cbb649d9e790cbb000bc38c67417b19a1f3e3998fa
707a1a975187add7b8616566b4d452eeb7cd95dea257a8adb569e7b8e913851d
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
750b740cf3d6feb3e22d428027094fd0fc10899748f9616271b124cc1b7136d4
76078a009a1a15ee461954a0c72262344e59f0a6106e44fcc0e5adc6d4fc9801
7963049570fe07bdf6ca7fdb174d3ab1996cc09f6cbd7f9505294d8b4a4e94b0
7a2a885ced31775688b02c8e38311884e2894c8d4b65aa5d23d7c7b879a371b4
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7c39b484830fe9d9a4ab6386523a55932b2798d53eda0256828c1c7019f30db5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7efc6dbf61e3a649be3ecd808ac8cb71dbb1c51b9ed6c092a5f7f1cd88bc1788
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
829ad3ed0c2f892e7df84989078dd4246fc0a5f1a179439e6314462465dbb2f6
84d859cae1fe6a015852cfc1d266118efe504902ba6955472c7f0020c92acc7b
892c8b84e09c970fc1a60018f0d4f3ae76d632c5ce4ad037776bab839ea80db1
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
8ae564acdae2fc6ba5260123cbde9eaf28d1d2b18e47b6d063c956db466accfa
8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5
8bd66f5176f2a635feea425701d5a82db31276dc37c02e128c2df0843c95646b
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
8d1082b9b0eb476a372e4dc55b29047cbb87dc4516f0338a0d8de9030578e67d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
96474b95032a99edec516e38c3ca03232373e014102ab0876b01673294273c44
97a2cd2c3a554b54b1f41eda4ec4e6e7038240a01503c6e8203b61a3640510a3
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9a81a7b1903abc239f57bd156158c43f764aa26e0ca148b06fe097a25b709674
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9d1e4b05acf8581095a48181a460dfa234834603c80a4a3a5ef75f5c62db9ac8
9f8a32eb3c1d6bfd89189d8b25f75c3365e45760f8d10de20f16f26e9da727db
9fd703e836a5c337b7d201803a8a3f62f1d83e709f14bc5660bf1d8828f1e896
a01583bb1046d42e54d2ddf18e6659d54025b7db0a792464dba2a2572e23c696
a1484ae6d648f01abe1d853560463121e874a3649f05a1fcd67bebd2642d6444
a1d69dc2fbc3f9cd2ad73d96d5dbb68ae8058a15fdcfbf9a8244d50042b712a9
a293e1e62926607a91fac1e70be95cff6b357be1162f8425a4ed1aba339e186d
a3bf5a9163eb1c331f64d20e488214038bd46dc06f486c912fab6d7de8eca98c
a44e537eb0dfe0dfdb3a7ab134b25790c6f99e33436bf603e879598ec164a9fd
a49421adf8d0e901748db8efca60798bfa6ad2ed7b20ea1d0c148b64f86d1235
a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
aa85fc3c9a3ef2d7f169a93d93e00457905dbc08c7dfc1bfa162672e5b020d66
aabc37e6197d7a0afa907a7772bab33faa29080f7b82be074385abee7424c0ea
aadbdfb11bdf9239bd44b5a55849d6147d088c6e5ea3fb5d1a1775f6a93772bc
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad2b369a9fad37f4d0c2bd23746d9c4b8be3cbba24baf781f25a853246875fe3
adb0b68a61c32480585085ef7fe5e2618fb67179a24a572d947808fabadecd0a
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d
b05603811f4c9d049d6ce2f97c69c8cfe2a6a17c2b07f7e9b910387b6850f121
b0738f6af798c2dd78ada1779be0b1f57cd151ef746e38c2849cebd53b839dcf
b13ac5db06aaef364bbea670ddcd08f23abd89018ced6134df333c0b35251afc
b1bcd36950e0cd2e7c1d94806420176e3a46a5e59685b23bb5f52e0bf1bd0c62
b2bd2a54b7031d15ccb1697d33ca0c30c4697dbf8e95c51e23c844849b968722
b334c85509659a37d32f46e3ae55b0c278269ff50776d2f5e7d12f813b50f463
b3383a1b9c7b10806480b2b85ba1f14f75eca6987b148cb56ce7e1fee081f57f
b46d3024a6c36b8cd64ac80c86cc0ab15d5302944b0e09c0919889395579338f
b50ca410d6ac5611af69438f071ab9b9e3881d0d5d134fb6dec83a0bf06d57ac
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59
b69b2b518d3258291f9becb70aca2b7a801086634a0f39f58d0dce95693242d1
b786b631cd69b49183d7f0e4e93f662e35b370621c42f0aa0294f010bcec9c93
b891794d1d6d5c58c744ec2bb2ca47684d75ca6ec8c63b7b34be1886f7e19906
b9cca2c30baac21c67aef5c0d78e527453340d961f61d2b06ec2f1e9e5b089c6
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ba80e3d77b488c783448e05881d3be16230d9250150a4c421f393cbe45d4874d
bc4a90e5c0f890d1f8668b26236db8f1d35448714f9812270008613d7b0ad0d2
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bd9ae164dc4de3ecbaa6c266a7b5a1304ec350b7184aff3d64e4b585ce5bfe14
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c21ea2a0ec1a9c48686c58d481b308e247fa9f747d2208099ce598ef823e555c
c2d17f5c65a7fbd197b7a65357ac82be1a4ff51b2932b32fd233152158bca307
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4d07513670eaa456a8c421f89b78eda11dcecbd5d49456a1e60774f3ef491c0
c5186b33b7596f083f6058572e841e98736d2f897a77d7d4609d9b179361e89c
c72cc5ebd8b6f66c563d9a227d32c57739ce4078bbedb38875714d6e5771c5fb
c77966b5f9c6df1ce9dbc18844c96a5dc38bdef5553ab72b367221c13e7e07f5
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
cad8491124a34a04a98cc1ccabdd735e6e8cf35c753b73afc1765ce4723fdd49
cb79cc0b38c8a65eaf64497af2c70b4f8e8c4a762ad5e485d2ce4d7329e835e9
cc07f69d82c00d9082e4e99922c044d64c9fd735cb017997b04caa1c0a6a98b9
ce12fabc832085837f9d7f86f9834d30f28c368674a34d6287c22cf7a2466ad4
cfe1c4260e681755d3c436f57618b097e7a46b613eb4841033db619970949c50
d0a280e23c0dbdd7ae4b610f0a74fb0a7259d58ddadccc2ddef2e590f1325d3d
d10ec638d45edb0823a651e7e99f3eb3f6b1e394a5cca3bf8a714f72ab6fb1e4
d214f264ad949f218369e5b2f439cf8b4c22b6715e1a610d5ef2a9240061a359
d22de5a473d4ea8e47cf768771d3a1e2b168d51e30e85bed45f1a5e12a6be98c
d455980edce2584f189cdb5ca018b9378d064b9583634e9c282a30f8ee9bd9db
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5ce1cf2856f51afcb0c617dd6beb4f32d4082636e514c02ae2544e0574fa5ac
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d821142be15916ca24d5c5257de8c518b37021e70b346af8e96cbd3aac5a1971
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
d8a873c290cf089d77847a47f22ffe849cbd52c14b168ce5b01d56bc85192ab6
d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
dd59c3bc5375338336d621772a3e26ecf1f58c7253cc5e3dcf802047173a84b0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de683c3bdf10d8bb3f97ee1da27198798aabf857379b757e9469da1da7d7522a
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d51058f6e8a424bdfccf7d242e60a927b2e8302d4b488372f81fb64ac09312
e62d57e6fabd03514be731093543778965e7e5f0157c096f90a9d556e4761dda
e6ad57dbb9c27b931ee3223079900e8f4eb3084d40abef8ed435019473453244
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e7bf03e458ec6f6bf423c86be020695d379a7621d21dbf50287e5dd568bb7e71
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
edc1342cec96d9dec7efa725ae435393a179c868db59ada576668dc41594cc5c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7192bf2c6dbef1bb27d2673a22610dfdbf6b9322e4b9aa45009c207d7b7699
efef889adaef80d21e620d06956618a3f355c23961901039c0aae1d8893bda99
f329de7a50dd262538e00de72fa4c07206e6f3b308dd0e107b8d3a045e4df011
f456f13db428283ed31e3ee83aeda8ddefe8bf16cc0ed4ec863367e602dc1a18
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f584e3b30b74471dbad77fc4d0e56a1c116eb29288fc35fa2509950ca1a1e47f
f5f8cbd0f5ba7a05c6caedd3b32ba05d22f2afd1be44c49bf757590ec080e9c3
fcfee70144904fd3988afe1169ffc8d774b0a6366d7cd9dc214dbee02d8a41cd