thevesen.ch Open in urlscan Pro
2a03:4000:61:199f::17:3461  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response thevesen.ch/	5 KB 2 KB	190ms 44ms	Document text/html	2a03:4000:61:199f::17:3461 NETCUP-AS netcup ...
General Check archive.org Show headers Download Go to Full URL https://thevesen.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:4000:61:199f::17:3461 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE), Reverse DNS Software nginx / Resource Hash 61fcb73f130e85aa9075abbb2a656fba0e7bf8800268934fcc83c146b2ae6fa7 Request headers Referer https://www.google.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers content-encoding br content-type text/html date Fri, 20 Sep 2024 02:19:34 GMT etag W/"663bd26e-122b" last-modified Wed, 08 May 2024 19:28:46 GMT server nginx vary Accept-Encoding
GET H2	200	index.css thevesen.ch/	886 B 683 B	40ms 39ms	Stylesheet text/css	2a03:4000:61:199f::17:3461 NETCUP-AS netcup ...
General Check archive.org Show headers Download Go to Full URL https://thevesen.ch/index.css Requested by Host: thevesen.ch URL: https://thevesen.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:4000:61:199f::17:3461 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE), Reverse DNS Software nginx / Resource Hash 5ab2a295cc648b70842570552a4c4885aef620bcb347688c8c60e87cb0605cfa Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers content-encoding gzip etag "376-5efb7bad3cca7-gzip" x-accel-version 0.01 accept-ranges bytes content-length 494 date Fri, 20 Sep 2024 02:19:34 GMT content-type text/css last-modified Tue, 13 Dec 2022 16:01:16 GMT server nginx vary Accept-Encoding
GET H2	200	getEmail.js Show response thevesen.ch/js/	186 B 338 B	40ms 39ms	Script application/javascript	2a03:4000:61:199f::17:3461 NETCUP-AS netcup ...
General Check archive.org Show headers Download Go to Full URL https://thevesen.ch/js/getEmail.js Requested by Host: thevesen.ch URL: https://thevesen.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:4000:61:199f::17:3461 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE), Reverse DNS Software nginx / Resource Hash 8cbea922a0ec5319d3cd2dd884947b74e77289b01e8f623d7bb77645cc6310cd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers content-encoding gzip etag "ba-5ecf8e8dcaac0-gzip" x-accel-version 0.01 accept-ranges bytes content-length 140 date Fri, 20 Sep 2024 02:19:34 GMT content-type application/javascript last-modified Tue, 08 Nov 2022 17:31:26 GMT server nginx vary Accept-Encoding
GET H2	200	/ Show response rumble.com/embedJS/uvva00.v2ovt2v/	21 KB 9 KB	585ms 476ms	Script application/javascript	205.220.231.24 PATH-NETWORK
General Check archive.org Show headers Download Go to Full URL https://rumble.com/embedJS/uvva00.v2ovt2v/?url=https%3A%2F%2Fthevesen.ch%2F&args=%5B%22play%22%2C%7B%22video%22%3A%22v2ovt2v%22%2C%22div%22%3A%22rumble_v2ovt2v%22%7D%5D Requested by Host: thevesen.ch URL: https://thevesen.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 205.220.231.24 Phoenix, United States, ASN396998 (PATH-NETWORK, US), Reverse DNS Software openresty / Resource Hash e7ad1a894db89246f8901bed96ec318fae6d0c2336ba2a496116b1f258ed584b Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers strict-transport-security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains link <https://rumble.com/v2rh8g7-dr.-marco-caimi-das-schlimmste-an-der-zensur-ist-die-zensur-hoch2.tv.html>; rel="canonical" cache-control private,max-age=1 content-encoding br date Fri, 20 Sep 2024 02:19:35 GMT content-type application/javascript;charset=utf-8 vary Accept-Encoding server openresty
GET H2	200	2018de5a-83c3-4ced-8671-19f2a5346615 gegenstimme.tv/videos/embed/ Frame 2D3F	0 0	107ms 27ms	Document text/html	185.203.41.167 MARBELL
General Check archive.org Show headers Download Go to Full URL https://gegenstimme.tv/videos/embed/2018de5a-83c3-4ced-8671-19f2a5346615?title=0&warningTitle=0&peertubeLink=0 Requested by Host: thevesen.ch URL: https://thevesen.ch/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.203.41.167 , Switzerland, ASN210602 (MARBELL, CH), Reverse DNS Software nginx/1.14.2 / Resource Hash Request headers Referer https://thevesen.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-origin * cache-control public, max-age=0 content-encoding gzip content-type text/html; charset=utf-8 date Fri, 20 Sep 2024 02:19:34 GMT etag W/"29cc-/kFqYgSAyBI850fhjX3sm+gtXLg" server nginx/1.14.2 tk N vary Accept-Encoding x-ratelimit-limit 500 x-ratelimit-remaining 499 x-ratelimit-reset 1726798785
GET H2	200	ui.r2.js Show response rumble.com/j/p/	97 KB 36 KB	47ms 47ms	Script application/javascript	205.220.231.24 PATH-NETWORK
General Check archive.org Show headers Download Go to Full URL https://rumble.com/j/p/ui.r2.js?_v=571 Requested by Host: rumble.com URL: https://rumble.com/embedJS/uvva00.v2ovt2v/?url=https%3A%2F%2Fthevesen.ch%2F&args=%5B%22play%22%2C%7B%22video%22%3A%22v2ovt2v%22%2C%22div%22%3A%22rumble_v2ovt2v%22%7D%5D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 205.220.231.24 Phoenix, United States, ASN396998 (PATH-NETWORK, US), Reverse DNS Software openresty / Resource Hash 5539b176025a022afdff38ec174599d1935e5d23ae15d7bba65ca0d2829d5fb9 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers strict-transport-security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains cache-control public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000 content-encoding br etag W/"66ec85ac-185dd" date Fri, 20 Sep 2024 02:19:35 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding, Accept-Encoding server openresty last-modified Thu, 19 Sep 2024 20:12:28 GMT
GET H2	200	hGy9j.qR4e-small-Dr.-Marco-Caimi-Das-Schlimm.jpg 1a-1791.com/s/s8/1/h/G/y/9/	218 KB 219 KB	1877ms 1565ms	Image image/jpeg	207.5.199.198 RUMBLE
General Check archive.org Show headers Download Go to Show image Full URL https://1a-1791.com/s/s8/1/h/G/y/9/hGy9j.qR4e-small-Dr.-Marco-Caimi-Das-Schlimm.jpg Requested by Host: rumble.com URL: https://rumble.com/embedJS/uvva00.v2ovt2v/?url=https%3A%2F%2Fthevesen.ch%2F&args=%5B%22play%22%2C%7B%22video%22%3A%22v2ovt2v%22%2C%22div%22%3A%22rumble_v2ovt2v%22%7D%5D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.5.199.198 , Canada, ASN399647 (RUMBLE, US), Reverse DNS 207-5-199-198.rumble.cloud Software / Resource Hash 0f7a912897b1dc653906c1c67f2e7445eedcc5a1a6da154406960305559852bc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers cache-control max-age=5184000 etag "39e7228292aee6c96cd0a07f00f41ac0" accept-ranges bytes access-control-allow-origin * content-length 223312 date Fri, 20 Sep 2024 02:19:36 GMT content-type image/jpeg last-modified Thu, 01 Jun 2023 23:04:05 GMT
GET H2	200	/ Show response rumble.com/embedJS/u4/	2 KB 1 KB	691ms 600ms	XHR application/json	205.220.231.24 PATH-NETWORK
General Check archive.org Show headers Download Go to Full URL https://rumble.com/embedJS/u4/?request=video&ver=2&v=v4qgiz8&ext=%7B%22ad_count%22%3Anull%7D&ad_wt=0 Requested by Host: rumble.com URL: https://rumble.com/embedJS/uvva00.v2ovt2v/?url=https%3A%2F%2Fthevesen.ch%2F&args=%5B%22play%22%2C%7B%22video%22%3A%22v2ovt2v%22%2C%22div%22%3A%22rumble_v2ovt2v%22%7D%5D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 205.220.231.24 Phoenix, United States, ASN396998 (PATH-NETWORK, US), Reverse DNS Software openresty / Resource Hash d9e30b77a111f6ed3a79f8c873159bda7cf8ba7553139e4ce6de107032bfeb6e Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers strict-transport-security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains link <https://rumble.com/v4sydl2-jan-van-helsing-im-interview-mit-daniel-prinz-der-endkampf-hat-begonnen.html>; rel="canonical" access-control-max-age 600 cache-control private,max-age=1 content-encoding br access-control-allow-credentials true access-control-allow-origin https://thevesen.ch date Fri, 20 Sep 2024 02:19:35 GMT content-type application/json; charset=utf-8 vary Accept-Encoding, origin server openresty
GET H2	200	/ Show response rumble.com/embedJS/u4/	3 KB 1 KB	807ms 720ms	XHR application/json	205.220.231.24 PATH-NETWORK
General Check archive.org Show headers Download Go to Full URL https://rumble.com/embedJS/u4/?request=video&ver=2&v=v2b9q1k&ext=%7B%22ad_count%22%3Anull%7D&ad_wt=0 Requested by Host: rumble.com URL: https://rumble.com/embedJS/uvva00.v2ovt2v/?url=https%3A%2F%2Fthevesen.ch%2F&args=%5B%22play%22%2C%7B%22video%22%3A%22v2ovt2v%22%2C%22div%22%3A%22rumble_v2ovt2v%22%7D%5D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 205.220.231.24 Phoenix, United States, ASN396998 (PATH-NETWORK, US), Reverse DNS Software openresty / Resource Hash f9e0bcccfd64a9f2eea2485560aed2d46ac3fbe7db9bdfb07d4e472dace54376 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers strict-transport-security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains link <https://rumble.com/v2dv5nu-zensur-auf-youtube-die-soziopathen-zittern-grenzenlos-leben-435b.html>; rel="canonical" access-control-max-age 600 cache-control private,max-age=1 content-encoding br access-control-allow-credentials true access-control-allow-origin https://thevesen.ch date Fri, 20 Sep 2024 02:19:35 GMT content-type application/json; charset=utf-8 vary Accept-Encoding, origin server openresty
GET H2	206	hGy9j.caa.mp4 1a-1791.com/video/s8/2/h/G/y/9/	451 KB 0	1471ms 1195ms	Media video/mp4	207.5.199.198 RUMBLE
General Check archive.org Show headers Download Go to Full URL https://1a-1791.com/video/s8/2/h/G/y/9/hGy9j.caa.mp4?u=4&b=0 Requested by Host: thevesen.ch URL: https://thevesen.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.5.199.198 , Canada, ASN399647 (RUMBLE, US), Reverse DNS 207-5-199-198.rumble.cloud Software / Resource Hash Request headers Referer https://thevesen.ch/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Range bytes=0- Response headers cache-control max-age=5184000 etag "f8749bdad9c8c69f47d6c7d4def94893" Content-Range bytes 0-45230301/45230302 access-control-allow-origin * Content-Length 45230302 date Fri, 20 Sep 2024 02:19:36 GMT content-type video/mp4 last-modified Thu, 01 Jun 2023 23:06:44 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	422 KB 145 KB	117ms 35ms	Script text/javascript	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: rumble.com URL: https://rumble.com/embedJS/uvva00.v2ovt2v/?url=https%3A%2F%2Fthevesen.ch%2F&args=%5B%22play%22%2C%7B%22video%22%3A%22v2ovt2v%22%2C%22div%22%3A%22rumble_v2ovt2v%22%7D%5D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd620a4c8eb6e2635f0a7dfffa81c68e87e7cdee9bb4ee267578da7c2b2bda9e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers cache-control private, max-age=900, stale-while-revalidate=3600 content-encoding gzip cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} x-content-type-options nosniff expires Fri, 20 Sep 2024 02:19:35 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 147746 date Fri, 20 Sep 2024 02:19:35 GMT x-xss-protection 0 content-type text/javascript vary Accept-Encoding server sffe
POST H2	200	view...2ovt2v.1iifay rumble.com/l/	35 B 240 B	508ms 508ms	Ping image/gif	205.220.231.24 PATH-NETWORK
General Check archive.org Show headers Download Go to Full URL https://rumble.com/l/view...2ovt2v.1iifay?p=2.3&r=135649387&ref=https%3A%2F%2Fthevesen.ch%2F&gt=2 Requested by Host: rumble.com URL: https://rumble.com/j/p/ui.r2.js?_v=571 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 205.220.231.24 Phoenix, United States, ASN396998 (PATH-NETWORK, US), Reverse DNS Software openresty / Resource Hash 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers strict-transport-security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains access-control-allow-origin * date Fri, 20 Sep 2024 02:19:35 GMT pragma no-cache content-type image/gif log-code 3 server openresty
GET H2	206	hGy9j.Faa.mp4 1a-1791.com/video/s8/2/h/G/y/9/	103 KB 0	577ms 427ms	Media video/mp4	207.5.199.198 RUMBLE
General Check archive.org Show headers Download Go to Full URL https://1a-1791.com/video/s8/2/h/G/y/9/hGy9j.Faa.mp4 Requested by Host: thevesen.ch URL: https://thevesen.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.5.199.198 , Canada, ASN399647 (RUMBLE, US), Reverse DNS 207-5-199-198.rumble.cloud Software / Resource Hash Request headers Referer https://thevesen.ch/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Range bytes=0- Response headers cache-control max-age=5184000 etag "2dedaffb321f4277ce267b975eb08f60" Content-Range bytes 0-535228/535229 access-control-allow-origin * Content-Length 535229 date Fri, 20 Sep 2024 02:19:35 GMT content-type video/mp4 last-modified Thu, 01 Jun 2023 23:05:54 GMT
GET H3	200	ima_ppub_config Show response securepubads.g.doubleclick.net/pagead/	18 B 40 B	106ms 33ms	XHR application/json	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fthevesen.ch%2F Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash fb4ce9bca5bdc15e76e3f7ad190a83bca6a0b499257acc7281c31231697da075 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 20 Sep 2024 02:19:35 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 16 date Fri, 20 Sep 2024 02:19:35 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	bridge3.667.0_en.html imasdk.googleapis.com/js/core/ Frame 94B9	0 0	92ms 26ms	Document text/html	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.667.0_en.html?gdpr=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://thevesen.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 98116 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 258070 content-type text/html cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin date Wed, 18 Sep 2024 23:04:19 GMT expires Thu, 18 Sep 2025 23:04:19 GMT last-modified Wed, 18 Sep 2024 15:31:51 GMT report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	client.js Show response s0.2mdn.net/instream/video/	44 KB 17 KB	137ms 36ms	Script text/javascript	2a00:1450:4001:802::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers cache-control private, max-age=900 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} x-content-type-options nosniff expires Fri, 20 Sep 2024 02:19:35 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" content-length 16746 date Fri, 20 Sep 2024 02:19:35 GMT x-xss-protection 0 content-type text/javascript vary Accept-Encoding server sffe
POST H2	200	a..4.1hjnhz.2ovt2v..fi.hldey8 rumble.com/l/	35 B 240 B	416ms 416ms	Ping image/gif	205.220.231.24 PATH-NETWORK
General Check archive.org Show headers Download Go to Full URL https://rumble.com/l/a..4.1hjnhz.2ovt2v..fi.hldey8?p=2.3&r=135649387&ref=https%3A%2F%2Fthevesen.ch%2F&t=6&a=0&art=0&atype=0&et=457&gt=2 Requested by Host: rumble.com URL: https://rumble.com/j/p/ui.r2.js?_v=571 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 205.220.231.24 Phoenix, United States, ASN396998 (PATH-NETWORK, US), Reverse DNS Software openresty / Resource Hash 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers strict-transport-security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains access-control-allow-origin * date Fri, 20 Sep 2024 02:19:35 GMT pragma no-cache content-type image/gif log-code 3 server openresty
POST H2	200	a..4.1hjnhz.2ovt2v..fi.hldey8 rumble.com/l/	35 B 240 B	495ms 495ms	Ping image/gif	205.220.231.24 PATH-NETWORK
General Check archive.org Show headers Download Go to Full URL https://rumble.com/l/a..4.1hjnhz.2ovt2v..fi.hldey8?p=2.3&r=135649387&ref=https%3A%2F%2Fthevesen.ch%2F&t=5&a=0&art=0&atype=0&et=459&gt=2 Requested by Host: rumble.com URL: https://rumble.com/j/p/ui.r2.js?_v=571 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 205.220.231.24 Phoenix, United States, ASN396998 (PATH-NETWORK, US), Reverse DNS Software openresty / Resource Hash 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers strict-transport-security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains access-control-allow-origin * date Fri, 20 Sep 2024 02:19:36 GMT pragma no-cache content-type image/gif log-code 3 server openresty
GET H2	200	bridge3.667.0_en.html imasdk.googleapis.com/js/core/ Frame 3E42	0 0	19ms 19ms	Document text/html	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.667.0_en.html?gdpr=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://thevesen.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 98116 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 258070 content-type text/html cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin date Wed, 18 Sep 2024 23:04:19 GMT expires Thu, 18 Sep 2025 23:04:19 GMT last-modified Wed, 18 Sep 2024 15:31:51 GMT report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	bridge3.667.0_en.html imasdk.googleapis.com/js/core/ Frame 6155	0 0	0ms 0ms	Document text/html	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.667.0_en.html?gdpr=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://thevesen.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 98116 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 258070 content-type text/html cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin date Wed, 18 Sep 2024 23:04:19 GMT expires Thu, 18 Sep 2025 23:04:19 GMT last-modified Wed, 18 Sep 2024 15:31:51 GMT report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4A44	40 KB 14 KB	81ms 25ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software sffe / Resource Hash 5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip age 624 report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} x-content-type-options nosniff expires Fri, 20 Sep 2024 03:09:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Sep 2024 02:09:11 GMT last-modified Thu, 11 Apr 2024 19:10:13 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=3600 cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy accept-ranges bytes content-length 13943 x-xss-protection 0 server sffe
GET H3	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 566E	40 KB 0	78ms 78ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software sffe / Resource Hash 5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip age 624 report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} x-content-type-options nosniff expires Fri, 20 Sep 2024 03:09:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Sep 2024 02:09:11 GMT last-modified Thu, 11 Apr 2024 19:10:13 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=3600 cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy accept-ranges bytes content-length 13943 x-xss-protection 0 server sffe
GET H3	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4092	40 KB 0	78ms 78ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software sffe / Resource Hash 5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip age 624 report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} x-content-type-options nosniff expires Fri, 20 Sep 2024 03:09:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Sep 2024 02:09:11 GMT last-modified Thu, 11 Apr 2024 19:10:13 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=3600 cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy accept-ranges bytes content-length 13943 x-xss-protection 0 server sffe
GET H2	200	gvkur.qR4e.jpg 1a-1791.com/s/fw/s8/6/g/v/k/u/	61 KB 61 KB	651ms 650ms	Image image/jpeg	207.5.199.198 RUMBLE
General Check archive.org Show headers Download Go to Show image Full URL https://1a-1791.com/s/fw/s8/6/g/v/k/u/gvkur.qR4e.jpg Requested by Host: rumble.com URL: https://rumble.com/embedJS/uvva00.v2ovt2v/?url=https%3A%2F%2Fthevesen.ch%2F&args=%5B%22play%22%2C%7B%22video%22%3A%22v2ovt2v%22%2C%22div%22%3A%22rumble_v2ovt2v%22%7D%5D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.5.199.198 , Canada, ASN399647 (RUMBLE, US), Reverse DNS 207-5-199-198.rumble.cloud Software / Resource Hash 9fb1a32ddb863e201c8895c1b006a7e870ba3b958d26f3a473cc687f638cb66f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers cache-control max-age=5184000 etag "d257e6b9f6051a8b672e8aaf40ac7a6f" accept-ranges bytes access-control-allow-origin * content-length 62314 date Fri, 20 Sep 2024 02:19:36 GMT x-rgw-object-type Normal content-type image/jpeg last-modified Fri, 03 May 2024 02:51:32 GMT
POST H2	200	view...4qgiz8.1wg2k1d rumble.com/l/	35 B 240 B	417ms 417ms	Ping image/gif	205.220.231.24 PATH-NETWORK
General Check archive.org Show headers Download Go to Full URL https://rumble.com/l/view...4qgiz8.1wg2k1d?p=2.3&r=135649387&ref=https%3A%2F%2Fthevesen.ch%2F&gt=2 Requested by Host: rumble.com URL: https://rumble.com/j/p/ui.r2.js?_v=571 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 205.220.231.24 Phoenix, United States, ASN396998 (PATH-NETWORK, US), Reverse DNS Software openresty / Resource Hash 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers strict-transport-security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains access-control-allow-origin * date Fri, 20 Sep 2024 02:19:36 GMT pragma no-cache content-type image/gif log-code 3 server openresty
POST H2	200	a..4.17uku9.4qgiz8..fi.msxwih rumble.com/l/	35 B 240 B	482ms 482ms	Ping image/gif	205.220.231.24 PATH-NETWORK
General Check archive.org Show headers Download Go to Full URL https://rumble.com/l/a..4.17uku9.4qgiz8..fi.msxwih?p=2.3&r=135649387&ref=https%3A%2F%2Fthevesen.ch%2F&t=5&a=0&art=0&atype=0&et=710&gt=2 Requested by Host: rumble.com URL: https://rumble.com/j/p/ui.r2.js?_v=571 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 205.220.231.24 Phoenix, United States, ASN396998 (PATH-NETWORK, US), Reverse DNS Software openresty / Resource Hash 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers strict-transport-security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains access-control-allow-origin * date Fri, 20 Sep 2024 02:19:36 GMT pragma no-cache content-type image/gif log-code 3 server openresty
GET H2	206	gvkur.caa.mp4 1a-1791.com/video/fw/s8/2/g/v/k/u/	2 MB 0	558ms 557ms	Media video/mp4	207.5.199.198 RUMBLE
General Check archive.org Show headers Download Go to Full URL https://1a-1791.com/video/fw/s8/2/g/v/k/u/gvkur.caa.mp4?u=4&b=0 Requested by Host: thevesen.ch URL: https://thevesen.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.5.199.198 , Canada, ASN399647 (RUMBLE, US), Reverse DNS 207-5-199-198.rumble.cloud Software / Resource Hash Request headers Referer https://thevesen.ch/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Range bytes=0- Response headers cache-control max-age=5184000 etag "e641126c4563ed84063985025e25eb0e-46" Content-Range bytes 0-239325830/239325831 access-control-allow-origin * Content-Length 239325831 date Fri, 20 Sep 2024 02:19:36 GMT x-rgw-object-type Normal content-type video/mp4 last-modified Fri, 03 May 2024 03:20:25 GMT
GET H2	206	gvkur.Faa.mp4 1a-1791.com/video/fw/s8/2/g/v/k/u/	96 KB 0	645ms 645ms	Media video/mp4	207.5.199.198 RUMBLE
General Check archive.org Show headers Download Go to Full URL https://1a-1791.com/video/fw/s8/2/g/v/k/u/gvkur.Faa.mp4 Requested by Host: thevesen.ch URL: https://thevesen.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.5.199.198 , Canada, ASN399647 (RUMBLE, US), Reverse DNS 207-5-199-198.rumble.cloud Software / Resource Hash Request headers Referer https://thevesen.ch/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Range bytes=0- Response headers cache-control max-age=5184000 etag "408e0dd3b0f7d53aefabc058454f4be2" Content-Range bytes 0-3191509/3191510 access-control-allow-origin * Content-Length 3191510 date Fri, 20 Sep 2024 02:19:36 GMT x-rgw-object-type Normal content-type video/mp4 last-modified Fri, 03 May 2024 02:53:12 GMT
GET H2	200	QnkMi.qR4e.jpg 1a-1791.com/s/s8/6/Q/n/k/M/	82 KB 82 KB	1055ms 1055ms	Image image/jpeg	207.5.199.198 RUMBLE
General Check archive.org Show headers Download Go to Show image Full URL https://1a-1791.com/s/s8/6/Q/n/k/M/QnkMi.qR4e.jpg Requested by Host: rumble.com URL: https://rumble.com/embedJS/uvva00.v2ovt2v/?url=https%3A%2F%2Fthevesen.ch%2F&args=%5B%22play%22%2C%7B%22video%22%3A%22v2ovt2v%22%2C%22div%22%3A%22rumble_v2ovt2v%22%7D%5D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.5.199.198 , Canada, ASN399647 (RUMBLE, US), Reverse DNS 207-5-199-198.rumble.cloud Software / Resource Hash 301b91ba97fe684355ec8beea80811dd0293efba38b423ab63702fb84cfc7f24 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers cache-control max-age=5184000 etag "70bac3b4b538fc1fadd7dda6eb709ff1" accept-ranges bytes access-control-allow-origin * content-length 83512 date Fri, 20 Sep 2024 02:19:36 GMT content-type image/jpeg last-modified Sun, 19 Mar 2023 19:09:04 GMT
POST H2	200	view...2b9q1k.13lx31r rumble.com/l/	35 B 240 B	448ms 447ms	Ping image/gif	205.220.231.24 PATH-NETWORK
General Check archive.org Show headers Download Go to Full URL https://rumble.com/l/view...2b9q1k.13lx31r?p=2.3&r=135649387&ref=https%3A%2F%2Fthevesen.ch%2F&gt=2 Requested by Host: rumble.com URL: https://rumble.com/j/p/ui.r2.js?_v=571 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 205.220.231.24 Phoenix, United States, ASN396998 (PATH-NETWORK, US), Reverse DNS Software openresty / Resource Hash 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers strict-transport-security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains access-control-allow-origin * date Fri, 20 Sep 2024 02:19:36 GMT pragma no-cache content-type image/gif log-code 3 server openresty
POST H2	200	a..4.91t2j.2b9q1k..fi.1vz663o rumble.com/l/	35 B 240 B	496ms 496ms	Ping image/gif	205.220.231.24 PATH-NETWORK
General Check archive.org Show headers Download Go to Full URL https://rumble.com/l/a..4.91t2j.2b9q1k..fi.1vz663o?p=2.3&r=135649387&ref=https%3A%2F%2Fthevesen.ch%2F&t=5&a=0&art=0&atype=0&et=828&gt=2 Requested by Host: rumble.com URL: https://rumble.com/j/p/ui.r2.js?_v=571 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 205.220.231.24 Phoenix, United States, ASN396998 (PATH-NETWORK, US), Reverse DNS Software openresty / Resource Hash 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thevesen.ch/ Response headers strict-transport-security max-age=31536000;includeSubDomains;preload, max-age=31536000; includeSubDomains access-control-allow-origin * date Fri, 20 Sep 2024 02:19:36 GMT pragma no-cache content-type image/gif log-code 3 server openresty
GET		QnkMi.caa.mp4 1a-1791.com/video/s8/2/Q/n/k/M/	0 0
GET H2	206	QnkMi.Faa.mp4 1a-1791.com/video/s8/2/Q/n/k/M/	96 KB 0	526ms 526ms	Media video/mp4	207.5.199.198 RUMBLE
General Check archive.org Show headers Download Go to Full URL https://1a-1791.com/video/s8/2/Q/n/k/M/QnkMi.Faa.mp4 Requested by Host: thevesen.ch URL: https://thevesen.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.5.199.198 , Canada, ASN399647 (RUMBLE, US), Reverse DNS 207-5-199-198.rumble.cloud Software / Resource Hash Request headers Referer https://thevesen.ch/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Range bytes=0- Response headers cache-control max-age=5184000 etag "9f1acdd79277b55c318962efc092d143" Content-Range bytes 0-855284/855285 access-control-allow-origin * Content-Length 855285 date Fri, 20 Sep 2024 02:19:36 GMT content-type video/mp4 last-modified Sun, 19 Mar 2023 19:05:45 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

1a-1791.com

URL

https://1a-1791.com/video/s8/2/Q/n/k/M/QnkMi.caa.mp4?u=4&b=0

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 string| _Rumble function| Rumble string| prefix string| domain function| RumbleErrorHandler object| dataLayer object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| ggeac object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| google_tag_data object| closure_lm_161775 object| closure_lm_586240

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a-1791.com
gegenstimme.tv
imasdk.googleapis.com
pagead2.googlesyndication.com
rumble.com
s0.2mdn.net
securepubads.g.doubleclick.net
thevesen.ch
1a-1791.com
142.250.185.130
142.250.186.66
185.203.41.167
205.220.231.24
207.5.199.198
2a00:1450:4001:802::2006
2a00:1450:4001:830::200a
2a03:4000:61:199f::17:3461
0f7a912897b1dc653906c1c67f2e7445eedcc5a1a6da154406960305559852bc
301b91ba97fe684355ec8beea80811dd0293efba38b423ab63702fb84cfc7f24
5539b176025a022afdff38ec174599d1935e5d23ae15d7bba65ca0d2829d5fb9
5ab2a295cc648b70842570552a4c4885aef620bcb347688c8c60e87cb0605cfa
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
61fcb73f130e85aa9075abbb2a656fba0e7bf8800268934fcc83c146b2ae6fa7
8cbea922a0ec5319d3cd2dd884947b74e77289b01e8f623d7bb77645cc6310cd
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9fb1a32ddb863e201c8895c1b006a7e870ba3b958d26f3a473cc687f638cb66f
cd620a4c8eb6e2635f0a7dfffa81c68e87e7cdee9bb4ee267578da7c2b2bda9e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d9e30b77a111f6ed3a79f8c873159bda7cf8ba7553139e4ce6de107032bfeb6e
e7ad1a894db89246f8901bed96ec318fae6d0c2336ba2a496116b1f258ed584b
f9e0bcccfd64a9f2eea2485560aed2d46ac3fbe7db9bdfb07d4e472dace54376
fb4ce9bca5bdc15e76e3f7ad190a83bca6a0b499257acc7281c31231697da075