beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4a8a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://beforeitsnews.com/
Submission: On November 16 via api (November 16th 2022, 7:17:33 pm UTC) from US — Scanned from DE

Summary HTTP 264 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 46 IPs in 7 countries across 30 domains to perform 264 HTTP transactions. The main IP is 2606:4700:10::6816:4a8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com. The Cisco Umbrella rank of the primary domain is 173214.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2022. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
46	2606:4700:10:... 2606:4700:10::6816:4a8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.189.41 13.224.189.41	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
15	2606:4700:1::... 2606:4700:1::6813:844e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
13	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
12	104.18.255.14 104.18.255.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2400:52e0:1e0... 2400:52e0:1e00::601:1	200325 (BUNNYCDN) (BUNNYCDN)
3	162.241.30.109 162.241.30.109	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:21f... 2600:9000:21f3:9400:18:9413:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:e6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.78.13 13.225.78.13	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
25	18.66.97.97 18.66.97.97	16509 (AMAZON-02) (AMAZON-02)
2	35.190.30.115 35.190.30.115	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
21	2600:9000:20e... 2600:9000:20eb:1a00:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e4:... 2606:4700:e4::ac40:af1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9040	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4b59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
3	2001:41d0:701... 2001:41d0:701:1000::2fb3	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	172.98.59.51 172.98.59.51	399647 (RUMBLE) (RUMBLE)
19	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
264	46

46 2606:4700:10::6816:4a8a (United States)

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-41.fra2.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:1::6813:844e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

borirait.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.255.14 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:52e0:1e00::601:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.241.30.109 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5924.bluehost.com

www.ournewearthnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

thewashingtonstandard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a3 (United States)

ASN13335 (CLOUDFLARENET, US)

gellerreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:9400:18:9413:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:e6e (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-13.fra2.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 18.66.97.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-97.fra56.r.cloudfront.net

static.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.30.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.30.190.35.bc.googleusercontent.com

customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:af1c (United States)

ASN13335 (CLOUDFLARENET, US)

img.rtbsystem.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9040 (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b59 (United States)

ASN13335 (CLOUDFLARENET, US)

eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:41d0:701:1000::2fb3 (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.98.59.51 (Canada)

ASN399647 (RUMBLE, CA)

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	tradingview.com s3.tradingview.com — Cisco Umbrella Rank: 17759 s.tradingview.com — Cisco Umbrella Rank: 23169 static.tradingview.com — Cisco Umbrella Rank: 16481 s3-symbol-logo.tradingview.com — Cisco Umbrella Rank: 17245	246 KB
48	beforeitsnews.com beforeitsnews.com — Cisco Umbrella Rank: 173214 img.beforeitsnews.com — Cisco Umbrella Rank: 364716 ajax.beforeitsnews.com — Cisco Umbrella Rank: 212257 a1.beforeitsnews.com — Cisco Umbrella Rank: 349088	892 KB
19	youtube.com www.youtube.com — Cisco Umbrella Rank: 94	2 MB
17	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8149 c.mgid.com — Cisco Umbrella Rank: 5819 cdn.mgid.com — Cisco Umbrella Rank: 10764 servicer.mgid.com — Cisco Umbrella Rank: 8339 s-img.mgid.com — Cisco Umbrella Rank: 4757 cm.mgid.com — Cisco Umbrella Rank: 1253	276 KB
13	rmbl.ws sp.rmbl.ws — Cisco Umbrella Rank: 25688	469 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	138 KB
13	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 www.googleapis.com — Cisco Umbrella Rank: 34 translate.googleapis.com — Cisco Umbrella Rank: 858 jnn-pa.googleapis.com — Cisco Umbrella Rank: 261	143 KB
12	imgflip.com i.imgflip.com — Cisco Umbrella Rank: 27656	868 KB
11	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 static.doubleclick.net — Cisco Umbrella Rank: 309	40 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	59 KB
7	eu-1-id5-sync.com eu-1-id5-sync.com — Cisco Umbrella Rank: 1130 lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1158 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1326	19 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 translate.google.com — Cisco Umbrella Rank: 1251	55 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3175 onesignal.com — Cisco Umbrella Rank: 1205	83 KB
5	bitchute.com static-3.bitchute.com — Cisco Umbrella Rank: 97265	143 KB
3	rumble.com rumble.com — Cisco Umbrella Rank: 17568	35 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 479	2 KB
3	customads.co cdn2.customads.co — Cisco Umbrella Rank: 159888 customads.co — Cisco Umbrella Rank: 121470	6 KB
3	ournewearthnews.com www.ournewearthnews.com — Cisco Umbrella Rank: 413023	328 KB
3	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 115	80 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	2 KB
2	rtbsystem.org img.rtbsystem.org — Cisco Umbrella Rank: 22423	262 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5922	564 B
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 113971	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	87 KB
1	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 15856	609 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	49 KB
1	w.org s.w.org — Cisco Umbrella Rank: 916	579 B
1	gellerreport.com gellerreport.com — Cisco Umbrella Rank: 637161	321 KB
1	thewashingtonstandard.com thewashingtonstandard.com — Cisco Umbrella Rank: 844801	59 KB
1	borirait.site borirait.site — Cisco Umbrella Rank: 340099	41 KB
264	30

	Domain	Requested by
30	beforeitsnews.com	beforeitsnews.com
25	static.tradingview.com	s.tradingview.com static.tradingview.com
21	s3-symbol-logo.tradingview.com	s.tradingview.com
19	www.youtube.com	beforeitsnews.com www.youtube.com
16	img.beforeitsnews.com	beforeitsnews.com
13	sp.rmbl.ws	beforeitsnews.com rumble.com
12	i.imgflip.com	beforeitsnews.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com beforeitsnews.com s.tradingview.com rumble.com
8	jnn-pa.googleapis.com	www.youtube.com
7	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com www.youtube.com
6	www.gstatic.com	translate.googleapis.com www.youtube.com www.gstatic.com
6	jsc.mgid.com	beforeitsnews.com jsc.mgid.com
5	www.google.com	beforeitsnews.com www.youtube.com
5	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com www.youtube.com
5	static-3.bitchute.com	beforeitsnews.com
4	stats.g.doubleclick.net	www.google-analytics.com customads.co
3	rumble.com	beforeitsnews.com rumble.com
3	onesignal.com	cdn.onesignal.com
3	translate.googleapis.com	translate.googleapis.com
3	id5-sync.com	eu-1-id5-sync.com
3	lbs.eu-1-id5-sync.com	eu-1-id5-sync.com
3	lb.eu-1-id5-sync.com	eu-1-id5-sync.com
3	servicer.mgid.com	jsc.mgid.com
3	www.ournewearthnews.com	beforeitsnews.com
3	i.ytimg.com	beforeitsnews.com www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	cdn.onesignal.com	beforeitsnews.com cdn.onesignal.com
2	cm.mgid.com	jsc.mgid.com
2	img.rtbsystem.org	beforeitsnews.com
2	s-img.mgid.com	beforeitsnews.com
2	cdn.mgid.com	beforeitsnews.com
2	www.google.de	beforeitsnews.com
2	c.mgid.com	jsc.mgid.com
2	customads.co	cdn2.customads.co
2	rddywd.com	beforeitsnews.com
2	www.googletagmanager.com	beforeitsnews.com static.tradingview.com
1	a1.beforeitsnews.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	eu-1-id5-sync.com	jsc.mgid.com
1	cl.imghosts.com	beforeitsnews.com
1	s.tradingview.com	s3.tradingview.com
1	ajax.beforeitsnews.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	cdn2.customads.co	beforeitsnews.com
1	s.w.org	beforeitsnews.com
1	gellerreport.com	beforeitsnews.com
1	thewashingtonstandard.com	beforeitsnews.com
1	borirait.site	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
264	52

This site contains links to these domains. Also see Links.

Domain
www.herbanomics.com
www.tradingview.com
a59ba2ylcpx-e69v29-cr56yff.hop.clickbank.net
tinyurl.com
45e17j16kkfe4m0q1mehy00xck.hop.clickbank.net
mitocopper.com
4ae3c3vmlbxdr90eis3pnlfla4.hop.clickbank.net
69b3d4-ogey4faauklimid7y6d.hop.clickbank.net
3b7d7s3fml0cpg51en5xn5u-xz.hop.clickbank.net
forum.beforeitsnews.com
www.youtube.com
23b56uuehf-0jf6vgywrl0u60q.hop.clickbank.net
widgets.mgid.com
www.mgid.com
clck.mgid.com
bf1a23-noo74m3ccpr8eh39vdh.hop.clickbank.net
www.braintuner.com
www.fincabayano.net
50793w5dgd62df1ilj6fw-3zc1.hop.clickbank.net
hondrofrost
prostatitisrelief
dr.derm
telegram.org
t.me
8940ee6bchggao3arjqfty4m5p.hop.clickbank.net
74c2bjx6bnpd7ydf6qp0wh4r1y.hop.clickbank.net
c206dt1hkf52hb9pfn3hobak55.hop.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-14` - `2023-05-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.tradingview.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sp.rmbl.ws R3	`2022-09-29` - `2022-12-28`	3 months	crt.sh
static-3.bitchute.com R3	`2022-10-20` - `2023-01-18`	3 months	crt.sh
ournewearthnews.indianinthemachine.com R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2021-11-24` - `2022-12-25`	a year	crt.sh
*.customads.co Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
tradingview.com Amazon	`2022-04-09` - `2023-05-08`	a year	crt.sh
static.tradingview.com Amazon	`2022-06-23` - `2023-07-22`	a year	crt.sh
customads.co GTS CA 1D4	`2022-10-22` - `2023-01-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.eu-1-id5-sync.com E1	`2022-11-04` - `2023-02-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.rumble.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-12` - `2023-12-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: C2F5E0F727E519429092A5C20227AEAA
Requests: 148 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2022101619
Frame ID: BCEA788FA2BA704BB4D7239FA8DD1AAB
Requests: 4 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: A5FCEBDB7CCA7C64273A7FC04B7676B5
Requests: 50 HTTP requests in this frame

Frame: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 215C92E0327102AA2379651A81EDFDD8
Requests: 2 HTTP requests in this frame

Frame: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: AC10017080076861E6840DC269289177
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 71D45DCA66A99496D326E64BA338BBF0
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1668626245683786798070
Frame ID: 50C1ED107FBC9AC45A2D321AC0199510
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 16B0E62883D9E45B31F34344807C2994
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: F91987BCA91C42D09C5465EAC2C0AA3D
Requests: 1 HTTP requests in this frame

Frame: https://rumble.com/embed/v1s8xr2/?pub=hw409
Frame ID: F5F2D72F632FF7EDE9D02E8953510D3B
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/YqCruUbpsk4
Frame ID: 8377E858BA25B75C4163ADCD24264EA9
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dJ4tNuyxM54
Frame ID: CBDB721141753ABB971D2987A871D5ED
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before It's News | People Powered News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

264
Requests

96 %
HTTPS

75 %
IPv6

30
Domains

52
Subdomains

46
IPs

7
Countries

6921 kB
Transfer

18466 kB
Size

13
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Ticker Tape

Search URL Search Domain Scan URL

URL: https://a59ba2ylcpx-e69v29-cr56yff.hop.clickbank.net/?tid=BINRTL103122
Title: Quickly Say Goodbye to Most Aches and Pains... and Experience Pain–Free DAYS With No Side Effects. Clinically Proven!

Search URL Search Domain Scan URL

URL: https://tinyurl.com/3tbazevr
Title: Top Scientists Finally Reveal The True Reason Why You're Struggling To Lose Weight

Search URL Search Domain Scan URL

URL: https://45e17j16kkfe4m0q1mehy00xck.hop.clickbank.net/?tid=BINRB81422

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/hnex-hydronano-extracellular-water/

Search URL Search Domain Scan URL

URL: https://4ae3c3vmlbxdr90eis3pnlfla4.hop.clickbank.net/?tid=BINRTL103122
Title: President Donald J. Trump Collectible Pocket Watch - Up To 80% Off!

Search URL Search Domain Scan URL

URL: https://69b3d4-ogey4faauklimid7y6d.hop.clickbank.net/?tid=WATERFS_BIN_EMAIL
Title: Try This New Invention and You'll Never Run Out of Clean Drinking Water Again! (VIDEO)

Search URL Search Domain Scan URL

URL: https://3b7d7s3fml0cpg51en5xn5u-xz.hop.clickbank.net/?tid=BINRTL1121320
Title: US Nuclear Target Map. Do You Live in The Danger Zone?

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://23b56uuehf-0jf6vgywrl0u60q.hop.clickbank.net/?tid=BINPTL11722

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720413

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/d/10961461/i/22984/pp/1/1?h=FyGyl1LEgQtuCH0vkWDUU91SBkgCDOpdp11-oV-W3FTmNivCouaJpuy1ePCKH1G4NuvifHGGo1PNOnhzMOcDkQ**&rid=4dc5c9e0-65e3-11ed-b948-e43d1a2a53a0&u=qdcslSX3TxFX1JDukbtaMvQzXvUU1Wl2QMrsKl20vO2EiLVVL05OkzYCmXyvlkfpjNTf9tZEFfuiEdPGUwWxVFimLgYVPrEBO4fAJkLfQ4iulI0Yk2KurJiANuB2JhVPZHBVO2CNiHNNwyX67NhpswY6Hu9gSk0wb1a-zD8eOWfzGleAsrBtYAY48xwkg03R2rQ8oIepEAfLTSt-m9g0wzY_c4DxDbGf6tIgpmaBj94W26nf0ghrd5OHvh6A2iwUXIhoftqPbdXAsP9iu9VtjWNmK7DK1lTT_Dm6aP0daqY-fD0Lol7Inaqirrzm5YFp&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1&gdprApplies=1&st=60&mp4=1

Search URL Search Domain Scan URL

URL: https://bf1a23-noo74m3ccpr8eh39vdh.hop.clickbank.net/?tid=BINRTL103122
Title: 126 Superfoods That You Can Store Without Refrigeration for Years

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/products/humic-fulvic-liquid-trace-mineral-complex

Search URL Search Domain Scan URL

URL: https://50793w5dgd62df1ilj6fw-3zc1.hop.clickbank.net/?tid=BINRTL21129
Title: Have You Been Struggling With Obesity But Can’t Figure Out Why? You MUST Watch This Now!

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://hondrofrost/Arzt_Wenn_Ihre_Gelenke_Knie_oder_Ihr_R%C3%BCckenschmerzen%E2%80%93probiere

Search URL Search Domain Scan URL

URL: https://prostatitisrelief/Prostatitis_verschwindet_in_2_N%C3%A4chten_Das_Rezept_aufschreiben

Search URL Search Domain Scan URL

URL: https://dr.derm/Ein_Tropfen_dieses_Mittels_wird_Psoriasis_f%C3%BCr_immer_zerst%C3%B6ren

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/d/10961461/i/30754/pp/4/1?h=FyGyl1LEgQtuCH0vkWDUUwIsu7XfiwzQLcQucR_5uLYBxfNF56-d_Gt759IGFZJbqfrd8-e_MYO9iEvZu96U3A**&rid=4dc7dab4-65e3-11ed-b948-e43d1a2a53a0&u=9YxAkCXJ8nznJSvjVHNYDaCOgKYsY2ubw0vH_hZuFJjHbMeqVme-W584WZkw68u8-d8tGdBVn4OprZ8spiLnu4hSImZ08vZH3dzOTyHz5jOHfNnkUurumSQC9VVT606r_NSUI01DHYlPfyT2eQzYKXVlL0zRij-SPnZ1iduYfZ_3gOE7zl0o9ICg-KbZbBfLnQlkgFe5ZJ90FqfxriOfNq0EXx3WDR7FNJyT-k3D7jKf0jMHEKjemAGE6iWLUh5apmrCW_IH0m8KEE9xO6Dw6zYpxM5SvoFjuHMWovm5m27W9cNm5lhVi4giQwAJSr5Dh6Wysc6bi6bdNR4IqZwxtw**&tt=Direct&att=3&gbpp=1&abd=1&iv=10&ct=1&gdprApplies=1&st=60&mp4=1

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/
Title: Protection Against Toxic EMF Damage - Smart Meter Covers

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://8940ee6bchggao3arjqfty4m5p.hop.clickbank.net/?tid=BINRTL81422
Title: Ancient Japanese Discovery Melts 54 LBS Of Fat. Hint: Drink Daily Before 10:00 AM

Search URL Search Domain Scan URL

URL: https://74c2bjx6bnpd7ydf6qp0wh4r1y.hop.clickbank.net/?tid=BINRTL82622
Title: New Easy-to-Take Exotic Gummy Melts 54 Pounds of Fat

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720415

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/d/10961461/i/23605/pp/1/1?h=FyGyl1LEgQtuCH0vkWDUU-VdYRfR0JLOTEu9RVYW1z3mNivCouaJpuy1ePCKH1G401pnRTx_Mv7jLZY3gAsw3g**&rid=4dc5de7b-65e3-11ed-be3c-e43d1a2a04aa&u=qdcslSX3TxFX1JDukbtaMvQzXvUU1Wl2QMrsKl20vO2EiLVVL05OkzYCmXyvlkfpjNTf9tZEFfuiEdPGUwWxVEHpy5HTNZg4oL-ripHxcUeulI0Yk2KurJiANuB2JhVPZHBVO2CNiHNNwyX67Nhps85VScpVKZ2GgklP8uebCy7h2PAjVL4CPrWRhIazNxvc4C6PbNt0xzP-RFebkGR_4bArDE1n4Lndx8pnHKMbVpSuxwVRYb0qi-IPQ3RrhTxAXIhoftqPbdXAsP9iu9VtjWNmK7DK1lTT_Dm6aP0daqY-fD0Lol7Inaqirrzm5YFp&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1&gdprApplies=1&st=60&mp4=1

Search URL Search Domain Scan URL

URL: https://t.me/herbonomics
Title: The Last Place You Want to Go, in This Age of Pandemics, Is the Hospital/Medical Clinic/Doctors Office - Follow Us on TELEGRAM

Search URL Search Domain Scan URL

URL: https://c206dt1hkf52hb9pfn3hobak55.hop.clickbank.net/?tid=BINRTL32021
Title: New Fat-Burning Formula Melts Off Fat While Enjoying The Best Sleep Of Your Life - Click Here For Details

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 227

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 229

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

264 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
beforeitsnews.com/ 124 KB
25 KB 1120ms
1025ms Document
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4c1cfd49525b993c72341eb720cae9046d2648afeec441cdda258e8d9078d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-allow-origin: *
access-control-max-age: 3628800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 76b29103b814bc03-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 16 Nov 2022 19:17:24 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 d0TEFA1ti-Js6iM74ltdqi389Jg.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 59ms
57ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/d0TEFA1ti-Js6iM74ltdqi389Jg.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d01eee8af54b3ea2049757a2f70dee96fa85fcc3e701a7ba0d4c5bd2fcd91e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
x-amz-version-id: X3HmeONKJ9H2z.qUWNLSZloFfmqkAw0k
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: 7S71N28W84ZZH96A
age: 12657588
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: gPIa5L1h5UAnU7MjBjM9sn9356j08KtaAmGydkaTW49tt9+0rgEyJ6cF1+dm0ON6EnUCE1Aeph0=
last-modified: Sun, 12 Jun 2022 05:41:00 GMT
server: cloudflare
etag: W/"7291ca9c7b46eeb160385263b9721596"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76b2910a58c0bc03-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 136ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

968223d9a08ecd504af62126c91de12e96fe95e2a3c00853d9b1a268dd6af653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 19:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 19:08:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 19:17:24 GMT

GET
H2 200 global-bin-rev-20221007.css
beforeitsnews.com/static/css-v3/ 16 KB
4 KB 85ms
83ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a194ace54f5bfe33571be8873a85b98bfa9f7e7b7e9afc9e6fd9a354b23dd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 858167
cf-polished: origSize=16027
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-3e9b"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76b2910a58c6bc03-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 13 Nov 2022 20:37:28 GMT

GET
H2 200 fancybox-bin-rev-20221007.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 83ms
81ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20221007.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 858167
cf-polished: origSize=8029
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-1f5d"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76b2910a58c9bc03-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 13 Nov 2022 20:37:28 GMT

GET
H2 200 home-bin-rev-20221007.css
beforeitsnews.com/static/css-v3/ 29 KB
7 KB 71ms
69ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20221007.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 858167
cf-polished: origSize=29354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-72aa"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76b2910a58cdbc03-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 31 Oct 2022 11:31:26 GMT

GET
H2 200 responsive-bin-rev-20221007.css
beforeitsnews.com/static/css-v3/ 20 KB
4 KB 76ms
74ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20221007.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ee5811c76d7723bfd84473090c1a356eaaf8e383d33dfc592275a375c9197fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 858167
cf-polished: origSize=21003
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-520b"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76b2910a58cebc03-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 13 Nov 2022 20:37:28 GMT

GET
H2 200 web-responsive-bin-rev-20221007.css
beforeitsnews.com/static/css-v3/ 371 B
216 B 121ms
120ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/web-responsive-bin-rev-20221007.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 858167
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-173"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76b2910a58cfbc03-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 13 Nov 2022 20:37:28 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
57 KB 88ms
87ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 2054822
cf-polished: origSize=149701
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
cf-bgj: minify
server: cloudflare
etag: W/"5fe55cb3-248c5"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76b2910a58d1bc03-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 12 Oct 2022 08:11:56 GMT

GET
H2 200 global-bin-rev-20221007.js Show response
beforeitsnews.com/static/js-v3/ 12 KB
4 KB 85ms
84ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20221007.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 858140
cf-polished: origSize=12613
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:42 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be2-3145"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76b2910a58d2bc03-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 13 Nov 2022 20:37:25 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 103ms
85ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1633259
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-8ab"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910b5b6fbc03-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 19 Oct 2023 17:12:42 GMT

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 143ms
41ms Script
text/javascript 13.224.189.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4705df9f16a57401d59569ddb4032a6c352b5352353475f891e4c2673e4d21fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 10:24:14 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified: Wed, 16 Nov 2022 10:24:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 31991
etag: "d42d13a91df4e0d75ec097b71ad3f741"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 10929
x-amz-cf-id: RvJgBPNNVGJDaN4-vJwYo_srmFQrBqqKIhGNlXmv849RLvaAcUqnxw==

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 108ms
90ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 3213040
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-95e7"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910b5b72bc03-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Oct 2023 03:01:57 GMT

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
504 B 98ms
80ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 5432229
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-5f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910b5b70bc03-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 09 Sep 2023 11:03:15 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/wvPgNXVOK0c/ 13 KB
13 KB 141ms
44ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/wvPgNXVOK0c/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69a0489a60c82a0f0663129a9f8fcec60db8919bc6e8b5119b035ee28a7b08c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:18:10 GMT
x-content-type-options: nosniff
age: 7154
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13217
x-xss-protection: 0
server: sffe
etag: "1598768369"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 16 Nov 2022 19:18:10 GMT

GET
H2 200 beforeitsnews.com.720413.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 199ms
95ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f8f569f3da46c5354dd8440b64c0e4571fa37ecb6068a6bc4e1fc267a0aa830

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
x-amz-version-id: _IjWACW2rz5gM.NPdt_rrBLpCg6ZJeeT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: F29KMEC6NVNH8AE1
age: 3934
cf-polished: origSize=2376
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 5IEuo7WP8mNWzPjS7he/V0wzK1BVwNCAIy/tMD07P6U7A5LZ5q0LR9N6Gp1yrBX8fdxroHdJkQo=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:12:23 GMT
server: cloudflare
etag: W/"f41cef00050693285ec10a5948c060a4"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 76b2910beb407768-LHR
expires: Wed, 16 Nov 2022 22:17:24 GMT

GET
H2 200 beforeitsnews.com.720415.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 190ms
86ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a1fc4a5719569d254b33f46fbdacd4458fb9b4bef7b151959a059331062fafd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
x-amz-version-id: HAQi2UdKEQRlYoAaYX51Boi0OejctpqJ
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 7TWKG42R8MSM65KG
age: 5045
cf-polished: origSize=2376
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 9qoHRaxDOeEd+h7hmOR6sXQ1jaRd2Py1QDSNzOI2ljPdgOJtQD+1+/Wy6OSWne0/+5nZ2+S+e5Q=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:12:36 GMT
server: cloudflare
etag: W/"270789efeda5c50c611c382c58cc944b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 76b2910beb427768-LHR
expires: Wed, 16 Nov 2022 22:17:24 GMT

GET
H3 200 tabs-bin-rev-20221007.js Show response
beforeitsnews.com/static/js-v3/ 148 B
625 B 74ms
74ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20221007.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 858404
cf-polished: origSize=189
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:45 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be5-bd"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76b2910b182e9ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 13 Nov 2022 20:37:28 GMT

GET
H2 200 12098 Show response
borirait.site/easylist/ 203 KB
41 KB 283ms
166ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borirait.site/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bef34147e43e605e56dc81b91a8fd641694689947defcf327a25ed0380c2e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 19:17:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0aff717b051b4feb2c6fe6d63e68a843c495cbf2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BoxhrZ5ScE7Bh82SHKWPPHscvqqv5I9viW4jggmyBGQIPOW8%2B5TB%2B7mB3XsDboXXpq6TuI5uhhVyyOGHyELEnZNPoOhJpDlA08nSTdqzJurcPrdiDOW9NsStFLvmmb1w6X%2F8z0SoFUxq8nV"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 76b2910bfcb2219f-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jsDeferParsing-bin-rev-20221007.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 79ms
79ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20221007.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f3eba1194c88bed5aea71a0e612cac14a5f13af4b072395d3327a462a050325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 858404
cf-polished: origSize=6187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-182b"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76b2910b28619ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 13 Nov 2022 20:37:25 GMT

GET
H3 200 uIS3tZuchjgsdVfZJ4tq9DNH3cA.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 69ms
67ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/uIS3tZuchjgsdVfZJ4tq9DNH3cA.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/d0TEFA1ti-Js6iM74ltdqi389Jg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea96fd7ce63932fbc9213224d869baa7def0ffbd857e9e49a810f1c7c85fae6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
x-amz-version-id: gaZSMZ.GDpEX.J6NBpTgInhRq7_87cCL
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: CFFQ8SAS3X9TTKW5
age: 13613645
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: poXgT2TnVON+h74ZGyvQfbH7uz+4fCyxuyO1TFUH31i8JXXoacvXTITsSS2QgMNMMnmkoYK76Nc=
last-modified: Sun, 12 Jun 2022 05:41:00 GMT
server: cloudflare
etag: W/"9c4467cd9e662b0279cdde807d82daa1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76b2910b48949ba6-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
45 KB 141ms
55ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40f06f7a9c935764fa1d8211ab09053615e46ebb6135dea069da4ecd4834a467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45435
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Nov 2022 19:17:24 GMT

GET
H3 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
632 B 76ms
74ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 987227
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-a4"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910b489a9ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 16 Oct 2023 02:37:57 GMT

GET
H3 200 search.png
beforeitsnews.com/img/b4in/ 686 B
1 KB 77ms
75ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 763029
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-325"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910b489d9ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 02 Nov 2023 18:29:15 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
11 KB 129ms
44ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:09:55 GMT
x-content-type-options: nosniff
age: 166049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 21:09:55 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v14/ 15 KB
15 KB 133ms
49ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v14/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 12:50:48 GMT
x-content-type-options: nosniff
age: 541596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15104
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 12:50:48 GMT

GET
H2 200 ggrRg.oq1b.2-small-Derek-Johnson-HUGE-Intel-Wh.jpg
sp.rmbl.ws/s8/1/g/g/r/R/ 28 KB
29 KB 297ms
172ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/g/g/r/R/ggrRg.oq1b.2-small-Derek-Johnson-HUGE-Intel-Wh.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: ea60ab7269a04836620a32f73ba6525b6624c33e1f84410c908b00492c64a0f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
last-modified: Tue, 15 Nov 2022 16:22:49 GMT
server: nginx
etag: "ba36a5a3bd6c36c58162864af083ec7b"
x-hw: 1668626244.cds129.fr8.hn,1668626244.cds270.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=549
accept-ranges: bytes
content-length: 29039

GET
H2 200 7105t5.jpg
i.imgflip.com/ 57 KB
58 KB 196ms
98ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/7105t5.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79ce74f1eec463e4a5cc14e6d056a7ce704918786998b8f838578f0cd771cf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
x-amz-request-id: R1MBQGMK1V4DD316
age: 8963
cf-polished: origSize=59005
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58693
x-amz-id-2: JqG0rRt2nNJGATg2ryvX4hxuIekIh3u9PnZ2P7x0b/8EVZxz6lp9VHWYiovVhEuTZEEqEnq0k+M=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Nov 2022 16:39:32 GMT
server: cloudflare
etag: "479b89245645c51cd0992ed952850ff8"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76b2910bfb9791f0-FRA
expires: Sat, 13 Nov 2032 19:17:24 GMT

GET
H2 200 fLa3chUria7c_320x180.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 16 KB
17 KB 193ms
81ms Image
image/jpeg 2400:52e0:1e00::601:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/fLa3chUria7c_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::601:1 , Slovenia, ASN200325 (BUNNYCDN, DE),

Reverse DNS

Software

BunnyCDN-DE-601 /

Resource Hash

af5d32664395b840d71c44debca7b1c9bf98579e0de88b85ada5d4eaa2df9465

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 601
age: 0
x-amz-request-id: tx0000000000000088df305-00637507fb-21d287ee-nyc3a
cdn-cachedat: 11/16/2022 15:55:39
cdn-pullzone: 89010
content-length: 16714
last-modified: Wed, 16 Nov 2022 15:22:50 GMT
server: BunnyCDN-DE-601
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 1cf9651bee5b9bbc072b550e2790ef5a
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 logo_1_wg5s9f.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 70 KB
70 KB 92ms
91ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/logo_1_wg5s9f.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e39fbaf69594ed7df217d88b6e405c5c6497269f6a5becc04e6ca8078a57d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 481603
cf-polished: origSize=76041, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71384
last-modified: Tue, 22 Feb 2022 21:16:35 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "621552b3-12909"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910bac17bc03-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 11 Nov 2023 01:29:53 GMT

GET
H2 200 EyROg.oq1b.2-small-Charlie-Ward-Dont-Worry-11..jpg
sp.rmbl.ws/s8/1/E/y/R/O/ 42 KB
42 KB 294ms
211ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/E/y/R/O/EyROg.oq1b.2-small-Charlie-Ward-Dont-Worry-11..jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 58aa67532ca92a7ba13ac2ce6e32af21801e891fda8d216a9fb05f0ba0f2837d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
last-modified: Mon, 14 Nov 2022 08:07:44 GMT
server: nginx
etag: "861ce733140760246b96b3d5a3d2694f"
x-hw: 1668626244.cds129.fr8.hn,1668626244.cds243.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=52310
accept-ranges: bytes
content-length: 43339

GET
H2 200 OpKRg.oq1b-small-SITUATION-UPDATE-111522.jpg
sp.rmbl.ws/s8/1/O/p/K/R/ 27 KB
27 KB 330ms
246ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/O/p/K/R/OpKRg.oq1b-small-SITUATION-UPDATE-111522.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 9216263738afedb1ebd7d69e6c7b57146a1531dc3b2feb1a20811949ed9019e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
last-modified: Tue, 15 Nov 2022 22:12:19 GMT
server: nginx
etag: "a6321e0c4071c6183e7dd93cd40a2458"
x-hw: 1668626244.cds129.fr8.hn,1668626244.cds252.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=20232
accept-ranges: bytes
content-length: 27167

GET
H2 200 70xj1b.jpg
i.imgflip.com/ 76 KB
77 KB 162ms
105ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70xj1b.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c06e495f43829458c1154dcb847dccb258e2490fdc8022d80c8ee9410507fd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
x-amz-request-id: CGGK5C6Y9QG77BCV
age: 60040
cf-polished: origSize=78906
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78223
x-amz-id-2: v8mk0Ajq/IOXFAhLnkdzF8G6z2Uou2smDxEZ26KHe2zZGpGi14/WQ6Vv3nWL9E+7Awyrr4VLuXo=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Nov 2022 02:31:30 GMT
server: cloudflare
etag: "cde62761e637c1f7e44432c9e4a217f2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76b2910bfb9c91f0-FRA
expires: Sat, 13 Nov 2032 19:17:24 GMT

GET
H2 200 unnamed(88).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 46 KB
46 KB 81ms
80ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/unnamed(88).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e69fda028a323bc43dac18f4edb73a1b44081dc358350cedc92682078735517

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 5763
cf-polished: origSize=49863, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47243
last-modified: Thu, 18 Nov 2021 18:19:40 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6196993c-c2c7"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910bcc5fbc03-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 16 Nov 2023 03:49:14 GMT

GET
H3 200 OIP%20(3)(58).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 18 KB
18 KB 83ms
82ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(3)(58).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ea20734cb830a4ce3e4bc91ae7eaca73b1e95cb5b38515bb1dcfe9baed1fdf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 3518857
cf-polished: origSize=19787, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18281
last-modified: Tue, 24 Aug 2021 23:22:20 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "61257f2c-4d4b"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910bda719ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 06 Oct 2023 21:06:59 GMT

GET
H2 200 gVnRg.oq1b.2-small-Charlie-Ward-11.15.22-What-.jpg
sp.rmbl.ws/s8/1/g/V/n/R/ 41 KB
41 KB 249ms
246ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/g/V/n/R/gVnRg.oq1b.2-small-Charlie-Ward-11.15.22-What-.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: fc2fdcc84c56728a3fedfeb986ea54646d9947b70b49178826d8388dc4b38979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
last-modified: Tue, 15 Nov 2022 15:46:07 GMT
server: nginx
etag: "19ad6a3cf2c6574617b8dfc6fa4e2a27"
x-hw: 1668626244.cds129.fr8.hn,1668626244.cds250.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=549
accept-ranges: bytes
content-length: 42186

GET
H3 200 hqdefault(384).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 15 KB
15 KB 117ms
116ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/hqdefault(384).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c8288a0739ac7b9d71592f12c6da487bd2c63cc2657a561e6089f93ff1bfd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 175630
cf-polished: origSize=15544, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15130
last-modified: Mon, 24 Oct 2022 20:58:13 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6356fc65-3cb8"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910c3b639ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 14 Nov 2023 12:12:16 GMT

GET
H3 200 no-img.png
img.beforeitsnews.com/img/v3/ 1 KB
2 KB 119ms
118ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/no-img.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1666
cf-polished: origFmt=png, origSize=1604
content-disposition: inline; filename="no-img.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1298
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-644"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910c3b679ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 15 Nov 2023 19:01:04 GMT

GET
H2 200 donaldtrumpderekjohnsonspeech.png
www.ournewearthnews.com/wp-content/uploads/2022/11/ 129 KB
130 KB 1585ms
322ms Image
image/png 162.241.30.109
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ournewearthnews.com/wp-content/uploads/2022/11/donaldtrumpderekjohnsonspeech.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.30.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5924.bluehost.com
Software: Apache /
Resource Hash: 2f9f05af10d926f60333ddb0a90a413564c566917fe01717359f99122c68479d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
x-nginx-cache: WordPress
last-modified: Wed, 16 Nov 2022 17:52:53 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 132442
expires: Thu, 17 Nov 2022 19:17:25 GMT

GET
H2 200 70xn2l.jpg
i.imgflip.com/ 66 KB
66 KB 185ms
105ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70xn2l.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c83946e175ac8f5be1ea46e5896c8a51ef4dfbbf75ce8f92a0b5f256c637bff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
x-amz-request-id: AE7RNDK58JDJV172
age: 57761
cf-polished: origSize=67774
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67385
x-amz-id-2: RFBjXEpXhcKFncmMTfoQiyCqtBuPTSvvlRI7tt1R/3/7ofprdRUn8m0e5OaiovOTlWXTBQctboE=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Nov 2022 03:06:02 GMT
server: cloudflare
etag: "f7c1c879bedd068ea36b458ef82761ea"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76b2910bfb9891f0-FRA
expires: Sat, 13 Nov 2032 19:17:24 GMT

GET
H2 200 70sj1h.jpg
i.imgflip.com/ 71 KB
71 KB 185ms
104ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70sj1h.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6d52f32eced2aea962b6a674009bd1be0ccf506af181a216384d25565a6ac31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
x-amz-request-id: G0PKJD5HBPR6NJXS
age: 145889
cf-polished: origSize=72565
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72266
x-amz-id-2: yvPJ+WRpAvVnt9DOB34nAlECM8rZ8Wxns6MxWiWnWRleY+G5DErfILTs/cWQuRkKPE4xZLT4jBU=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 15 Nov 2022 02:37:54 GMT
server: cloudflare
etag: "017d45ca1a5f8798228145f93513b7e5"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76b2910bfb9691f0-FRA
expires: Sat, 13 Nov 2032 19:17:24 GMT

GET
H2 200 uk-news.jpg
thewashingtonstandard.com/wp-content/uploads/2022/11/ 58 KB
59 KB 168ms
55ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thewashingtonstandard.com/wp-content/uploads/2022/11/uk-news.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bdecc4ad35264cf2f804cce30b7c202c0a9a619eaadb4391881e951de66701b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10540
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59672
last-modified: Wed, 16 Nov 2022 16:20:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO9xc6aCZrlkNQpdFOp5x8Ca3YhHaHZVuw7NRTVK7DDFkRWPsN0JeGbgKGRv2RQ6%2FKg43A8law%2FOsqk2d4goOuiUIWbUqXXNgfSW%2BS0xzenHNNNOUTi1mV6EfDLTLuq4gdpEARYF5m5cD48BkHH8s27BwOp2lKOP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 76b2910c5ea17a5a-DUS
expires: Wed, 23 Nov 2022 16:21:44 GMT

GET
H2 200 n9VjdFkCHfws_640x360.jpg
static-3.bitchute.com/live/cover_images/NYZMjDr6JOG3/ 28 KB
28 KB 165ms
93ms Image
image/jpeg 2400:52e0:1e00::601:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/NYZMjDr6JOG3/n9VjdFkCHfws_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::601:1 , Slovenia, ASN200325 (BUNNYCDN, DE),

Reverse DNS

Software

BunnyCDN-DE-601 /

Resource Hash

4e389218927c149529b667409ed22a2a56dd391d19a09b53415ada91bccea58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 1047
x-amz-request-id: tx00000000000002b8ec05d-006373b7fe-21d2756d-nyc3a
cdn-cachedat: 11/15/2022 16:02:06
cdn-pullzone: 89010
content-length: 28606
last-modified: Mon, 14 Nov 2022 22:54:04 GMT
server: BunnyCDN-DE-601
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: efe97ffb3dd22b4be608bf853ffea9bc
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 70kb29.jpg
i.imgflip.com/ 22 KB
22 KB 154ms
97ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70kb29.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e8afde24c9d1649679073c92e36842cc72831188aa26f043e21f4f67aa5aa38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
x-amz-request-id: RNGHA9C7H3YTKJQS
age: 316912
cf-polished: origSize=23329
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22605
x-amz-id-2: 0OMTenqzdNHhVJsfmGfiKlei8FoPNGk387nYW6+BAKJOSrnBnm8qROBzcLadnyNEfa8QTL0RDCc=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 13 Nov 2022 03:03:22 GMT
server: cloudflare
etag: "c887675ce4093f3b76d10e8f93516e9d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76b2910bfb9291f0-FRA
expires: Sat, 13 Nov 2032 19:17:24 GMT

GET
H2 200 70xkaq.jpg
i.imgflip.com/ 65 KB
65 KB 89ms
55ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70xkaq.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e278eba40e64f5adb34a4f691da536fd74c46550f4c8ed30a91ac394282ac0e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
x-amz-request-id: 9ESJ1BSMKQN5JED9
age: 58008
cf-polished: origSize=66682
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66482
x-amz-id-2: eOSNoePneiTI6kAHSQ3IIxv96Up0NNqWyB+ikESDQKU1kXbSbN4siWUL5uhRAhqAYEU4AISgNAo=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Nov 2022 02:42:18 GMT
server: cloudflare
etag: "e5ad7758f35ce95401e328bfb6d8c89e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76b2910bfb9591f0-FRA
expires: Sat, 13 Nov 2032 19:17:24 GMT

GET
H3 200 clif-high(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 26 KB
27 KB 122ms
120ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/clif-high(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0cc46fd307661ddfe1c8a4f05af453ce3c5c7641b22c4ce3e06ab690c99348b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 267354
cf-polished: origSize=27625, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26980
last-modified: Sun, 28 Mar 2021 16:38:12 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6060b0f4-6be9"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910c3b6b9ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 13 Nov 2023 05:39:29 GMT

GET
H2 200 20ORg.oq1b-small-Ep.-2926a-The-CB-Is-Now-Mak.jpg
sp.rmbl.ws/s8/1/2/0/O/R/ 54 KB
54 KB 298ms
295ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/2/0/O/R/20ORg.oq1b-small-Ep.-2926a-The-CB-Is-Now-Mak.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 62a61aca0dfb55e1fee66eb83d11fbd17845c4dd8979e5f4be90c5d9865d6fea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
last-modified: Wed, 16 Nov 2022 00:09:58 GMT
server: nginx
etag: "9e8d407128287b68f6d510ea184ded68"
x-hw: 1668626244.cds129.fr8.hn,1668626244.cds138.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17624
accept-ranges: bytes
content-length: 55339

GET
H2 200 70xqtc.jpg
i.imgflip.com/ 57 KB
57 KB 71ms
67ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70xqtc.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 773a4e7fbdc613d57c567b05721f87b7f7b97f0d58ad4e8c9e8531ebd46533c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
x-amz-request-id: CRHXEGF72A0EKA0R
age: 54681
cf-polished: origSize=58891
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57918
x-amz-id-2: DFeF0/VTmMav8MKrIDOKNkSuWwL0kDjCx2EzWCB8zMBfa56wW+7ws4F8OUwBgQJtpL/WSboK5hc=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Nov 2022 03:41:22 GMT
server: cloudflare
etag: "42edf4f5ea9484b02d52ca6a92de6218"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76b2910c3c2891f0-FRA
expires: Sat, 13 Nov 2032 19:17:24 GMT

GET
H2 200 OCJRg.oq1b.2-small-Dr.-David-Martin-CONTROLLED.jpg
sp.rmbl.ws/s8/1/O/C/J/R/ 57 KB
57 KB 269ms
266ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/O/C/J/R/OCJRg.oq1b.2-small-Dr.-David-Martin-CONTROLLED.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: feaeaf37ed3a2420ec0f0aeab23e9b0d5d2f5ae15bb21ae88c5ca2c5bf35f3d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
last-modified: Tue, 15 Nov 2022 21:51:59 GMT
server: nginx
etag: "73a95a3a08d9652de88eb58044aa0539"
x-hw: 1668626244.cds129.fr8.hn,1668626244.cds256.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=9406
accept-ranges: bytes
content-length: 58134

GET
H2 200 Screenshot-2022-11-15-111858.png
www.ournewearthnews.com/wp-content/uploads/2022/11/ 118 KB
119 KB 1469ms
323ms Image
image/png 162.241.30.109
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ournewearthnews.com/wp-content/uploads/2022/11/Screenshot-2022-11-15-111858.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.30.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5924.bluehost.com
Software: Apache /
Resource Hash: 5d9c258676dd7921f77411de9569d784cdaec92335493b8d1a7dfe8cabd5763b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
x-nginx-cache: WordPress
last-modified: Tue, 15 Nov 2022 17:23:24 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 120711
expires: Thu, 17 Nov 2022 19:17:25 GMT

GET
H3 200 OIP%20(1)(34)%20(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 24 KB
25 KB 153ms
151ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(34)%20(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a8e158db2d000a332b451889e71de1224fb81779bcc3896127f17db3e0a464

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 2583
cf-polished: origSize=26256, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24625
last-modified: Sun, 20 Mar 2022 22:49:36 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6237af80-6690"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910c3b6f9ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 16 Nov 2023 18:04:13 GMT

GET
H3 200 R%20(2)(5).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 29 KB
29 KB 154ms
152ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/R%20(2)(5).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ffdd46e6b4516f76d785f06fe5cb34dd8890420ce70fe95b2f3aea1cff06879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 70334
cf-polished: origSize=30865, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29711
last-modified: Sun, 05 Sep 2021 19:35:28 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "61351c00-7891"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910c3b739ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 15 Nov 2023 03:23:36 GMT

GET
H2 200 6zot0w.jpg
i.imgflip.com/ 84 KB
84 KB 70ms
67ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6zot0w.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd4fbd0b24d02a7f50a5de3238e4dc37ce315f157794d618b8536d6e4cf3788

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
x-amz-request-id: S12BYXCT496T9846
age: 922476
cf-polished: origSize=86630
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86156
x-amz-id-2: PITQ/OcDngQVXnQ9WbD3atp3LuGpJyGsBbINBQ3wtqeibb9FH16gqpYwqsv5YIWYFIhdwaZf3Z4=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 06 Nov 2022 02:48:35 GMT
server: cloudflare
etag: "7df1049fd32b86835d4236bc7fb47670"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76b2910c3c2a91f0-FRA
expires: Sat, 13 Nov 2032 19:17:24 GMT

GET
H3 200 q-anon-heman-herman.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 19 KB
19 KB 157ms
155ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/q-anon-heman-herman.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b76b552b13c93e2de7031bd6a9f4e54f75d7abd1fe62c133a9948e3598d10e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 330807
cf-polished: origSize=24929, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19184
last-modified: Sat, 12 Nov 2022 23:08:21 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63702765-6161"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910c3b799ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 12 Nov 2023 23:09:29 GMT

GET
H3 200 Dvaid-Wilcock-Predicts-Some-Very-Big-Events-2-1024x575(2).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 20 KB
21 KB 190ms
188ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Dvaid-Wilcock-Predicts-Some-Very-Big-Events-2-1024x575(2).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f10933a55ea376c3ae57000f6a7c410d52a2b45e0e8d404a0a7d1faa01ebe2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 275938
cf-polished: origSize=22017, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20949
last-modified: Mon, 23 Mar 2020 00:21:04 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5e7800f0-5601"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910c3b7e9ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 12 Nov 2023 02:08:43 GMT

GET
H3 200 OIP%20(2)(176).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 23 KB
23 KB 191ms
189ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(2)(176).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fef9f5e0426db8783612d7cdecd671cb32de9e20b27d18f110512f5dfc1caadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 861539
cf-polished: origSize=32913, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23050
last-modified: Sun, 06 Nov 2022 19:46:58 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63680f32-8091"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910c3b819ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 06 Nov 2023 19:49:07 GMT

GET
H2 200 e5-Kg.oq1b.1.jpg
sp.rmbl.ws/s8/6/e/5/-/K/ 16 KB
16 KB 269ms
266ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/e/5/-/K/e5-Kg.oq1b.1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: e9d3e91c5c402ee3e44b8ccacf4e6b0693f34c892f54d2a3c9c228e784efe260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
last-modified: Sat, 12 Nov 2022 01:36:47 GMT
server: nginx
etag: "d2b8c655df203d4185b5eb6e3ae10ce1"
x-hw: 1668626244.cds129.fr8.hn,1668626244.cds227.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86231
accept-ranges: bytes
content-length: 16380

GET
H2 200 6eVMViSeK82k_640x360.jpg
static-3.bitchute.com/live/cover_images/hYAwjR83sVSl/ 24 KB
24 KB 98ms
95ms Image
image/jpeg 2400:52e0:1e00::601:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/hYAwjR83sVSl/6eVMViSeK82k_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::601:1 , Slovenia, ASN200325 (BUNNYCDN, DE),

Reverse DNS

Software

BunnyCDN-DE-601 /

Resource Hash

0bc671931d94766730f0ef8d31d927a524a9c4e68dce6947cc3c53e5878ee33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 1047
x-amz-request-id: tx00000000000002b65721e-00637340b7-21d2a51f-nyc3a
cdn-cachedat: 11/15/2022 07:33:11
cdn-pullzone: 89010
content-length: 24198
last-modified: Tue, 15 Nov 2022 06:08:30 GMT
server: BunnyCDN-DE-601
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: aa8a7a8692730c32ca147ca6c6c2a34e
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 70xotd.jpg
i.imgflip.com/ 57 KB
57 KB 69ms
66ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70xotd.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10a75711625e152e9e1de8b8e0605ee8d49cc7d2c264d38f87c1fdc84067268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
x-amz-request-id: V8H17EMR8V38399A
age: 56450
cf-polished: origSize=58696
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58197
x-amz-id-2: 0TiKp3S9+k2E9LZ5LX6ISR6jRll2uLUY5UwlHCw9F4nt0I3r58+v7pSVBzBttjzUcMl6cZuSphA=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Nov 2022 03:21:57 GMT
server: cloudflare
etag: "533188ada39823647c15d806a85f1477"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76b2910c3c2c91f0-FRA
expires: Sat, 13 Nov 2032 19:17:24 GMT

GET
H2 200 70soks.jpg
i.imgflip.com/ 103 KB
104 KB 70ms
67ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70soks.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e07a66b177611ab4b2c62f18e7c10843100dabde3302a31dc9afd827ce2526f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
x-amz-request-id: RV4JEVC3E2JK9WEE
age: 142803
cf-polished: origSize=106324
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105852
x-amz-id-2: NL+2Y9G+WUxEQB6Qy5ELc33axXAH5/iSv/CJmd4KpRMMG465aHBHuYyYvBveT0nnrVyxSC/uVaU=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 15 Nov 2022 03:31:35 GMT
server: cloudflare
etag: "6467bf7b945cf65d411e17984b516b50"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76b2910c3c2e91f0-FRA
expires: Sat, 13 Nov 2032 19:17:24 GMT

GET
H3 200 photo_2022-11-14_14-34-26.jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 22 KB
22 KB 195ms
193ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/photo_2022-11-14_14-34-26.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cbf18959509bfbf96b60da1a4c7454e71c70d2d0761dbd5978a7dff02004d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 170025
cf-polished: origSize=26374, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22362
last-modified: Mon, 14 Nov 2022 19:42:07 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63729a0f-6706"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910c3b849ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 14 Nov 2023 19:42:59 GMT

GET
H2 200 2wORg.oq1b-small-Ep.-2926b-What-Happens-If-B.jpg
sp.rmbl.ws/s8/1/2/w/O/R/ 37 KB
37 KB 289ms
287ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/2/w/O/R/2wORg.oq1b-small-Ep.-2926b-What-Happens-If-B.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 690822970b24b3265f5d24dc65920d4707909b62cd2101a05ccfa2204e744f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
last-modified: Tue, 15 Nov 2022 23:57:37 GMT
server: nginx
etag: "7845cee2b6b85e3a4a1cf41382615281"
x-hw: 1668626244.cds129.fr8.hn,1668626244.cds142.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17950
accept-ranges: bytes
content-length: 37819

GET
H2 200 Screen-Shot-2022-11-16-at-11.19.52-AM.png
gellerreport.com/wp-content/uploads/2022/11/ 320 KB
321 KB 172ms
66ms Image
image/webp 2606:4700:20::681a:a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gellerreport.com/wp-content/uploads/2022/11/Screen-Shot-2022-11-16-at-11.19.52-AM.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1610aabbdeb17b43dd2de11661ba8e223eb9d9438810141dbf95cf8cbbef42c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4277
cf-polished: origFmt=png, origSize=348592
x-cache-nxaccel: MISS
content-disposition: inline; filename="Screen-Shot-2022-11-16-at-11.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 327890
last-modified: Wed, 16 Nov 2022 16:20:29 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "551b0-5ed98d9e34005"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42M2rlIT5wYZNTRMaFaAHL%2FKVEmnPb09BHweS%2FBnsmXNJWo8Z1fXl8zR43Y%2FWD2NiW3DiHXCvfyPuRykQi1W7YVQqAu54dmHTNaS3y7atARygf5FUPqbRaVEczeXKNe2S4Lh%2FjlD2yzrW4f3oWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 76b2910cfc6c693a-FRA

GET
H2 200 kMJMg.oq1b-small-SITUATION-UPDATE-111222.jpg
sp.rmbl.ws/s8/1/k/M/J/M/ 24 KB
24 KB 289ms
288ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/k/M/J/M/kMJMg.oq1b-small-SITUATION-UPDATE-111222.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 49392c2be71d4f5dc591e7315a4e0d851dbc2d84e698f5a2689c33371765f236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
last-modified: Sun, 13 Nov 2022 00:33:35 GMT
server: nginx
etag: "2c1d765c8dc41acd1b5b028607d029fd"
x-hw: 1668626244.cds129.fr8.hn,1668626244.cds141.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=24814
accept-ranges: bytes
content-length: 24923

GET
H2 200 Screenshot-2022-11-12-040312.png
www.ournewearthnews.com/wp-content/uploads/2022/11/ 79 KB
79 KB 1432ms
323ms Image
image/png 162.241.30.109
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ournewearthnews.com/wp-content/uploads/2022/11/Screenshot-2022-11-12-040312.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.30.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5924.bluehost.com
Software: Apache /
Resource Hash: e07fc5c65bd1a68288ee07ddf3b7f171a068cf0f1a76d03fb4797695ba5842f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
x-nginx-cache: WordPress
last-modified: Sat, 12 Nov 2022 10:08:43 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 80420
expires: Thu, 17 Nov 2022 19:17:25 GMT

GET
H3 200 7160-tofmgxscqp(12).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 50 KB
50 KB 159ms
158ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/7160-tofmgxscqp(12).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f0593a5d13fb5749e110899dbe6e2e4e7d807f3958e15b937cc6f0001764f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 173689
cf-polished: origSize=53712, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51132
last-modified: Sun, 02 Jan 2022 17:59:08 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "61d1e7ec-d1d0"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910c7c139ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 01 Nov 2023 11:34:42 GMT

GET
H2 200 8uvrivIyBhCX_640x360.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 49 KB
49 KB 70ms
70ms Image
image/jpeg 2400:52e0:1e00::601:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/8uvrivIyBhCX_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::601:1 , Slovenia, ASN200325 (BUNNYCDN, DE),

Reverse DNS

Software

BunnyCDN-DE-601 /

Resource Hash

12b85f5e5b531b1f478546d5e2382dd5b263b75ed08de68b05786f762ea7dfde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 1047
x-amz-request-id: tx00000000000002c01613b-0063750f31-21d2b5c8-nyc3a
cdn-cachedat: 11/16/2022 16:26:26
cdn-pullzone: 89010
content-length: 50081
last-modified: Wed, 16 Nov 2022 16:11:32 GMT
server: BunnyCDN-DE-601
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: d2299085ad1bce6ac8ab07a4e0a09f05
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1f1fa-1f1f8.png
s.w.org/images/core/emoji/14.0.0/72x72/ 350 B
579 B 122ms
37ms Image
image/png 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/72x72/1f1fa-1f1f8.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

f21f8537b9b087805efd4334b8f0904aa547ba84c2c6a647d002fef16f42aa26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 16 Nov 2022 19:17:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 350
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sB2Pg.oq1b-small-Ep.-2925b-Trump-Tomorrow-Wi.jpg
sp.rmbl.ws/s8/1/s/B/2/P/ 58 KB
58 KB 267ms
266ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/s/B/2/P/sB2Pg.oq1b-small-Ep.-2925b-Trump-Tomorrow-Wi.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: cb53cdf2605afe7aad9e1232ef7e4432ea4c485f32f1beb4a054b0d1504821cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
last-modified: Mon, 14 Nov 2022 23:25:06 GMT
server: nginx
etag: "36a13319fcab15cfb7613233d3c8d3d7"
x-hw: 1668626244.cds129.fr8.hn,1668626244.cds282.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=15105
accept-ranges: bytes
content-length: 59141

GET
H3 200 70kaok.jpg
i.imgflip.com/ 118 KB
119 KB 105ms
51ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70kaok.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 233eca5f4f7e19c25cc0f721efaad650525ce61f70a81770ada51d91227e21d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
x-amz-request-id: EX8KCSTQN6F4KBGH
age: 317185
cf-polished: origSize=122351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 121062
x-amz-id-2: wsoVWtm9sPiyOPQ3NcokFPFFuo/3O5An0JZYU+1dFNPS9vJLePtdziTjnhqBJ7faRYwFekawiOE=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 13 Nov 2022 02:59:45 GMT
server: cloudflare
etag: "23263fccb18eef0725b1c9dd8cebcd4e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76b2910ccf29bb77-FRA
expires: Sat, 13 Nov 2032 19:17:24 GMT

GET
H2 200 SdG40kfL4kqO_320x180.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 24 KB
24 KB 66ms
65ms Image
image/jpeg 2400:52e0:1e00::601:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/SdG40kfL4kqO_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::601:1 , Slovenia, ASN200325 (BUNNYCDN, DE),

Reverse DNS

Software

BunnyCDN-DE-601 /

Resource Hash

25baabde5ab48b2510f26d07101ef48899781ce1bfe1e2e5377796c9677b0dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 863
x-amz-request-id: tx00000000000002b8d189d-006373b6a5-21d2a51f-nyc3a
cdn-cachedat: 11/15/2022 15:56:21
cdn-pullzone: 89010
content-length: 24143
last-modified: Tue, 15 Nov 2022 15:27:42 GMT
server: BunnyCDN-DE-601
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 680f25c8c92fb7ae2d58d889f54f3ec9
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 85ms
84ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1634579
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-3be6"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910b99779ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 05 Oct 2023 08:12:07 GMT

GET
H3 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame BCEA 2 KB
1 KB 116ms
66ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2022101619
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88deb6cca5f42a1b999d8d1a57ab4c4ca0c40753aed081fa66492d8d1797f1e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
x-amz-version-id: Pyg._uIsc5AQSNjNuGPay5ap_Yo6O9GK
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: DRFVNYF4P8N2HCDP
age: 3104
cf-polished: origSize=2376
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: m0I/i+YtH9MstR8H5SZRYyQDDrVLYVxao1ZDSZk5LcjVu6mIohJNjoMuda01/L9jq2WVT5c5kyw=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:11:31 GMT
server: cloudflare
etag: W/"3fa7a22def0ef9ee9c381060c52eeb94"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 76b2910cdcfd7583-LHR
expires: Wed, 16 Nov 2022 22:17:24 GMT

GET
H2 200 ajs.js Show response
cdn2.customads.co/_js/ 7 KB
3 KB 177ms
41ms Script
application/javascript 2600:9000:21f3:9400:18:9413:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.customads.co/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9400:18:9413:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 08:18:47 GMT
content-encoding: gzip
via: 1.1 google, 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Wed, 16 Nov 2022 01:31:06 GMT
x-amz-cf-pop: FRA2-C2
age: 39517
etag: W/"1a40-1847e0faa58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: pipX30BCPMbcVfnzus-0P-whnsmfT35QToyeUye-6tGkmXGtDYeizw==

GET
H3 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
43 KB 120ms
120ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1119042
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-a834"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910ba9969ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 05 Oct 2023 08:12:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 162ms
63ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4feeac69149c44960d83018ca23127e9ee6592ae5e39c55cbbe15f3c4b4df912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49169
x-xss-protection: 0
server: cafe
etag: 8136856273732015061
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:17:24 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
527 B 157ms
60ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 00:27:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 67783
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FCMqypRGTbU25eZONHz9AZ%2FR76foMbZNfwarZw7xRxxFTRzUfz18Nk57BG4HldyabTxvWefdpFB8slnCA1e7gfsUiRHexCMuquXVlpA1XntpzvAy7M9XjYKp7mDZ1W%2FzAP%2Fv3Mg8KQg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 76b2910e0d0590b2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9

GET
H2 200 adcode.png
rddywd.com/ 43 B
549 B 140ms
49ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42879
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1UjSxD3pwo82kE5nHaBtTRf44UyUXjqaadbs8RGMjeS224lRvi%2F2g0L2ko4j80OO2eEZidDHKPpbrffsMPS1rBi1ZBbPB49sGLwh2X2AtToxYFEMy1ta87625WsI13sy0Zp0%2BD2Zr%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 76b2910e1bb5b7c7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 204 generate_204
www.googleapis.com/ 0
210 B 137ms
36ms Image
text/plain 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 188ms
187ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 987226
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-a0e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2910bc9e19ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 02 Nov 2023 18:21:59 GMT

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
485 B 1020ms
907ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac518762f385a06316205586c24ed7b8d8e07cd549b3dfdde899e6906c43aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
x-frame-options: SAMEORIGIN
cf-ray: 76b2910cbcaa9b94-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
content-length: 16
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 IDYPg.oq1b-small-SITUATION-UPDATE-111422.jpg
sp.rmbl.ws/s8/1/I/D/Y/P/ 25 KB
25 KB 98ms
98ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/I/D/Y/P/IDYPg.oq1b-small-SITUATION-UPDATE-111422.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: e532252f98b6de1eb227f7e41734c67a5f0ffe91dd980876103d160e2ebed2dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
last-modified: Mon, 14 Nov 2022 21:53:33 GMT
server: nginx
etag: "9ca0e59ad649eaf1b0066ae666489e8b"
x-hw: 1668626244.cds129.fr8.hn,1668626244.cds248.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=21580
accept-ranges: bytes
content-length: 25675

GET
H2 200 70smwz.jpg
i.imgflip.com/ 87 KB
88 KB 98ms
97ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70smwz.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f07a6593d43c1ce90e3dce0f9bf32f33336a39e788bb0d37a18ece273463bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
cf-cache-status: HIT
x-amz-request-id: FMMBA9H596BQSSWY
age: 143448
cf-polished: origSize=89955
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 89444
x-amz-id-2: RvaleN5+pgkWwl1ivhJXvaDzvebARMWN5z1dU5iK/fuOpd3JhzfccCMV+HhqE3xw/RTIbn5WyXg=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 15 Nov 2022 03:14:02 GMT
server: cloudflare
etag: "c2d8b909476585567aaf27fcbcc6cd61"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76b2910c0baa91f0-FRA
expires: Sat, 13 Nov 2032 19:17:24 GMT

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame A5FC 21 KB
7 KB 163ms
43ms Document
text/html 13.225.78.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-13.fra2.r.cloudfront.net

Software

tv /

Resource Hash

e0f7f5ed9f0f62a5219460c495bcb1dac22f31f81d02cb53d2f6db63d0ecc9d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://.ampproject.org/ https://.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-HdJSQNvAz9LbGNCAY7b2og=='; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15
alt-svc: h3=":443"; ma=86400
cache-control: max-age=120
content-encoding: gzip
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-HdJSQNvAz9LbGNCAY7b2og=='; object-src 'none'
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 19:17:09 GMT
expires: Wed, 16 Nov 2022 19:19:09 GMT
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-id: WkkaF_Xtlzut8iUXxja246sUrTgFKNHmbczF62Fp4fZkCsdOAZf8pA==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 beforeitsnews.com.720415.es6.js Show response
jsc.mgid.com/b/e/ 268 KB
77 KB 118ms
67ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe7249a559c40d77c52c75c19e5dc4c032e4b2e17a4189e2f89eda272af2ac6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
x-amz-version-id: qvyLR093rn4jNb6UD2GmB__o3CmwMAnU
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 5VQMZQ8D85347C30
age: 4309
cf-polished: origSize=274057
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: lhIHDBaaRm5FJfu6rS+OOZIQUhv8GeQJVpuPCSBopZdFmv8SefrMDzsDCGVHxFLxKbrSHInU7L8=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:12:36 GMT
server: cloudflare
etag: W/"b480313b13dfcf8ec33ed36723cb475b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 76b2910cdd007583-LHR
expires: Wed, 16 Nov 2022 22:17:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
37ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 19:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 90
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 16 Nov 2022 21:15:54 GMT

GET
H3 200 beforeitsnews.com.720413.es6.js Show response
jsc.mgid.com/b/e/ 268 KB
77 KB 112ms
91ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca54a58be4f54cf7421a2f34a0ed18f3eeed78566f71fe1ac8e80734abf08838

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
x-amz-version-id: gwGlBd8PvoGV_9OxPwW3s_v0jeQ6LLEQ
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 29XDPBB17A2THMFS
age: 6885
cf-polished: origSize=274057
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JktKzCRrD+T61+3X8d9it7PSURznrmeNOV9NR7nulcsYsJNumZcb95en3PP7n1a6xRnabPEfZ9Y=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:12:23 GMT
server: cloudflare
etag: W/"c79a3cefb20a8b758304b926fecffe9b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 76b2910cdcf97583-LHR
expires: Wed, 16 Nov 2022 22:17:24 GMT

GET
H3 200 beforeitsnews.com.351459.es6.js Show response
jsc.mgid.com/b/e/ Frame BCEA 268 KB
77 KB 180ms
180ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2022101619
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0387fc6cf743379a8787351d45a85dcc813211730b0bb08719861a85a2cb81f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:24 GMT
x-amz-version-id: JQC2VuZYj_64u15b2N26wflA16YTKs4U
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: RCVX8N73KRE2J576
age: 3450
cf-polished: origSize=274727
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: zTEV3R2wjhvwndXX5LtEsipF/ijpMSrjfSK68q+YkT7Orj8ILzkFZbyfR5u2NZXOD+KhuBMU9BI=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:11:31 GMT
server: cloudflare
etag: W/"c1eeaac25baad299df53fc27e712878e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 76b2910d3daf7583-LHR
expires: Wed, 16 Nov 2022 22:17:24 GMT

GET
H2 200 en.20293e230953c957.js Show response
static.tradingview.com/static/localization/translations/ Frame A5FC 597 KB
71 KB 190ms
89ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/localization/translations/en.20293e230953c957.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

3af93c1532486b12b9adbb7c1376c72979355372a5f29609cae984fca8632b9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 10:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 31939
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 72026
referrer-policy: origin-when-cross-origin
last-modified: Wed, 16 Nov 2022 08:39:57 GMT
server: tv
etag: "6374a1dd-1195a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 4MnSY7PJ03_SjnD1j3bTG3ihfplHMtlbCYnC9TJGcdIclWtHP4uAAQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.9f0a7e65f1db5dc00c7f.js Show response
static.tradingview.com/static/bundles/embed/ Frame A5FC 56 KB
23 KB 182ms
81ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/runtime.9f0a7e65f1db5dc00c7f.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

bed043f4cd46441844227814473c81bb69488cd6358fed3711f54696e4973a15

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 10:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 31938
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 23486
referrer-policy: origin-when-cross-origin
last-modified: Wed, 16 Nov 2022 08:40:13 GMT
server: tv
etag: "6374a1ed-5bbe"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: gFis7MT1G9M36cn0vYULds74vMQfh0icFqbuG2ysS9pvrSjY45qaRQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 75932.cd4f83e4607134502a66.js Show response
static.tradingview.com/static/bundles/embed/ Frame A5FC 45 KB
13 KB 108ms
58ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/75932.cd4f83e4607134502a66.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

11d8ab754a7bd056500e49e7f473228063c95032e33794319a5f28cfaa511cb8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src 'none'
date: Tue, 06 Sep 2022 17:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 6141967
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 13130
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:09 GMT
server: tv
etag: "63170c91-334a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: SeFvgufNVxNnLxoTRcNnoI-y5E89FhRdx3i-n-7wCxSq9JC5FDHgkw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 98037.bcbac1bf55eee6374526.js Show response
static.tradingview.com/static/bundles/embed/ Frame A5FC 16 KB
4 KB 109ms
59ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/98037.bcbac1bf55eee6374526.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

b45162d699ebfe9716684cef90a6b3a9ca98d1be386b6072ffc9bd85cabba471

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 10:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
age: 5386757
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4195
referrer-policy: origin-when-cross-origin
last-modified: Thu, 15 Sep 2022 08:58:08 GMT
server: tv
etag: "6322e920-1063"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: kG7kZKz4HUslJq5RxrcddF9l9bhyHQxYMSIc_4oJDslEGmH81hS5uQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 23262.5f01af00dfde58d05a3a.js Show response
static.tradingview.com/static/bundles/embed/ Frame A5FC 20 KB
6 KB 107ms
57ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/23262.5f01af00dfde58d05a3a.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

d6d46bc1263abdc312120275fc077e5acea30b0a5c6a5fe77dc9e3780923da85

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 10:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
age: 809718
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6172
referrer-policy: origin-when-cross-origin
last-modified: Mon, 07 Nov 2022 08:37:35 GMT
server: tv
etag: "6368c3cf-181c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: npdORsY59FOCtb5wdkFIbJNBSP9tJZR7RNr2C0nF60j8hpHGCZDIpQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 53748.06fcdc5a1b850f86a915.js Show response
static.tradingview.com/static/bundles/embed/ Frame A5FC 13 KB
5 KB 106ms
57ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/53748.06fcdc5a1b850f86a915.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

a0d7b8a6237561de8a6c9369317d85f5d62d83b26847b181ddeef13c5ac3ea6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 10:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
age: 809718
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5057
referrer-policy: origin-when-cross-origin
last-modified: Mon, 07 Nov 2022 08:37:36 GMT
server: tv
etag: "6368c3d0-13c1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: ackAr9d2D2nIQs8b0F72P2IWhYR3qk1y2bjYEPEjLZhvZ2LS2NfjIQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 82841.18ff51b1275a770003b9.js Show response
static.tradingview.com/static/bundles/embed/ Frame A5FC 3 KB
2 KB 106ms
56ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/82841.18ff51b1275a770003b9.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

8cd1b41ee0a06e7072185e58dafd568eea44bef71640e7fc015d3bf0f5890f3c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
age: 3574505
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1259
referrer-policy: origin-when-cross-origin
last-modified: Thu, 06 Oct 2022 08:21:21 GMT
server: tv
etag: "633e9001-4eb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 1w9a3dicfP4AZ9N0p7ZoZR9N2VEa2pZf7RJyLWPwgfnP96uTWZGghQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 76575.588b6b68158c81ab6ffa.js Show response
static.tradingview.com/static/bundles/embed/ Frame A5FC 22 KB
8 KB 104ms
55ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/76575.588b6b68158c81ab6ffa.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

39d97f34c5075e5ace71d73ef354d423e0ac8f67be613ff24beaba8f24f39702

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 10:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
age: 31938
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8011
referrer-policy: origin-when-cross-origin
last-modified: Wed, 16 Nov 2022 08:40:13 GMT
server: tv
etag: "6374a1ed-1f4b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: XZOj_KVhQq8DBPOgYDcfWamGz5OuN4B_IUjy5JAPpV5P27FqxbU6jQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 31420.39edd66c16a225ab6fca.js Show response
static.tradingview.com/static/bundles/embed/ Frame A5FC 40 KB
12 KB 105ms
56ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/31420.39edd66c16a225ab6fca.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

7ae9d07aba4424bb44e367f4cb94530c493bbbb3125fec2d330daba4eba72840

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:35:07 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
age: 204137
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12090
referrer-policy: origin-when-cross-origin
last-modified: Mon, 14 Nov 2022 08:07:13 GMT
server: tv
etag: "6371f731-2f3a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: jJr2Oy0YPpbLdj3RxtF7hZZzoDQSLt6QXfImKAFefXm0Q0su4fRcfw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 47872.a61cdff518f736df4531.js Show response
static.tradingview.com/static/bundles/embed/ Frame A5FC 74 KB
17 KB 102ms
54ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/47872.a61cdff518f736df4531.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

1498779faecb7484905cd2d841badd80d3915101303b90f0604131635e105eda

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 10:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
age: 31938
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 16857
referrer-policy: origin-when-cross-origin
last-modified: Wed, 16 Nov 2022 08:40:13 GMT
server: tv
etag: "6374a1ed-41d9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: X67MdRsa0oWwl_8WaoM75BoP-sCLCzH_RCh2uHdzLXGV9vdBvbX9Fw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 9103.5cd7b1e9b2aa0930e026.js Show response
static.tradingview.com/static/bundles/embed/ Frame A5FC 20 KB
7 KB 101ms
53ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/9103.5cd7b1e9b2aa0930e026.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

571b309f6c5dc15b62664b1481fb4253e1c243ace7c908660bb49112360a0faf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 10:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
age: 1673238
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6678
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Oct 2022 09:52:46 GMT
server: tv
etag: "635ba66e-1a16"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: UZQL3CXneTHBjgu0u8evZfut12PQ3nuumjpLKBGncFG6EQPdRxuH7A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 51299.53383b9c198c6d162081.js Show response
static.tradingview.com/static/bundles/embed/ Frame A5FC 46 KB
12 KB 100ms
52ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/51299.53383b9c198c6d162081.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

46881e42e7b3d37ef5d6a815eacb658cb89503818b72fd0fe31cabea4cf00486

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 10:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
age: 1673238
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 11715
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Oct 2022 09:52:46 GMT
server: tv
etag: "635ba66e-2dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: s5a47jFc4NH3DAynvR9cN19HTncmHrITE1LPuChlgonEQbm6afbT0A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 87461.c33bcbb475ef93712018.js Show response
static.tradingview.com/static/bundles/embed/ Frame A5FC 13 KB
5 KB 98ms
50ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/87461.c33bcbb475ef93712018.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

584ebe92232b4937e10492d818eafb5df6f02159ce05147930b0009b6761ddb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 09:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
age: 1415956
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5125
referrer-policy: origin-when-cross-origin
last-modified: Mon, 31 Oct 2022 08:31:23 GMT
server: tv
etag: "635f87db-1405"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: GFsif8191nARHlR8hIfT8CiLepEm4X26imHcItZltMjqsPOXgynlPw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 embed_ticker_tape_widget.afa4d8c6bea160e80887.js Show response
static.tradingview.com/static/bundles/embed/ Frame A5FC 22 KB
7 KB 96ms
48ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.afa4d8c6bea160e80887.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

884964b723bc5dd14b0b562a2a3148f9f852e7bafe6894e0314a73e6efdda915

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 10:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
age: 809716
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7111
referrer-policy: origin-when-cross-origin
last-modified: Mon, 07 Nov 2022 08:37:36 GMT
server: tv
etag: "6368c3d0-1bc7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: LxRnghsOpqVz4K1IhP5tyBibvb08cjgccBhnTeQHfKLV31DkigBbgw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9610.ca9918cbf462aff5b55b.css
static.tradingview.com/static/bundles/embed/ Frame A5FC 1 KB
1 KB 138ms
39ms Stylesheet
text/css 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/9610.ca9918cbf462aff5b55b.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

6159f32f1b79a94b26c2c580fdd4ffdfc91af5334f46c4d8b2a1597925fb2e78

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 10:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1327696
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 611
referrer-policy: origin-when-cross-origin
last-modified: Tue, 01 Nov 2022 08:23:59 GMT
server: tv
etag: "6360d79f-263"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: jxrXpYzjKUAuMi303K2_CkDHM1mrxsMTqvGMtRvGZk8Was1oiywpUQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3086.9f89937410e2bf27786b.css
static.tradingview.com/static/bundles/embed/ Frame A5FC 1 KB
892 B 139ms
40ms Stylesheet
text/css 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/3086.9f89937410e2bf27786b.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

c32cb580981ced5d41956d35867e2d727e104386a33cfa863f516fe8da06fd49

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 10:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2624296
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 385
referrer-policy: origin-when-cross-origin
last-modified: Mon, 17 Oct 2022 08:40:46 GMT
server: tv
etag: "634d150e-181"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 2ipmx-FMzkIzunO-cAzKBxDT5Ic49cEAkK-3MCVDdwYSsmOr-YGt5g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 72066.f1aaa4b56bfc5daefd58.css
static.tradingview.com/static/bundles/embed/ Frame A5FC 1 KB
902 B 140ms
41ms Stylesheet
text/css 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/72066.f1aaa4b56bfc5daefd58.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

85a3d8af7a1f1580c3d29069e046b0bc5cea5406a3015d7f2de17d76fdef8711

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
age: 7808357
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 343
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:38 GMT
server: tv
etag: "62fdfaca-157"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: yyipppf15tvNv4Ve5wXdq8gGzc1vHocUHSewQ0l6AZuA6Zf1R74eZg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 93419.83330e98cd0f13f52e0f.css
static.tradingview.com/static/bundles/embed/ Frame A5FC 9 KB
2 KB 140ms
41ms Stylesheet
text/css 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/93419.83330e98cd0f13f52e0f.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

35756cfdc99cea57d1bebba0304db1a4657bbfae0366c0bf15b1e48bdf113e9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 01:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1792839
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1402
referrer-policy: origin-when-cross-origin
last-modified: Wed, 26 Oct 2022 11:33:41 GMT
server: tv
etag: "63591b15-57a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: Kg35Df0DT9bPvrmNiT9J8VQOQLdmQJfQyoNH7RIIm64Xh651PJiu7g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4704.721cbfb1a5d6784e3109.css
static.tradingview.com/static/bundles/embed/ Frame A5FC 2 KB
1 KB 141ms
42ms Stylesheet
text/css 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/4704.721cbfb1a5d6784e3109.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

d1b8a0fc8cd1e1cee4a88d59f5787fdd243f2fbf583f809d5c8d5028ea2b1162

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
age: 7808358
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 564
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
server: tv
etag: "62fdfacb-234"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: dzV8GFgbUIOlkE8-3xOBWdtGCnrAmyuKElfNNZDq7V7LPVhFD0XXKA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5735.c773d84ae2dfa00f5f7e.css
static.tradingview.com/static/bundles/embed/ Frame A5FC 2 KB
1 KB 140ms
41ms Stylesheet
text/css 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/5735.c773d84ae2dfa00f5f7e.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

df173c22699a580af5fc7e35726a17d7875d99fe824f3eefb2f4ff618537e1e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 10:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
age: 6167707
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 544
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:06 GMT
server: tv
etag: "63170c8e-220"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: HGhgVNxpwOGu1F0lJyAUBG3kqM_a_rK_KXgLa8oQveAybFmE9l71wg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 49859.57ed1f0e14de0ce7dcbb.css
static.tradingview.com/static/bundles/embed/ Frame A5FC 868 B
912 B 141ms
43ms Stylesheet
text/css 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/49859.57ed1f0e14de0ce7dcbb.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
age: 7808357
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 353
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
server: tv
etag: "62fdfacb-161"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 2k38Y7s71ut-eCBdkwp15lAuLBtZOmFY74VkOmzmslkEf_VWAfxWag==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 22641.c7183a76dc0599de9f42.css
static.tradingview.com/static/bundles/embed/ Frame A5FC 4 KB
1 KB 140ms
42ms Stylesheet
text/css 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/22641.c7183a76dc0599de9f42.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

fe19334709cd41c6c626aa65d242a3c096e5ef4d92097fc19fc27ab73d31d50a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 02:19:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
age: 6886679
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 634
referrer-policy: origin-when-cross-origin
last-modified: Fri, 26 Aug 2022 08:29:14 GMT
server: tv
etag: "6308845a-27a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: _wXoIdXHhLmeyzEQE6HPLSiBQWCYQbW14ALBbZSutCjPcj_jN37q4Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 41848.a819f80182db62e2c3b6.css
static.tradingview.com/static/bundles/embed/ Frame A5FC 6 KB
2 KB 169ms
71ms Stylesheet
text/css 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/41848.a819f80182db62e2c3b6.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

7908c2f4b89146df43567c37fef2bfcb60e7cbad27f8e6650c5d6f94388778b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 10:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
age: 6167658
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1239
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:09 GMT
server: tv
etag: "63170c91-4d7"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: h5iyzMGG21skHDrGno4qGf8MPGqT25x9caY3E4Mqn4u1vl3sbOaVHw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8301289771671655 Show response
customads.co/lad/ Frame 215C 1 KB
2 KB 270ms
158ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 19:17:24 GMT
via: 1.1 google

GET
H2 200 10864438442185062 Show response
customads.co/lad/ Frame AC10 1 KB
1 KB 268ms
159ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 19:17:24 GMT
via: 1.1 google

GET
BLOB 200
OK bf93d020-a3b4-4fb6-bd33-d16c1a0fcbd2
https://beforeitsnews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/bf93d020-a3b4-4fb6-bd33-d16c1a0fcbd2
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 1188ae43-38a3-43a3-9df6-43e706c43deb
https://beforeitsnews.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/1188ae43-38a3-43a3-9df6-43e706c43deb
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 8d0b3afa-f8b2-4e9d-bb31-5231be58913e
https://beforeitsnews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/8d0b3afa-f8b2-4e9d-bb31-5231be58913e
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 2ccd6c8b-553b-4e9f-a3b5-dd3f64c1d4bf
https://beforeitsnews.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/2ccd6c8b-553b-4e9f-a3b5-dd3f64c1d4bf
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 71D4 10 KB
5 KB 128ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 11:14:28 GMT
etag: 10353107486223812946
expires: Wed, 30 Nov 2022 11:14:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 62cbd7a3-18e6-48fd-9b54-146855f29436
https://beforeitsnews.com/ Frame BCEA 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/62cbd7a3-18e6-48fd-9b54-146855f29436
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 0f00dc71-2afc-4174-89cb-736ebc42ade6
https://beforeitsnews.com/ Frame BCEA 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/0f00dc71-2afc-4174-89cb-736ebc42ade6
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 133ms
45ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=304365733&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=123799995&gjid=26387498&cid=16617597.1668626245&tid=UA-16055024-1&_gid=1081935226.1668626245&_r=1&gtm=2wgb905D8XJ6Q&z=956632939

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 19:17:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 121ms
38ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=304365733&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=16617597.1668626245&tid=UA-16055024-1&_gid=1081935226.1668626245&gtm=2wgb905D8XJ6Q&z=1261950273

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 04:31:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53184
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 112ms
39ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 04:31:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53184
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A5FC 109 KB
43 KB 126ms
46ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/76575.588b6b68158c81ab6ffa.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72b3309cada345805763e3fe1de675ac3e6c5313abfc2337b6db42bebdd91313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43612
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Nov 2022 19:17:25 GMT

GET
H3 200 28903.415109541489380d12f6.css
static.tradingview.com/static/bundles/embed/ Frame A5FC 801 B
585 B 44ms
43ms Stylesheet
text/css 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/28903.415109541489380d12f6.css

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/runtime.9f0a7e65f1db5dc00c7f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

a5068464290b2b7404e5f67f0bbbcabfc046b1e6d635430e91e77d96461c95ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 10:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
age: 6167679
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 219
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:06 GMT
server: tv
etag: "63170c8e-db"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: aoXDAhMYx2n5qlxS0Qu0ogz8Sm0VVYMLCIZWh-sced1M6NvQ1mnWLw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js Show response
static.tradingview.com/static/bundles/embed/ Frame A5FC 4 KB
2 KB 44ms
44ms Script
application/javascript 18.66.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/runtime.9f0a7e65f1db5dc00c7f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.97.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-97.fra56.r.cloudfront.net

Software

tv /

Resource Hash

ec982be0fe0cbc9c721b3aface05cd386bec46dea3f004ed49b395617b1cc594

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src 'none'
date: Tue, 06 Sep 2022 10:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 6167659
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2082
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:07 GMT
server: tv
etag: "63170c8f-822"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: dH7_f86_dEkKz0jjwgui_MixRnr1WxWbkQuyxJm5n3pedYaF-qZdiQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
211 B 209ms
102ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16055024-1&cid=16617597.1668626245&jid=123799995&gjid=26387498&_gid=1081935226.1668626245&_u=YEBAAEAAAAAAACAAI~&z=388610852

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Nov 2022 19:17:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 215C 45 KB
17 KB 155ms
49ms Script
text/javascript 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 18:31:14 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2771
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Wed, 16 Nov 2022 20:31:14 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame AC10 45 KB
17 KB 172ms
67ms Script
text/javascript 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 18:31:14 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2771
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Wed, 16 Nov 2022 20:31:14 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame A5FC 49 KB
20 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 19:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 91
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 16 Nov 2022 21:15:54 GMT

GET
H2 200 s-and-p-500.svg
s3-symbol-logo.tradingview.com/indices/ Frame A5FC 1 KB
948 B 221ms
40ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc65c6721af6fef8b02dca12cd466a18150acbe66203f45d76782f210194867e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:27:55 GMT
content-encoding: gzip
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
last-modified: Thu, 26 May 2022 07:17:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 2971
etag: W/"f120e635d6a57528861fe87233bc6c11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: f120e635d6a57528861fe87233bc6c11
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: hIXEL9yR0turQA8AGj5TKVnnt8zIt8trZK0nH3Nt5JXoSdb1Y4z7LQ==

GET
H2 200 nasdaq-100.svg
s3-symbol-logo.tradingview.com/indices/ Frame A5FC 777 B
1 KB 220ms
40ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:28:05 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2968
x-cache: Hit from cloudfront
x-amz-meta-hash: fe60c6206a39b7984b1ebb2b8234c5ab
alt-svc: h3=":443"; ma=86400
content-length: 777
last-modified: Thu, 26 May 2022 07:17:23 GMT
server: AmazonS3
etag: "fe60c6206a39b7984b1ebb2b8234c5ab"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: McHsT-jm2daPTwnJVNevKotIiNCUkK73a_BkBfFc2crvI_XPJfIoXw==

GET
H2 200 / Show response
c.mgid.com/pv/ 0
43 B 199ms
139ms Script
text/plain 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1668626245284269865287&uniqId=0a8be&lct=1667433600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=63753745-0115a&pageView=1&pvid=18481dfe6a5afa648b0&site=310742&implVersion=11&dpr=1&tfre=1095
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76b2911188267768-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content 1a4c313e-e0ac-41a0-9b2b-f1c23bf04485
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/1a4c313e-e0ac-41a0-9b2b-f1c23bf04485
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 collect
www.google-analytics.com/ Frame A5FC 35 B
55 B 46ms
44ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=2046853490&t=pageview&_s=1&dl=https%3A%2F%2Fs.tradingview.com%2Fembed-widget%2Fticker-tape%2F%3Flocale%3Den&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Ticker%20Tape%20Widget&sd=24-bit&sr=1600x1200&vp=775x46&je=0&_u=YEAAAQABAAAAAAAAIE~&cid=1157493898.1668626245&tid=UA-132755435-1&_gid=128522773.1668626245&gtm=2oub90&gcs=G1-0&z=794405598

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 04:31:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53184
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame A5FC 801 B
1 KB 138ms
41ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:48:40 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 1726
x-cache: Hit from cloudfront
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
alt-svc: h3=":443"; ma=86400
content-length: 801
last-modified: Wed, 08 Sep 2021 09:03:52 GMT
server: AmazonS3
etag: "107060b925841745f310697bd9f1f83d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: v9s8Nb2l6H833wpirrI-CWkghNi8eaSB1dFBOGw3axhvb4t4vB6WcQ==

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame A5FC 3 KB
814 B 139ms
42ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:29:01 GMT
content-encoding: gzip
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 2904
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: YExzTK9TMvgJZiAlMgAiXD-iZ0VI3WI6WFUBBbZfY_j5hhDHDyUlew==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame A5FC 870 B
1 KB 139ms
42ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:31:23 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2763
x-cache: Hit from cloudfront
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
alt-svc: h3=":443"; ma=86400
content-length: 870
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
server: AmazonS3
etag: "e9173ef4613c3da43c45885ea39c4b96"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: 1vW8ZNNfMf65yZwd_GniNXMI_pHqjcW86ML9efsX8gN2Onryv-HA7A==

GET
H2 200 apple.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 1 KB
1 KB 143ms
46ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/apple.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:53:51 GMT
content-encoding: gzip
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 1481
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: eXFz2-C0khqZU0M8ylRWr3w6FGrvnrKXpnACQuhb5hZxzJ1WS66kXA==

GET
H3 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame A5FC 523 B
884 B 100ms
50ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:56:07 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
age: 1284
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
alt-svc: h3=":443"; ma=86400
content-length: 523
last-modified: Wed, 08 Sep 2021 09:05:18 GMT
server: AmazonS3
etag: "4542d4ecd73f04c73affa787a4522596"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: wMAPcu8E54Pb_iH7jWTtK_Z57Jhikc9hHGkhH0gx5ypbMVqmlbGsRA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 177ms
75ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-16055024-1&cid=16617597.1668626245&jid=123799995&_u=YEBAAEAAAAAAACAAI~&z=1757554172

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 19:17:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 267ms
165ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-16055024-1&cid=16617597.1668626245&jid=123799995&_u=YEBAAEAAAAAAACAAI~&z=1757554172

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 19:17:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 206
Partial Content d2628e1a-79ad-4e17-a072-14ceb4757b2d
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/d2628e1a-79ad-4e17-a072-14ceb4757b2d
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 68ms
58ms Image
image/svg+xml 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1SAKNE8T99VM7FFV
age: 1239
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 76b29111f9177768-LHR
expires: Thu, 17 Nov 2022 19:17:25 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
910 B 67ms
57ms Image
image/svg+xml 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YX26RVNEGW9X6AWK
age: 3802
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 76b29111f9197768-LHR
expires: Thu, 17 Nov 2022 19:17:25 GMT

GET
BLOB 206
Partial Content fb1aca22-e5d2-4b8f-be80-34da004999d9
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/fb1aca22-e5d2-4b8f-be80-34da004999d9
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 meta-platforms.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 786 B
1 KB 104ms
53ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/meta-platforms.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:38:51 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
age: 2330
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: cafd1d7d717ad67e5dbe45b88fa3d47b
alt-svc: h3=":443"; ma=86400
content-length: 786
last-modified: Fri, 05 Nov 2021 11:07:13 GMT
server: AmazonS3
etag: "cafd1d7d717ad67e5dbe45b88fa3d47b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: iZ2dxG_jxtxWqousqpY1Wqf_Tm4lKY2taaqsaeNc7i9ADg5Uejpbow==

GET
H3 200 alphabet.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 761 B
1 KB 98ms
47ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/alphabet.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:25:27 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
age: 3129
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: d721ee9258a9e765f67ec5dfb05d72f2
alt-svc: h3=":443"; ma=86400
content-length: 761
last-modified: Wed, 08 Sep 2021 08:55:20 GMT
server: AmazonS3
etag: "d721ee9258a9e765f67ec5dfb05d72f2"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: WVAA8rXndqwzYCYM2iSD1QTsyhiU383ZhMdhG8d1BsVpt41dzC_MiQ==

GET
H3 200 berkshire-hathaway.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 1 KB
1 KB 110ms
60ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/berkshire-hathaway.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:06:12 GMT
content-encoding: gzip
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:25 GMT
server: AmazonS3
age: 742
x-amz-cf-pop: FRA2-C1
etag: W/"7c18bc7ae368cb48e47ba8066bb6f18d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 7c18bc7ae368cb48e47ba8066bb6f18d
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: P9zXxdelFKcG4wavZpm_M-wEJUr0_lR0dP98-zFjbKQsvDslUiUZdg==

GET
H3 200 twitter.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 635 B
994 B 111ms
60ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/twitter.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:07:50 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
age: 740
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: 4c66a5172a9c77ab75e140f5079218ec
alt-svc: h3=":443"; ma=86400
content-length: 635
last-modified: Wed, 08 Sep 2021 08:54:59 GMT
server: AmazonS3
etag: "4c66a5172a9c77ab75e140f5079218ec"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: tuF00y2CWQkyGBgxhfY_4ytOtXhaxxEfc0y78tC6k9dtoeWe8V9XVQ==

GET
H3 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 135ms
40ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 17:23:45 GMT
x-content-type-options: nosniff
age: 93220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Nov 2023 17:23:45 GMT

GET
H2 200 1 Show response
servicer.mgid.com/720413/ 1 KB
989 B 254ms
236ms Script
application/x-javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720413/1?pv=5&cbuster=166862624545844817819&uniqId=0a8be&lct=1667433600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=370&h=330&maxw_1=366&maxh_1=284&ident_p=true&cols=1&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=63753745-0115a&pageView=1&pvid=18481dfe6a5afa648b0&implVersion=11&dpr=1&tfre=1268
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cb28182285d20a5045f75d8b838e4f002638c7ffb37ef1108f34fa1c1789ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 76b2911259f37768-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/720415/ 1 KB
994 B 212ms
212ms Script
application/x-javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720415/1?mp4=1&ap=1&w=370&h=330&maxw_1=366&maxh_1=284&ident_p=true&cols=1&pv=5&cbuster=166862624548074931223&uniqId=10ffa&lct=1667433600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=63753745-0115a&pageView=0&pvid=18481dfe6a5afa648b0&implVersion=11&dpr=1&tfre=1291
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17e9179ac100a0228e3011084800e4b2ace49aff6454e652fcdf3e5ba29fc273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 76b291126a0a7768-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 4 KB
2 KB 98ms
98ms Script
application/x-javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?mp4=1&ap=1&w=370&h=1095&maxw_3=366&maxh_3=247&cols=1&pv=5&cbuster=1668626245491997925516&lct=1667433600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=63753745-0115a&pageView=0&pvid=18481dfe6a5afa648b0&implVersion=10&dpr=1&tfre=1301
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 633dd46c8dbb4522f96030a07039e3264c815414a3d3eb3ab348980c54773cb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 76b291127a247768-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 dillards.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 522 B
880 B 101ms
53ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/dillards.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:36:26 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
age: 2460
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: fe0a346dd65be84d3e810b04e0ec4c77
alt-svc: h3=":443"; ma=86400
content-length: 522
last-modified: Wed, 08 Sep 2021 08:56:49 GMT
server: AmazonS3
etag: "fe0a346dd65be84d3e810b04e0ec4c77"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: UpBcgAIIhVcigaPiuMqXKtmuCozdZlboz9HIGbwitwJ9L5t0EXgTKA==

GET
H3 200 crispr-therapeutics-ag.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 1 KB
976 B 108ms
60ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crispr-therapeutics-ag.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:38:45 GMT
content-encoding: gzip
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:03:06 GMT
server: AmazonS3
age: 2321
x-amz-cf-pop: FRA2-C1
etag: W/"16a44c1a6154b68c7aa2fa206e59c817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 16a44c1a6154b68c7aa2fa206e59c817
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: y38sxsDVJNeTb_AY-I4CQAiUl0r-Y6RmTeO_upsXDm0WLsGb3d5eUA==

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS83MTU4MTMvYTRjO...
s-img.mgid.com/g/14600366/492x277/-/ 22 KB
22 KB 201ms
65ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14600366/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS83MTU4MTMvYTRjODY5ZWUwYmYzYzc3M2RjMmExNzZlMjJlMjc3Y2IuanBn.webp?v=1668626245-cJpHd2vw_fetdGgvnDXcawJFXajRKoCJhcA0CjWcTOY
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f42e33f53ab4862fdade60406b5b288dd7d20f1066879bf77cb6b313596f7c6

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Nov 2022 09:16:51 GMT
x-mg-request-uuid: 098a4efd-3284-4c51-8e98-cb95d01fa2db
server: cloudflare
age: 10843
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 76b291140f1b75c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22430

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS81NDE5ODEvMzZjN...
s-img.mgid.com/g/14042019/492x277/-/ 12 KB
13 KB 208ms
72ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14042019/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS81NDE5ODEvMzZjNTlhZGZkNzdjMjk1NTAyMTc2ZmJmMmNhODUwMTEuanBn.webp?v=1668626245-faLuguP8f56Pk4ewlVtqp614Rd2p6ixP29CLkzb1KUw
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6449ce4211f54395428f0efbafb49a675091cacb91276cca89ccdef301f066

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 10:15:29 GMT
x-mg-request-uuid: 16e2c002-2170-428a-8351-4a0547c5fe4c
server: cloudflare
age: 10843
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 76b291140f1d75c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12782

GET
H2 200 492
img.rtbsystem.org/375/12/366/0cf701dc-295c-413e-8809-d2a6283416aa.png/16x9/ 244 KB
245 KB 210ms
86ms Image
image/png 2606:4700:e4::ac40:af1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rtbsystem.org/375/12/366/0cf701dc-295c-413e-8809-d2a6283416aa.png/16x9/492
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:af1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e0af3eac46f57cf0fc99c34d6ab9a3b550986b1efd4b250241dadbe508313b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 25 May 2022 20:57:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"628e984f-1bf26"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkewrDyuRCpBXWm41llJOjf2d%2F3J6VLNB2U50MbhKrlkeBagLXmuvsJiqRNgEenz9A33YkKdZTLt1sXGSUlAlx4vL34vLa0vLpciHrVubR%2F6qvV3cIh8E3yaWidTxBGQeM%2BFsxa27xdDHc4clszYCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 76b29113feba6969-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 249903
expires: Thu, 17 Nov 2022 19:17:25 GMT

GET
H3 200 amazon.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 1 KB
1 KB 68ms
47ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/amazon.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:34:05 GMT
content-encoding: gzip
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:57:49 GMT
server: AmazonS3
age: 2606
x-amz-cf-pop: FRA2-C1
etag: W/"839d24db4574bb8543cec9624d3e1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: G-DKdd_k4U0tooQJlweb-JrtRbqjm22TZK-AhceYBtJ2EvrH-6Zm8A==

GET
H3 200 tesla.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 508 B
870 B 68ms
48ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/tesla.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:34:39 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
age: 2567
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
alt-svc: h3=":443"; ma=86400
content-length: 508
last-modified: Wed, 08 Sep 2021 09:01:16 GMT
server: AmazonS3
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: We_jpjavQurRXGt5ZPPhZlgu_GKOsQ0PnXAU0PsBE7GbOdrX58FlTw==

GET
H3 200 fedex.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 182 B
543 B 135ms
117ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/fedex.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:30:31 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
age: 2904
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: a4fcbd383e2f657b6528f4aa95844de5
alt-svc: h3=":443"; ma=86400
content-length: 182
last-modified: Wed, 08 Sep 2021 08:56:21 GMT
server: AmazonS3
etag: "a4fcbd383e2f657b6528f4aa95844de5"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: v5njuS3tGdCFgej3-Z4dLAOMsO9JyN0ZSHhw_S8HuFoYfONPa_vZXg==

GET
H2 206 470e244860dc025fb90ee75ac0d0f7e8.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-11/569299/ 608 KB
609 KB 194ms
65ms Media
video/mp4 2606:4700:4400::ac40:9040
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-11/569299/470e244860dc025fb90ee75ac0d0f7e8.mp4?v=1668626245-rAImhJ3aOQRQbzI0zD5ZXxdOfaMGqTj4z-VIYEBNK4Q

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9040 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff104a6b4e9d43c79cddb54d6065ee658f852b9be309380d7f00b27e8dc415ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1235540
Content-Range: bytes 0-622788/622789
server-timing: fastly;dur=2;cpu=0;start=2022-11-02T12:01:42.555Z;desc=hit,rtt;dur=0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 622789
x-request-id: cb5afde81e49604809c0c691fc5fa8b9
last-modified: Tue, 01 Nov 2022 15:33:26 GMT
server: cloudflare
etag: "7be6b5a937c027ae024dcb049e916a0a"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 76b291142b9091ea-FRA
expires: Thu, 16 Nov 2023 19:17:25 GMT

GET
H3 200 microsoft.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 304 B
663 B 64ms
63ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/microsoft.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:24:05 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
age: 3257
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
alt-svc: h3=":443"; ma=86400
content-length: 304
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
server: AmazonS3
etag: "074d127e2f9fd8c2e79c01a5f002979c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: hXa2c58C1JubDyfipkI54b8tBpRPfrDkaCgRbpWI-vhQNEsGkP8OCA==

GET
H3 200 gamestop.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 1 KB
1007 B 64ms
63ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/gamestop.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:25:27 GMT
content-encoding: gzip
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:53:53 GMT
server: AmazonS3
age: 3151
x-amz-cf-pop: FRA2-C1
etag: W/"bbf56edc1acae4673f8e03ab9e3e2290"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: bbf56edc1acae4673f8e03ab9e3e2290
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: CQpYxgO9jk6fncAKO3cPK2TqqbILb4SUS9n6pRNXPxvASBoyv_Ie1w==

GET
H3 200 united-parcel.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 1 KB
1 KB 50ms
49ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/united-parcel.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:55:41 GMT
content-encoding: gzip
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:05 GMT
server: AmazonS3
age: 1392
x-amz-cf-pop: FRA2-C1
etag: W/"ffadcdfb231eca2a6bddb9ca0efde5be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: ffadcdfb231eca2a6bddb9ca0efde5be
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DMMvXGxn8Rc3_fhRc4Y5Aj0MIdbRy0rT5YlgwKRiVFrvpEj2BRcu4w==

GET
H2 200 i.js Show response
cm.mgid.com/ 0
37 B 191ms
173ms Script
application/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1668626245671610929187
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 19:17:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 76b29113bd2c7768-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 50C1 0
101 B 148ms
148ms Script
application/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1668626245683786798070
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 19:17:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 76b29113bd317768-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
eu-1-id5-sync.com/api/1.0/ 57 KB
17 KB 182ms
79ms Script
text/javascript 2606:4700:20::ac43:4b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-1-id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

396e29667155c2f7b14b02e0823f021623f6fc41d24c055eb8c04682f6f906e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20
x-amz-request-id: MTGHPR3PKNB1VMJV
x-amz-server-side-encryption: AES256
x-amz-id-2: hDJbyNwFmhC+Vtx7IdHw8uZQIiwk8/irD0vGSMp3TnepCxxouSw3jcmp9JfufhoM9X/g9UChJtE=
last-modified: Thu, 10 Nov 2022 09:46:31 GMT
server: cloudflare
etag: W/"f56ac574619f997d4b0c211e79bcc3af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYitEe8WTCB3ZTogTVIt%2BWbwXDJuT2hXvbcFAWa3uxaQ0LN7OirchsgsUORkurOYlYVu0QO9Rjo%2F407q0KXuxAQFs%2F1MLm337%2Fq%2BbfPbFLCPacsfrUaw0Q4D7ynPE01HxmCObiy1NCnUYCUp6sYv"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=14400
cf-ray: 76b291147ca890e6-FRA

GET
H2 200 492
img.rtbsystem.org/387/28/420/233103ee-e0d8-4d74-a68a-b51de107bf28.jpg/3x2/ 16 KB
17 KB 89ms
88ms Image
image/jpeg 2606:4700:e4::ac40:af1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rtbsystem.org/387/28/420/233103ee-e0d8-4d74-a68a-b51de107bf28.jpg/3x2/492
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:af1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4951d7c0b7ddef8e96699d8cf85f7201a315bd090c4c02c9426955bbc32b3615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:25 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Nov 2022 12:58:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"636e470a-70d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWYVUAyBXzTqDrzl0WMV3H678Hy1r7csYey6JnK2Ipvfgm66rjrGybjf4aP5WK8uDSX5Sg1yNl5s0%2Fvf05rFQmwu9E3ScIoLFCcsOQzxg7XfYVL6Xr4YrmbNKn0HTw%2FOXqIYC8E89XKWhD5suDKAGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 76b291142f416969-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16890
expires: Thu, 17 Nov 2022 19:17:25 GMT

GET
H3 200 paypal.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 1 KB
1002 B 47ms
46ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/paypal.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:12:58 GMT
content-encoding: gzip
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:02:09 GMT
server: AmazonS3
age: 386
x-amz-cf-pop: FRA2-C1
etag: W/"65eea60fcee5ecdfdbb1acd1ba7cc66b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 65eea60fcee5ecdfdbb1acd1ba7cc66b
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DhVf__0Qj3kVY5Hp4fhsVuuQXg1IxDbn5qkQK9zUHPXv6OokNdi2Yg==

GET
H3 200 ebay.svg
s3-symbol-logo.tradingview.com/ Frame A5FC 1 KB
992 B 47ms
47ms Image
image/svg+xml 2600:9000:20eb:1a00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/ebay.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:19:57 GMT
content-encoding: gzip
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:57:07 GMT
server: AmazonS3
age: 3598
x-amz-cf-pop: FRA2-C1
etag: W/"10fc27643c8debeb225d244f546f3641"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 10fc27643c8debeb225d244f546f3641
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: akbdqsq2tm_3tNn_H4JghuQ1eQ6Zgsbm_BIVE-q12pXEgzHWyvSdng==

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 133ms
40ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

97f796607c639eb0607138f3ac5239df4b3410100dd1d574c769ea41ca819ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 19:17:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
232 B 206ms
42ms XHR
application/json 2001:41d0:701:1000::2fb3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::2fb3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 01cac63feafd37af6b50b9caf11328aea1d825114e130c63f8687f13d8eef296

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 19:17:26 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H3 200 jsDynamic-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 4 KB
2 KB 79ms
76ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20221007.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 987225
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 05 Sep 2022 17:12:52 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63162e14-105e"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76b29115495b9ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 12 Oct 2022 11:50:43 GMT

GET
H3 200 responsive-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
1 KB 80ms
75ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20221007.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 987224
cf-polished: origSize=1728
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-6c0"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76b29115495c9ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 12 Nov 2022 08:12:39 GMT

GET
H3 200 validate-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 7 KB
2 KB 86ms
81ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20221007.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c5482525141cafe3826dd5c62639094fe6053531a9b93af37c3c396c2681d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 987224
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:46 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be6-1a18"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76b29115495f9ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 12 Nov 2022 08:12:39 GMT

GET
H3 200 loadmore-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
3 KB 85ms
80ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20221007.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 987225
cf-polished: origSize=14745
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-3999"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76b2911549609ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 12 Nov 2022 08:12:39 GMT

GET
H3 200 lazy-loading-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 124 B
587 B 90ms
85ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/lazy-loading-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20221007.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1721039
cf-polished: origSize=173
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 05 Sep 2022 17:12:52 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63162e14-ad"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76b2911549629ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 12 Oct 2022 08:12:05 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
26 KB 158ms
59ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20221007.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bf0fe7dc929d45aece69ee0b5b8cbbfe08748482167830e464517935043cc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 19:17:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 103ms
37ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

b7c15bbf392858dd283866fbfa8ef3e0305c25d3059d8ae965904a1ef8934af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 19:17:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
232 B 177ms
38ms XHR
application/json 2001:41d0:701:1000::2fb3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::2fb3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 437cc69b1f59f7d9e9d0e73384013c7a007369d31613a590ff8c19df0c2483b3

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 19:17:26 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 123ms
41ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

e69a2ad60568989019c7bdfe48053f96c8a7a2f2013c67c4a0e4bff911f44eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 19:17:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
232 B 212ms
38ms XHR
application/json 2001:41d0:701:1000::2fb3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::2fb3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: f1e90c80cdb4aec83a3bfe6514c126ae605c002292165da9dbe46ccd6a7a4faf

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 19:17:26 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H2 200 showing.php Show response
a1.beforeitsnews.com/dAjax/ 115 KB
12 KB 977ms
964ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.beforeitsnews.com/dAjax/showing.php?_=1668626246026

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d1e8e50e590c1e2936e7ee8b18c3773faeec8491fab522810811d4a4237f448

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private
access-control-max-age: 3628800
cf-ray: 76b29115d8339b94-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 209ms
87ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20221007.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1421
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 76b29116a8749b57-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 19 Nov 2022 19:17:26 GMT

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
627 B 137ms
46ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

97f23f6443ac85b0afde9fd2ea01fbc178ec526421828f3e0faf183ae8a843ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 19:17:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 201ms
117ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 16 Nov 2022 19:59:17 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/ 207 KB
74 KB 126ms
43ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cef9ae613e310483b7a82169bdabb06d68af52447bdf6b586b234cf97f7bfcb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 12:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75091
x-xss-protection: 0
last-modified: Sun, 23 Oct 2022 01:11:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 12:28:45 GMT

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
627 B 119ms
41ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

2be36a6cb7c4cce54186cfa06212ea66cdb4d7c37882a1054b20f1ae7d89b8d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 19:17:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
627 B 97ms
39ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

c146a2c8584fce6d01b7365f113a83689b5d7ff2e002a1e8e550e5d41e3f2917

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 19:17:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 103ms
60ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1421
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 76b291177835bbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 19 Nov 2022 19:17:26 GMT

GET
DATA 200
OK truncated Show response
/ Frame 16B0 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 135ms
39ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:03:15 GMT
x-content-type-options: nosniff
age: 851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Nov 2023 19:03:15 GMT

GET
H3 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame F919 18 KB
4 KB 123ms
38ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 16 Nov 2022 19:59:17 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 132ms
38ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:03:15 GMT
x-content-type-options: nosniff
age: 851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Nov 2023 19:03:15 GMT

GET
H3 200 cleardot.gif
www.google.com/images/ 43 B
65 B 148ms
53ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 19:17:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/ 4 KB
2 KB 62ms
51ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1128ce74964b95589dc47d308b02b99c4781f714d3f2e0405adb43417917c9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:26 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 1259
cf-polished: origSize=4420
status: 200 OK
x-envoy-upstream-service-time: 23
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a4a87513-3fd8-4000-890a-49c87fd1915a
x-runtime: 0.022078
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"1101779584a76ab613b2209b6ee45337"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 76b291187c819b57-FRA
access-control-allow-headers: SDK-Version
expires: Wed, 16 Nov 2022 20:17:26 GMT

GET
H3 200 c
c.mgid.com/ 43 B
213 B 151ms
150ms Image
image/gif 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=366|284|8|FyGyl1LEgQtuCH0vkWDUU91SBkgCDOpdp11-oV-W3FTmNivCouaJpuy1ePCKH1G4NuvifHGGo1PNOnhzMOcDkQ**&fw=1&extjs=66044&cid=720413&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&rid=4dc5c9e0-65e3-11ed-b948-e43d1a2a53a0&tt=Direct&iv=11&pageImp=1&pvid=18481dfe6a5afa648b0&cbuster=166862624695130736668
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: e631d9ad-fe1a-4d40-94ac-f00dd456735e
server: cloudflare
content-type: image/gif
cf-ray: 76b2911b8bc57583-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 200 / Show response
rumble.com/embed/v1s8xr2/ Frame F5F2 18 KB
8 KB 463ms
157ms Document
text/html 172.98.59.51
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/v1s8xr2/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.59.51 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

6d7ef5c5afafeee96a15fcb1d397e15bd73ea1eeef195d99c9fa76927f43946d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 16 Nov 2022 19:17:27 GMT
link: <https://rumble.com/v1uv3dg-skynet-to-be-granted-rights-that-supersedes-humanity-by-us-government.html>; rel="canonical"
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
vary: Accept-Encoding

GET
H2 200 YqCruUbpsk4 Show response
www.youtube.com/embed/ Frame 8377 69 KB
28 KB 246ms
127ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/YqCruUbpsk4

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5872b342d2b0a9b0afa9badc604f8ea00eb9d1e17d492308a2e05343b179e8a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 19:17:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 e086c7ccd2fc04ad96d49807d44e9b1bd8ad8eea.jpeg
beforeitsnews.com/img/i2022/11/ 12 KB
13 KB 109ms
105ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2022/11/e086c7ccd2fc04ad96d49807d44e9b1bd8ad8eea.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abddd385cf22f1034931333516b609c5ed3c2e5bbf68e0f27c62419ee51b3a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1348387
cf-polished: origSize=13679, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12698
last-modified: Tue, 17 Sep 2019 02:46:57 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5d804921-356f"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2911c1a569ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 01 Nov 2023 04:00:08 GMT

GET
H3 200 44d8732aadf4a0334bfd6689d3abd3413bdf615e.jpg
beforeitsnews.com/img/i2022/11/ 36 KB
36 KB 73ms
70ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2022/11/44d8732aadf4a0334bfd6689d3abd3413bdf615e.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4727c236a79590156e2b25d8bd8ece765550e11055191092b3f4632446dbcfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1349012
cf-polished: origSize=42361, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36793
last-modified: Sun, 09 May 2021 05:43:48 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "60977694-a579"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2911c1a609ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 01 Nov 2023 04:00:02 GMT

GET
H3 200 70189017dfbe10d1266577b2701c43e156554529.jpg
beforeitsnews.com/img/banner_contract/ 60 KB
61 KB 110ms
106ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/70189017dfbe10d1266577b2701c43e156554529.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc93f930396c1e55d7d0ebce7db81b3b9f12fbaa3e4b7fe184787ba9c16b6dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 929537
cf-polished: origSize=69526, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61721
last-modified: Thu, 06 Oct 2022 00:57:10 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "633e27e6-10f96"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2911c1a669ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 06 Nov 2023 00:57:36 GMT

GET
H3 200 f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
beforeitsnews.com/img/banner_contract/ 36 KB
36 KB 109ms
105ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 989713
cf-polished: origSize=36512, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36504
last-modified: Sat, 22 May 2021 12:16:37 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "60a8f625-8ea0"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2911c1a6b9ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 05 Nov 2023 08:14:11 GMT

GET
H3 200 7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg
beforeitsnews.com/img/banner_contract/ 46 KB
46 KB 106ms
103ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58edc25ba1976b550899f5f02fe9344f4f5fccfd573a379df3451e743f8a8c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 92964
cf-polished: origSize=51812, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46896
last-modified: Sat, 22 May 2021 12:15:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "60a8f5fb-ca64"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2911c1a709ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 15 Nov 2023 17:27:24 GMT

GET
H3 200 1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg
beforeitsnews.com/img/banner_contract/ 81 KB
82 KB 124ms
122ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 989713
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83236
last-modified: Fri, 04 Mar 2022 07:11:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6221bbbb-14524"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2911c1a749ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 05 Nov 2023 08:14:11 GMT

GET
H3 200 39809350864b0a3554f604e504aca8b82b3c4df8.jpg
beforeitsnews.com/img/banner_contract/ 39 KB
40 KB 155ms
152ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/39809350864b0a3554f604e504aca8b82b3c4df8.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bf1ff7c861b303af85db79af26f29bd653f3a16fe257b9c2614d46e8b85f683

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 737097
cf-polished: origSize=46051, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40061
last-modified: Tue, 08 Nov 2022 05:16:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6369e647-b3e3"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2911c1ac19ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 08 Nov 2023 05:16:56 GMT

GET
H2 200 dJ4tNuyxM54 Show response
www.youtube.com/embed/ Frame CBDB 69 KB
29 KB 175ms
88ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/dJ4tNuyxM54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac022428e1992eeef72d81f910e2f3da92be36d577b6deb25f70a36205585b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 19:17:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 77ms
76ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1419
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 76b2911c5b63bbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 16 Dec 2022 19:17:27 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/ 44 B
560 B 127ms
84ms Fetch
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
status: 200 OK
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 998b4060-2a98-4383-b7f5-4244eb7832d2
x-runtime: 0.007709
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e51140cdcd044ad76335646936ec5319"
x-download-options: noopen
vary: Accept, Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 76b2911d1a589bd4-FRA
access-control-allow-headers: SDK-Version

GET
H3 200 www-player.css
www.youtube.com/s/player/b50b69c9/ Frame CBDB 359 KB
49 KB 138ms
59ms Stylesheet
text/css 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dJ4tNuyxM54

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c95cc3e583a81552c835f63bc5bce5d7e0359535b713df4e3876dcec05b6ac5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dJ4tNuyxM54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:51:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23184
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49806
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Nov 2023 12:51:03 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CBDB 15 KB
15 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dJ4tNuyxM54

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 458542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 11:55:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CBDB 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dJ4tNuyxM54

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 161768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 22:21:19 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/ Frame CBDB 310 KB
96 KB 172ms
122ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dJ4tNuyxM54

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16e48662932b4c8c29f626512afbd767786eb4b52fab1bb46335ae8410a94c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dJ4tNuyxM54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98457
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:56:37 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/ Frame CBDB 2 MB
577 KB 183ms
133ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dJ4tNuyxM54

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40c9f983c3aba68fa3088760e1a20efe0559cdb3527582995c511e00622bb1ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dJ4tNuyxM54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 590922
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:58:58 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/b50b69c9/fetch-polyfill.vflset/ Frame CBDB 9 KB
3 KB 171ms
120ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dJ4tNuyxM54

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dJ4tNuyxM54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:56:37 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/b50b69c9/ Frame 8377 359 KB
49 KB 79ms
41ms Stylesheet
text/css 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c95cc3e583a81552c835f63bc5bce5d7e0359535b713df4e3876dcec05b6ac5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YqCruUbpsk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:51:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23184
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49806
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Nov 2023 12:51:03 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8377 15 KB
15 KB 40ms
38ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 458542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 11:55:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8377 15 KB
15 KB 52ms
50ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 161768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 22:21:19 GMT

GET
H3 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
2 KB 65ms
63ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 978971
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-8ab"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76b2911dbec29ba6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 27 Oct 2023 00:40:44 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/ Frame 8377 310 KB
96 KB 140ms
118ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16e48662932b4c8c29f626512afbd767786eb4b52fab1bb46335ae8410a94c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YqCruUbpsk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98457
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:56:37 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/ Frame 8377 2 MB
577 KB 149ms
127ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40c9f983c3aba68fa3088760e1a20efe0559cdb3527582995c511e00622bb1ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YqCruUbpsk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 590922
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:58:58 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/b50b69c9/fetch-polyfill.vflset/ Frame 8377 9 KB
3 KB 62ms
40ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YqCruUbpsk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:56:37 GMT

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame F5F2 76 KB
27 KB 153ms
151ms Script
application/javascript 172.98.59.51
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=332

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v1s8xr2/?pub=hw409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.59.51 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

47ab7c59dfab1f611c49f00c9db3f1a6f2e7cc02608bffbda5ef0bd0bd342fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/v1s8xr2/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br
last-modified: Tue, 15 Nov 2022 15:53:31 GMT
server: nginx
etag: W/"6373b5fb-131ea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000

GET
H2 200 utASg.BvCc-small-Skynet-To-Be-Granted-Rights.jpg
sp.rmbl.ws/s8/1/u/t/A/S/ Frame F5F2 57 KB
58 KB 43ms
42ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/u/t/A/S/utASg.BvCc-small-Skynet-To-Be-Granted-Rights.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/v1s8xr2/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: a843d1905ba415ec3bb3a63ab4b9f49c27adcf7a159323cc9600d4967f7a7282

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
last-modified: Wed, 16 Nov 2022 10:48:41 GMT
server: nginx
etag: "46b166628b6578a5835a11160ef59df3"
x-hw: 1668626247.cds129.fr8.hn,1668626247.cds210.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=56899
accept-ranges: bytes
content-length: 58847

GET
H2 206 utASg.caa.rec.mp4
sp.rmbl.ws/s8/2/u/t/A/S/ Frame F5F2 4 MB
0 48ms
47ms Media
video/mp4 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/u/t/A/S/utASg.caa.rec.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/v1s8xr2/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash

Request headers

Referer: https://rumble.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
last-modified: Wed, 16 Nov 2022 12:13:19 GMT
server: nginx
etag: "4933ec3aa6746be186ff27871a6f9b41-69"
x-hw: 1668626247.cds129.fr8.hn,1668626247.cds237.fr8.c
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-361549567/361549568
cache-control: max-age=74576
accept-ranges: bytes
Content-Length: 361549568

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CBDB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

61ms
61ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dJ4tNuyxM54

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1fda59e07f42f22f6cbe2fad25a9abd18e2ddf7e7e430dba1ceb48d91362bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 16 Nov 2022 19:17:27 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CBDB 29 B
588 B 337ms
55ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:09:12 GMT
x-content-type-options: nosniff
age: 496
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 19:24:12 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 8377
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

62ms
62ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1e91f7fb078314f23452b2de481a753d611276d3b2109044650d7c03a5d76da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 16 Nov 2022 19:17:27 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 8377 29 B
89 B 327ms
56ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:09:12 GMT
x-content-type-options: nosniff
age: 496
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 19:24:12 GMT

GET
H3 200 lib.wasm Show response
www.youtube.com/s/player/b50b69c9/wasm/ Frame CBDB 20 KB
8 KB 41ms
41ms Fetch
application/wasm 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/wasm/lib.wasm

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90708f93df593fd5e90e707d689a804aa8b041740cabfc0f47b9233fbea53eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dJ4tNuyxM54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 17:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8625
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: application/wasm
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 17:06:10 GMT

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CBDB 66 KB
30 KB 136ms
58ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c1af25333ab25f0019812455e82b00dad4454ffaa1afae5763e5fdb57cdbc78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 16 Nov 2022 19:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31027
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/ Frame CBDB 118 KB
36 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fa4d9510d3b5966db25ca539e5c9bebed6314930aa3bf47cd36c22044e123f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dJ4tNuyxM54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37227
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:59:16 GMT

GET
H3 200 _mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js Show response
www.google.com/js/th/ Frame CBDB 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe65bfd909ac7e21df1d0ceec09263795de5beb2504bb6c286a62a64b89edbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 22:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 334262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14302
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 22:26:25 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/ Frame CBDB 26 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

767721911c7b7df933f222b581db1a8cae5819f11c929fcf05106d3b407809da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dJ4tNuyxM54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8286
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:58:58 GMT

GET
DATA 200
OK truncated
/ Frame CBDB 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CBDB 942 B
1 KB 246ms
54ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dJ4tNuyxM54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 16:13:14 GMT
x-content-type-options: nosniff
server: fife
age: 11054
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 942
x-xss-protection: 0
expires: Thu, 17 Nov 2022 16:13:14 GMT

GET
H3 200 sddefault.jpg
i.ytimg.com/vi/dJ4tNuyxM54/ Frame CBDB 33 KB
33 KB 124ms
42ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/dJ4tNuyxM54/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGE8gWyhlMA8=&rs=AOn4CLBtXzSTjxb-8HeuzQigAtUjsdDAGw

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dJ4tNuyxM54

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7cadb1adfe41267aadfcb33b66311dd60288b119b7cf1278724c9b34e349bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:09:33 GMT
x-content-type-options: nosniff
age: 474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33433
x-xss-protection: 0
server: sffe
etag: "1658335911"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 16 Nov 2022 21:09:33 GMT

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8377 65 KB
30 KB 129ms
52ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce58f55f0a21ef075306d04bb75637d91fa7b7f5ed0ac619fa9f71e9fb900618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 16 Nov 2022 19:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30799
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/ Frame 8377 118 KB
36 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fa4d9510d3b5966db25ca539e5c9bebed6314930aa3bf47cd36c22044e123f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YqCruUbpsk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37227
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:59:16 GMT

GET
H3 200 _mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js Show response
www.google.com/js/th/ Frame 8377 36 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe65bfd909ac7e21df1d0ceec09263795de5beb2504bb6c286a62a64b89edbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 22:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 334262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14302
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 22:26:25 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/ Frame 8377 26 KB
8 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

767721911c7b7df933f222b581db1a8cae5819f11c929fcf05106d3b407809da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YqCruUbpsk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8286
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:58:58 GMT

GET
DATA 200
OK truncated
/ Frame 8377 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 8377 942 B
1000 B 177ms
55ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 16:13:14 GMT
x-content-type-options: nosniff
server: fife
age: 11054
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 942
x-xss-protection: 0
expires: Thu, 17 Nov 2022 16:13:14 GMT

GET
H3 200 sddefault.jpg
i.ytimg.com/vi/YqCruUbpsk4/ Frame 8377 34 KB
34 KB 70ms
57ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/YqCruUbpsk4/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGCUgVyhyMA8=&rs=AOn4CLDhHhra5a0uBb__toJ3DfCkVrrLPg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

465d85d2b1a04743b3049c54e3449b6d2ed65d88fd8e30fee20d30ee7b000ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:27 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34629
x-xss-protection: 0
server: sffe
etag: "1661821477"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 16 Nov 2022 21:17:27 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 291ms
56ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 16 Nov 2022 19:17:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 226ms
56ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 16 Nov 2022 19:17:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 8377 0
10 B 37ms
37ms Image
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?zg85pg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YqCruUbpsk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame CBDB 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Hv4DCQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/dJ4tNuyxM54
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dJ4tNuyxM54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 8377 4 KB
2 KB 293ms
213ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 19:17:28 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame F5F2 49 KB
20 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 19:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 94
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 16 Nov 2022 21:15:54 GMT

POST
H2 200 view...1s8xr2.7439c9
rumble.com/l/ Frame F5F2 35 B
191 B 151ms
150ms Ping
image/gif 172.98.59.51
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...1s8xr2.7439c9?p=2.3&r=106563124&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.59.51 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/v1s8xr2/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 16 Nov 2022 19:17:28 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
server: nginx
log-code: 3
content-type: image/gif

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CBDB 4 KB
2 KB 219ms
202ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 19:17:28 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CBDB 90 B
134 B 50ms
49ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69fc2082931d22d18d99d6d2a570b545f399b242424eeb99b8152cbaf3986c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 16 Nov 2022 19:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 46ms
45ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 16 Nov 2022 19:17:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
46ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 16 Nov 2022 19:17:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8377 90 B
134 B 52ms
51ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

accda7413e83c1fac46d627415f1940402e1f50df5f05b6b97b9e045989ad227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 16 Nov 2022 19:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame F5F2 4 B
24 B 54ms
54ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1144806893&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.v1s8xr2%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=%22Skynet%22%20To%20Be%20Granted%20Rights%20That%20Supersedes%20Humanity%20By%20US%20Government%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&_u=YEBAAEABAAAAACgBIC~&jid=944972921&gjid=1754303785&cid=1923113763.1668626249&tid=UA-44331619-1&_gid=1077792707.1668626249&_r=1&_slc=1&z=239002726

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 19:17:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame F5F2 35 B
55 B 50ms
50ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1144806893&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.v1s8xr2%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=%22Skynet%22%20To%20Be%20Granted%20Rights%20That%20Supersedes%20Humanity%20By%20US%20Government%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&ec=Embed&ea=View&el=v1s8xr2&_u=YEBAAEABAAAAACgBIC~&jid=&gjid=&cid=1923113763.1668626249&tid=UA-44331619-1&_gid=1077792707.1668626249&z=306567233

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v1s8xr2/?pub=hw409

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 04:31:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53187
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame CBDB 52 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:56:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 17 Nov 2022 12:56:25 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 8377 52 KB
15 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:56:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 17 Nov 2022 12:56:25 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame F5F2 4 B
25 B 148ms
47ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-44331619-1&cid=1923113763.1668626249&jid=944972921&gjid=1754303785&_gid=1077792707.1668626249&_u=YEBAAEAAAAAAACgBIC~&z=613047784

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Nov 2022 19:17:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ Frame F5F2 42 B
63 B 76ms
75ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-44331619-1&cid=1923113763.1668626249&jid=944972921&_u=YEBAAEAAAAAAACgBIC~&z=1970535026

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 19:17:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame F5F2 42 B
63 B 154ms
74ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-44331619-1&cid=1923113763.1668626249&jid=944972921&_u=YEBAAEAAAAAAACgBIC~&z=1970535026

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 19:17:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CBDB 28 B
54 B 50ms
50ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time: 1668626250635
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dJ4tNuyxM54
X-YouTube-Client-Version: 1.20221113.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs5amdIRzJ4bVdmUSjH7tSbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668626247554&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C370%2C246&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 16 Nov 2022 19:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 16 Nov 2022 19:17:30 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 8377 28 B
54 B 60ms
55ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time: 1668626250652
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/YqCruUbpsk4
X-YouTube-Client-Version: 1.20221113.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt5QUVMaTR1Nkw2MCjH7tSbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668626247547&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C367%2C245&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 16 Nov 2022 19:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 16 Nov 2022 19:17:30 GMT

Verdicts & Comments Add Verdict or Comment

282 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s2
beforeitsnews.com/	1970-01-20 07:30:34	Name: __cflb Value: 04dToerZmTfQcfwEHt8ULGdndf17BZ3rrBUcy9zEfh
beforeitsnews.com/	1970-01-20 17:06:26	Name: b4in-uuid Value: 8bdc938d-329b-4b06-be1b-94576aec7ab5
.mgid.com/	1970-01-20 07:30:28	Name: __cf_bm Value: t1EQDGOjRguVRl0hJLeD9PXkSnMbLHYoNofD9prn.MI-1668626244-0-AYO8pGFen2NqB3Lbm/YGukRpQrRyUWZ9qtM6iikKhBiJqVqbL5bvqPgzrIqcVKNboQJnGLc1MD5AvwJir2fFdn0=
.beforeitsnews.com/	1970-01-20 17:06:26	Name: _ga Value: GA1.2.16617597.1668626245
.beforeitsnews.com/	1970-01-20 07:31:52	Name: _gid Value: GA1.2.1081935226.1668626245
.beforeitsnews.com/	1970-01-20 07:30:26	Name: _gat_UA-16055024-1 Value: 1
beforeitsnews.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C720413%22%3A%7B%22page%22%3A1%2C%22time%22%3A1668626245766%7D%2C%22C720415%22%3A%7B%22page%22%3A1%2C%22time%22%3A1668626245698%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1668626245600%7D%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: STeYWNYvC4g
.youtube.com/	1970-01-20 11:49:38	Name: VISITOR_INFO1_LIVE Value: yAELi4u6L60
.rumble.com/	1970-01-20 17:06:26	Name: _ga Value: GA1.2.1923113763.1668626249
.rumble.com/	1970-01-20 07:31:52	Name: _gid Value: GA1.2.1077792707.1668626249
.rumble.com/	1970-01-20 07:30:26	Name: _gat_rumble Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20221116_101723_856.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(34)%20(1).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.beforeitsnews.com
ajax.beforeitsnews.com
beforeitsnews.com
borirait.site
c.mgid.com
cdn.mgid.com
cdn.onesignal.com
cdn2.customads.co
cl.imghosts.com
cm.mgid.com
customads.co
eu-1-id5-sync.com
fonts.googleapis.com
fonts.gstatic.com
gellerreport.com
googleads.g.doubleclick.net
i.imgflip.com
i.ytimg.com
id5-sync.com
img.beforeitsnews.com
img.rtbsystem.org
jnn-pa.googleapis.com
jsc.mgid.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
onesignal.com
pagead2.googlesyndication.com
rddywd.com
rumble.com
s-img.mgid.com
s.tradingview.com
s.w.org
s3-symbol-logo.tradingview.com
s3.tradingview.com
servicer.mgid.com
sp.rmbl.ws
static-3.bitchute.com
static.doubleclick.net
static.tradingview.com
stats.g.doubleclick.net
thewashingtonstandard.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.ournewearthnews.com
www.youtube.com
yt3.ggpht.com
104.18.255.14
13.224.189.41
13.225.78.13
141.95.98.64
151.139.128.10
162.19.138.82
162.241.30.109
172.98.59.51
18.66.97.97
192.0.77.48
2001:41d0:701:1000::2fb3
2400:52e0:1e00::601:1
2600:9000:20eb:1a00:1f:2f70:3e80:93a1
2600:9000:21f3:9400:18:9413:7780:93a1
2606:4700:10::6816:4a8a
2606:4700:10::ac43:e6e
2606:4700:1::6813:844e
2606:4700:1::6813:884e
2606:4700:20::681a:a3
2606:4700:20::ac43:4b59
2606:4700:4400::ac40:9040
2606:4700::6812:e134
2606:4700:e4::ac40:af1c
2a00:1450:4001:802::200e
2a00:1450:4001:803::2003
2a00:1450:4001:806::2006
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2016
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c00::9d
2a06:98c1:3120::3
2a06:98c1:3121::3
35.190.30.115
01cac63feafd37af6b50b9caf11328aea1d825114e130c63f8687f13d8eef296
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8
0bc671931d94766730f0ef8d31d927a524a9c4e68dce6947cc3c53e5878ee33c
0bef34147e43e605e56dc81b91a8fd641694689947defcf327a25ed0380c2e3d
0bf0fe7dc929d45aece69ee0b5b8cbbfe08748482167830e464517935043cc1c
0ea20734cb830a4ce3e4bc91ae7eaca73b1e95cb5b38515bb1dcfe9baed1fdf3
0ffdd46e6b4516f76d785f06fe5cb34dd8890420ce70fe95b2f3aea1cff06879
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
1128ce74964b95589dc47d308b02b99c4781f714d3f2e0405adb43417917c9d1
11d8ab754a7bd056500e49e7f473228063c95032e33794319a5f28cfaa511cb8
12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988
12b85f5e5b531b1f478546d5e2382dd5b263b75ed08de68b05786f762ea7dfde
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1
13f0593a5d13fb5749e110899dbe6e2e4e7d807f3958e15b937cc6f0001764f2
1498779faecb7484905cd2d841badd80d3915101303b90f0604131635e105eda
15c8288a0739ac7b9d71592f12c6da487bd2c63cc2657a561e6089f93ff1bfd3
1610aabbdeb17b43dd2de11661ba8e223eb9d9438810141dbf95cf8cbbef42c0
16e48662932b4c8c29f626512afbd767786eb4b52fab1bb46335ae8410a94c92
17e9179ac100a0228e3011084800e4b2ace49aff6454e652fcdf3e5ba29fc273
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1c06e495f43829458c1154dcb847dccb258e2490fdc8022d80c8ee9410507fd9
1c1af25333ab25f0019812455e82b00dad4454ffaa1afae5763e5fdb57cdbc78
1e39fbaf69594ed7df217d88b6e405c5c6497269f6a5becc04e6ca8078a57d84
1e69fda028a323bc43dac18f4edb73a1b44081dc358350cedc92682078735517
233eca5f4f7e19c25cc0f721efaad650525ce61f70a81770ada51d91227e21d1
23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b
25baabde5ab48b2510f26d07101ef48899781ce1bfe1e2e5377796c9677b0dd2
293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643
2ac518762f385a06316205586c24ed7b8d8e07cd549b3dfdde899e6906c43aa8
2be36a6cb7c4cce54186cfa06212ea66cdb4d7c37882a1054b20f1ae7d89b8d0
2d1e8e50e590c1e2936e7ee8b18c3773faeec8491fab522810811d4a4237f448
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
2f3eba1194c88bed5aea71a0e612cac14a5f13af4b072395d3327a462a050325
2f9f05af10d926f60333ddb0a90a413564c566917fe01717359f99122c68479d
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
33e0af3eac46f57cf0fc99c34d6ab9a3b550986b1efd4b250241dadbe508313b
35756cfdc99cea57d1bebba0304db1a4657bbfae0366c0bf15b1e48bdf113e9f
3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d
396e29667155c2f7b14b02e0823f021623f6fc41d24c055eb8c04682f6f906e5
39d97f34c5075e5ace71d73ef354d423e0ac8f67be613ff24beaba8f24f39702
3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde
3af93c1532486b12b9adbb7c1376c72979355372a5f29609cae984fca8632b9b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ee5811c76d7723bfd84473090c1a356eaaf8e383d33dfc592275a375c9197fc
3fa4d9510d3b5966db25ca539e5c9bebed6314930aa3bf47cd36c22044e123f0
40c9f983c3aba68fa3088760e1a20efe0559cdb3527582995c511e00622bb1ed
40f06f7a9c935764fa1d8211ab09053615e46ebb6135dea069da4ecd4834a467
425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4
437cc69b1f59f7d9e9d0e73384013c7a007369d31613a590ff8c19df0c2483b3
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
465d85d2b1a04743b3049c54e3449b6d2ed65d88fd8e30fee20d30ee7b000ce8
46881e42e7b3d37ef5d6a815eacb658cb89503818b72fd0fe31cabea4cf00486
4705df9f16a57401d59569ddb4032a6c352b5352353475f891e4c2673e4d21fa
4727c236a79590156e2b25d8bd8ece765550e11055191092b3f4632446dbcfe9
47ab7c59dfab1f611c49f00c9db3f1a6f2e7cc02608bffbda5ef0bd0bd342fb2
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
49392c2be71d4f5dc591e7315a4e0d851dbc2d84e698f5a2689c33371765f236
4951d7c0b7ddef8e96699d8cf85f7201a315bd090c4c02c9426955bbc32b3615
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4c5482525141cafe3826dd5c62639094fe6053531a9b93af37c3c396c2681d6d
4c83946e175ac8f5be1ea46e5896c8a51ef4dfbbf75ce8f92a0b5f256c637bff
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
4e389218927c149529b667409ed22a2a56dd391d19a09b53415ada91bccea58d
4f10933a55ea376c3ae57000f6a7c410d52a2b45e0e8d404a0a7d1faa01ebe2f
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
4feeac69149c44960d83018ca23127e9ee6592ae5e39c55cbbe15f3c4b4df912
571b309f6c5dc15b62664b1481fb4253e1c243ace7c908660bb49112360a0faf
57cbf18959509bfbf96b60da1a4c7454e71c70d2d0761dbd5978a7dff02004d9
584ebe92232b4937e10492d818eafb5df6f02159ce05147930b0009b6761ddb1
5872b342d2b0a9b0afa9badc604f8ea00eb9d1e17d492308a2e05343b179e8a6
58aa67532ca92a7ba13ac2ce6e32af21801e891fda8d216a9fb05f0ba0f2837d
58edc25ba1976b550899f5f02fe9344f4f5fccfd573a379df3451e743f8a8c06
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bf1ff7c861b303af85db79af26f29bd653f3a16fe257b9c2614d46e8b85f683
5d9c258676dd7921f77411de9569d784cdaec92335493b8d1a7dfe8cabd5763b
5f07a6593d43c1ce90e3dce0f9bf32f33336a39e788bb0d37a18ece273463bb9
5f8f569f3da46c5354dd8440b64c0e4571fa37ecb6068a6bc4e1fc267a0aa830
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6159f32f1b79a94b26c2c580fdd4ffdfc91af5334f46c4d8b2a1597925fb2e78
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62a61aca0dfb55e1fee66eb83d11fbd17845c4dd8979e5f4be90c5d9865d6fea
633dd46c8dbb4522f96030a07039e3264c815414a3d3eb3ab348980c54773cb6
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
690822970b24b3265f5d24dc65920d4707909b62cd2101a05ccfa2204e744f8d
69a0489a60c82a0f0663129a9f8fcec60db8919bc6e8b5119b035ee28a7b08c4
69fc2082931d22d18d99d6d2a570b545f399b242424eeb99b8152cbaf3986c10
6a194ace54f5bfe33571be8873a85b98bfa9f7e7b7e9afc9e6fd9a354b23dd17
6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4
6cb28182285d20a5045f75d8b838e4f002638c7ffb37ef1108f34fa1c1789ac9
6d7ef5c5afafeee96a15fcb1d397e15bd73ea1eeef195d99c9fa76927f43946d
6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1
70a8e158db2d000a332b451889e71de1224fb81779bcc3896127f17db3e0a464
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
72b3309cada345805763e3fe1de675ac3e6c5313abfc2337b6db42bebdd91313
767721911c7b7df933f222b581db1a8cae5819f11c929fcf05106d3b407809da
773a4e7fbdc613d57c567b05721f87b7f7b97f0d58ad4e8c9e8531ebd46533c8
7908c2f4b89146df43567c37fef2bfcb60e7cbad27f8e6650c5d6f94388778b0
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7ae9d07aba4424bb44e367f4cb94530c493bbbb3125fec2d330daba4eba72840
7e8afde24c9d1649679073c92e36842cc72831188aa26f043e21f4f67aa5aa38
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a3d8af7a1f1580c3d29069e046b0bc5cea5406a3015d7f2de17d76fdef8711
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
884964b723bc5dd14b0b562a2a3148f9f852e7bafe6894e0314a73e6efdda915
88deb6cca5f42a1b999d8d1a57ab4c4ca0c40753aed081fa66492d8d1797f1e4
8a1fc4a5719569d254b33f46fbdacd4458fb9b4bef7b151959a059331062fafd
8a6449ce4211f54395428f0efbafb49a675091cacb91276cca89ccdef301f066
8bdecc4ad35264cf2f804cce30b7c202c0a9a619eaadb4391881e951de66701b
8cd1b41ee0a06e7072185e58dafd568eea44bef71640e7fc015d3bf0f5890f3c
8f42e33f53ab4862fdade60406b5b288dd7d20f1066879bf77cb6b313596f7c6
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90708f93df593fd5e90e707d689a804aa8b041740cabfc0f47b9233fbea53eed
9216263738afedb1ebd7d69e6c7b57146a1531dc3b2feb1a20811949ed9019e7
92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
968223d9a08ecd504af62126c91de12e96fe95e2a3c00853d9b1a268dd6af653
97f23f6443ac85b0afde9fd2ea01fbc178ec526421828f3e0faf183ae8a843ee
97f796607c639eb0607138f3ac5239df4b3410100dd1d574c769ea41ca819ff2
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0d7b8a6237561de8a6c9369317d85f5d62d83b26847b181ddeef13c5ac3ea6b
a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a
a10a75711625e152e9e1de8b8e0605ee8d49cc7d2c264d38f87c1fdc84067268
a1e91f7fb078314f23452b2de481a753d611276d3b2109044650d7c03a5d76da
a5068464290b2b7404e5f67f0bbbcabfc046b1e6d635430e91e77d96461c95ec
a843d1905ba415ec3bb3a63ab4b9f49c27adcf7a159323cc9600d4967f7a7282
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
abddd385cf22f1034931333516b609c5ed3c2e5bbf68e0f27c62419ee51b3a93
ac022428e1992eeef72d81f910e2f3da92be36d577b6deb25f70a36205585b1c
accda7413e83c1fac46d627415f1940402e1f50df5f05b6b97b9e045989ad227
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af5d32664395b840d71c44debca7b1c9bf98579e0de88b85ada5d4eaa2df9465
b0387fc6cf743379a8787351d45a85dcc813211730b0bb08719861a85a2cb81f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b45162d699ebfe9716684cef90a6b3a9ca98d1be386b6072ffc9bd85cabba471
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2
b76b552b13c93e2de7031bd6a9f4e54f75d7abd1fe62c133a9948e3598d10e93
b79ce74f1eec463e4a5cc14e6d056a7ce704918786998b8f838578f0cd771cf2
b7c15bbf392858dd283866fbfa8ef3e0305c25d3059d8ae965904a1ef8934af2
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
bc65c6721af6fef8b02dca12cd466a18150acbe66203f45d76782f210194867e
be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c
bed043f4cd46441844227814473c81bb69488cd6358fed3711f54696e4973a15
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c146a2c8584fce6d01b7365f113a83689b5d7ff2e002a1e8e550e5d41e3f2917
c32cb580981ced5d41956d35867e2d727e104386a33cfa863f516fe8da06fd49
c4c1cfd49525b993c72341eb720cae9046d2648afeec441cdda258e8d9078d78
c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c
c95cc3e583a81552c835f63bc5bce5d7e0359535b713df4e3876dcec05b6ac5d
ca54a58be4f54cf7421a2f34a0ed18f3eeed78566f71fe1ac8e80734abf08838
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb53cdf2605afe7aad9e1232ef7e4432ea4c485f32f1beb4a054b0d1504821cc
ce58f55f0a21ef075306d04bb75637d91fa7b7f5ed0ac619fa9f71e9fb900618
cef9ae613e310483b7a82169bdabb06d68af52447bdf6b586b234cf97f7bfcb7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d01eee8af54b3ea2049757a2f70dee96fa85fcc3e701a7ba0d4c5bd2fcd91e5d
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d1b8a0fc8cd1e1cee4a88d59f5787fdd243f2fbf583f809d5c8d5028ea2b1162
d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3
d6d46bc1263abdc312120275fc077e5acea30b0a5c6a5fe77dc9e3780923da85
d7cadb1adfe41267aadfcb33b66311dd60288b119b7cf1278724c9b34e349bde
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391
dcd4fbd0b24d02a7f50a5de3238e4dc37ce315f157794d618b8536d6e4cf3788
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df173c22699a580af5fc7e35726a17d7875d99fe824f3eefb2f4ff618537e1e0
e07a66b177611ab4b2c62f18e7c10843100dabde3302a31dc9afd827ce2526f1
e07fc5c65bd1a68288ee07ddf3b7f171a068cf0f1a76d03fb4797695ba5842f8
e0cc46fd307661ddfe1c8a4f05af453ce3c5c7641b22c4ce3e06ab690c99348b
e0f7f5ed9f0f62a5219460c495bcb1dac22f31f81d02cb53d2f6db63d0ecc9d0
e1fda59e07f42f22f6cbe2fad25a9abd18e2ddf7e7e430dba1ceb48d91362bf3
e278eba40e64f5adb34a4f691da536fd74c46550f4c8ed30a91ac394282ac0e5
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e532252f98b6de1eb227f7e41734c67a5f0ffe91dd980876103d160e2ebed2dd
e69a2ad60568989019c7bdfe48053f96c8a7a2f2013c67c4a0e4bff911f44eb9
e9d3e91c5c402ee3e44b8ccacf4e6b0693f34c892f54d2a3c9c228e784efe260
ea60ab7269a04836620a32f73ba6525b6624c33e1f84410c908b00492c64a0f7
ea96fd7ce63932fbc9213224d869baa7def0ffbd857e9e49a810f1c7c85fae6c
ec982be0fe0cbc9c721b3aface05cd386bec46dea3f004ed49b395617b1cc594
edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531
f1e90c80cdb4aec83a3bfe6514c126ae605c002292165da9dbe46ccd6a7a4faf
f21f8537b9b087805efd4334b8f0904aa547ba84c2c6a647d002fef16f42aa26
f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897
f6d52f32eced2aea962b6a674009bd1be0ccf506af181a216384d25565a6ac31
f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92
fc2fdcc84c56728a3fedfeb986ea54646d9947b70b49178826d8388dc4b38979
fc93f930396c1e55d7d0ebce7db81b3b9f12fbaa3e4b7fe184787ba9c16b6dfd
fe19334709cd41c6c626aa65d242a3c096e5ef4d92097fc19fc27ab73d31d50a
fe65bfd909ac7e21df1d0ceec09263795de5beb2504bb6c286a62a64b89edbd4
fe7249a559c40d77c52c75c19e5dc4c032e4b2e17a4189e2f89eda272af2ac6b
feaeaf37ed3a2420ec0f0aeab23e9b0d5d2f5ae15bb21ae88c5ca2c5bf35f3d8
fef9f5e0426db8783612d7cdecd671cb32de9e20b27d18f110512f5dfc1caadc
ff104a6b4e9d43c79cddb54d6065ee658f852b9be309380d7f00b27e8dc415ec

beforeitsnews.com Open in urlscan Pro 2606:4700:10::6816:4a8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

264 Requests

96 %HTTPS

75 %IPv6

30 Domains

52 Subdomains

46 IPs

7 Countries

6921 kBTransfer

18466 kBSize

13 Cookies

34 Outgoing links

Redirected requests

264 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4a8a Public Scan

Screenshot
Live screenshot

Full Image

264
Requests

96 %
HTTPS

75 %
IPv6

30
Domains

52
Subdomains

46
IPs

7
Countries

6921 kB
Transfer

18466 kB
Size

13
Cookies

264 HTTP transactions
4 data transactions