beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beforeitsnews.com/
Effective URL:
https://beforeitsnews.com/
Submission: On January 24 via manual (January 24th 2023, 3:27:06 pm UTC) from IE — Scanned from DE

Summary HTTP 275 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 46 IPs in 8 countries across 31 domains to perform 275 HTTP transactions. The main IP is 2606:4700:10::6816:4b8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com. The Cisco Umbrella rank of the primary domain is 156016.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2022. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 50	2606:4700:10:... 2606:4700:10::6816:4b8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.97.95 18.66.97.95	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:806::2016	15169 (GOOGLE) (GOOGLE)
21	2606:4700:1::... 2606:4700:1::6813:844e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::ac43:b20f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
8	104.18.255.14 104.18.255.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	2606:4700:303... 2606:4700:3038::6815:eb46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::6815:4d0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	207.38.87.190 207.38.87.190	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
2	162.241.30.109 162.241.30.109	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:4a8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.40 99.86.4.40	16509 (AMAZON-02) (AMAZON-02)
28	143.204.215.19 143.204.215.19	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	35.190.30.115 35.190.30.115	15169 (GOOGLE) (GOOGLE)
1	18.66.112.36 18.66.112.36	16509 (AMAZON-02) (AMAZON-02)
26	2600:9000:225... 2600:9000:225e:7000:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
3	2001:41d0:701... 2001:41d0:701:1000::31ee	16276 (OVH) (OVH)
4	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	172.98.57.100 172.98.57.100	399647 (RUMBLE) (RUMBLE)
16	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:802::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
275	46

50 2606:4700:10::6816:4b8a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-95.fra56.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:1::6813:844e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:b20f (United States)

ASN13335 (CLOUDFLARENET, US)

pexoenne.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.255.14 (None, )

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2.customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:eb46 (United States)

ASN13335 (CLOUDFLARENET, US)

iili.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:52e0:1e00::1082:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:4d0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.prepperfortress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.38.87.190 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: condor3113.startdedicated.com

www.myconfinedspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.241.30.109 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5924.bluehost.com

www.ournewearthnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4a8a (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-40.fra6.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 143.204.215.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-19.fra53.r.cloudfront.net

static.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.30.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.30.190.35.bc.googleusercontent.com

customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-36.fra56.r.cloudfront.net

www.tradingview-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2600:9000:225e:7000:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:41d0:701:1000::31ee (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.98.57.100 (Canada)

ASN399647 (RUMBLE, CA)

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2006 (Ireland)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	tradingview.com s3.tradingview.com — Cisco Umbrella Rank: 18414 s.tradingview.com — Cisco Umbrella Rank: 23500 static.tradingview.com — Cisco Umbrella Rank: 16738 s3-symbol-logo.tradingview.com — Cisco Umbrella Rank: 18259	193 KB
52	beforeitsnews.com 1 redirects beforeitsnews.com — Cisco Umbrella Rank: 156016 img.beforeitsnews.com — Cisco Umbrella Rank: 374142 m.beforeitsnews.com — Cisco Umbrella Rank: 432520 ajax.beforeitsnews.com — Cisco Umbrella Rank: 200010 a1.beforeitsnews.com — Cisco Umbrella Rank: 345558	925 KB
21	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8630 c.mgid.com — Cisco Umbrella Rank: 6090 cdn.mgid.com — Cisco Umbrella Rank: 11831 servicer.mgid.com — Cisco Umbrella Rank: 8818 s-img.mgid.com — Cisco Umbrella Rank: 5194 cm.mgid.com — Cisco Umbrella Rank: 1259	352 KB
18	youtube.com img.youtube.com — Cisco Umbrella Rank: 3239 www.youtube.com — Cisco Umbrella Rank: 76	2 MB
13	gstatic.com fonts.gstatic.com www.gstatic.com	138 KB
13	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 www.googleapis.com — Cisco Umbrella Rank: 25 translate.googleapis.com — Cisco Umbrella Rank: 792 jnn-pa.googleapis.com — Cisco Umbrella Rank: 188	143 KB
11	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 static.doubleclick.net — Cisco Umbrella Rank: 210	40 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22	60 KB
9	rmbl.ws sp.rmbl.ws — Cisco Umbrella Rank: 27054	326 KB
8	imgflip.com i.imgflip.com — Cisco Umbrella Rank: 26328	681 KB
6	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1057 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1305	2 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 translate.google.com — Cisco Umbrella Rank: 1178	55 KB
5	rumble.com rumble.com — Cisco Umbrella Rank: 18384	114 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3300 onesignal.com — Cisco Umbrella Rank: 1332	82 KB
5	bitchute.com static-3.bitchute.com — Cisco Umbrella Rank: 131686	117 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 938 id5-sync.com — Cisco Umbrella Rank: 393	19 KB
3	customads.co cdn2.customads.co — Cisco Umbrella Rank: 173081 customads.co — Cisco Umbrella Rank: 126446	6 KB
3	iili.io iili.io — Cisco Umbrella Rank: 43392	166 KB
3	jamesredpillsamerica.com www.jamesredpillsamerica.com	3 MB
3	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 90	81 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 233	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5983	515 B
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 170990	1 KB
2	ournewearthnews.com www.ournewearthnews.com — Cisco Umbrella Rank: 462545	42 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	88 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 463	72 KB
1	tradingview-widget.com www.tradingview-widget.com — Cisco Umbrella Rank: 25722
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108	49 KB
1	myconfinedspace.com www.myconfinedspace.com	144 KB
1	prepperfortress.com www.prepperfortress.com — Cisco Umbrella Rank: 612752	29 KB
1	pexoenne.site pexoenne.site	41 KB
275	31

	Domain	Requested by
31	beforeitsnews.com	1 redirects beforeitsnews.com
28	static.tradingview.com	s.tradingview.com static.tradingview.com
26	s3-symbol-logo.tradingview.com	s.tradingview.com beforeitsnews.com static.tradingview.com
18	img.beforeitsnews.com	beforeitsnews.com
16	www.youtube.com	beforeitsnews.com www.youtube.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com beforeitsnews.com s.tradingview.com rumble.com
9	sp.rmbl.ws	beforeitsnews.com rumble.com
8	jnn-pa.googleapis.com	www.youtube.com
8	i.imgflip.com	beforeitsnews.com
7	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com www.youtube.com
6	www.gstatic.com	translate.googleapis.com www.youtube.com www.gstatic.com
6	s-img.mgid.com	beforeitsnews.com
6	jsc.mgid.com	beforeitsnews.com jsc.mgid.com
5	rumble.com	beforeitsnews.com rumble.com
5	www.google.com	beforeitsnews.com www.youtube.com
5	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com www.youtube.com
5	static-3.bitchute.com	beforeitsnews.com
4	stats.g.doubleclick.net	www.google-analytics.com customads.co
3	translate.googleapis.com	translate.googleapis.com
3	onesignal.com	cdn.onesignal.com
3	id5-sync.com	cdn.id5-sync.com
3	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
3	lb.eu-1-id5-sync.com	cdn.id5-sync.com
3	servicer.mgid.com	jsc.mgid.com
3	iili.io	beforeitsnews.com
3	www.jamesredpillsamerica.com	beforeitsnews.com
3	i.ytimg.com	beforeitsnews.com www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	cdn.onesignal.com	beforeitsnews.com cdn.onesignal.com
2	cm.mgid.com	jsc.mgid.com
2	cdn.mgid.com	beforeitsnews.com
2	c.mgid.com	jsc.mgid.com beforeitsnews.com
2	www.google.de	beforeitsnews.com
2	customads.co	cdn2.customads.co
2	rddywd.com	beforeitsnews.com
2	www.ournewearthnews.com	beforeitsnews.com
2	img.youtube.com	beforeitsnews.com
2	www.googletagmanager.com	beforeitsnews.com static.tradingview.com
1	a1.beforeitsnews.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	www.tradingview-widget.com	static.tradingview.com
1	s.tradingview.com	s3.tradingview.com
1	ajax.beforeitsnews.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	cdn2.customads.co	beforeitsnews.com
1	www.myconfinedspace.com	beforeitsnews.com
1	www.prepperfortress.com	beforeitsnews.com
1	m.beforeitsnews.com	beforeitsnews.com
1	pexoenne.site	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
275	55

This site contains links to these domains. Also see Links.

Domain
www.herbanomics.com
www.tradingview.com
a59ba2ylcpx-e69v29-cr56yff.hop.clickbank.net
30fda1-sfnvajgcnslzckcpsti.hop.clickbank.net
491ceq5pdeu1nf2kqse9u37sd6.hop.clickbank.net
7aeb41tqph3bj5ehq3mktifucm.hop.clickbank.net
forum.beforeitsnews.com
www.youtube.com
23b56uuehf-0jf6vgywrl0u60q.hop.clickbank.net
widgets.mgid.com
www.mgid.com
xcraft
4ae3c3vmlbxdr90eis3pnlfla4.hop.clickbank.net
www.braintuner.com
promoteyourwebsite.com
ocuvit
amazontrading
83424y5heky1e25rz5u8zx2pj3.hop.clickbank.net
telegram.org
t.me
ca784u6omkv4led3h722i8xssg.hop.clickbank.net
696f9y-knm2cdb7o9mgaunzjed.hop.clickbank.net
w-loss
6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-14` - `2023-05-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.tradingview.com Amazon	`2023-01-10` - `2024-02-08`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.pexoenne.site E1	`2022-11-18` - `2023-02-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
sp.rmbl.ws R3	`2022-11-28` - `2023-02-26`	3 months	crt.sh
static-3.bitchute.com R3	`2023-01-16` - `2023-04-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
myconfinedspace.com R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
autodiscover.ournewearthnews.com R3	`2022-12-23` - `2023-03-23`	3 months	crt.sh
cdn2.customads.co R3	`2023-01-06` - `2023-04-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
tradingview.com Amazon	`2022-04-09` - `2023-05-08`	a year	crt.sh
static.tradingview.com Amazon	`2022-06-23` - `2023-07-22`	a year	crt.sh
customads.co GTS CA 1D4	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.tradingview-widget.com Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.rumble.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-12` - `2023-12-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: C9FE5BC13CC683D74F35ED4C6509DEE9
Requests: 152 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202302415
Frame ID: D1D93F8294E07943D0EE551B0F737788
Requests: 4 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: 527C5BB5E28DAC966EE74D0385E22DD5
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230119/r20190131/zrt_lookup.html
Frame ID: 88B56CBD2A263B41A8274601A6189F75
Requests: 1 HTTP requests in this frame

Frame: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 0BC4624B6F13D0EA10910539229A5356
Requests: 2 HTTP requests in this frame

Frame: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 4082E5A0160D5D23CC76993F34EBAC7F
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1674574017869969707212
Frame ID: 88BFCED897299B9F2BF87FCD57489F1B
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: CC0AF197C35BC8B1136496B0391F6C16
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 1BF8DF11E30A6C4C828FC29BCFF18F82
Requests: 1 HTTP requests in this frame

Frame: https://rumble.com/embed/v24agd4/?pub=hw409
Frame ID: 96AB095FD15C1EB41B14E48A41CD55CF
Requests: 12 HTTP requests in this frame

Frame: https://www.youtube.com/embed/aRBsbkNZEvY
Frame ID: 8D51FE7D461C1896CA0CD113F9D371E5
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/SHCcaxGqfEM
Frame ID: BE1138A9006CB094226E103658306D48
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before It's News | People Powered News

Page URL History Show full URLs

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

275
Requests

96 %
HTTPS

70 %
IPv6

31
Domains

55
Subdomains

46
IPs

8
Countries

8922 kB
Transfer

16374 kB
Size

15
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Ticker Tape

Search URL Search Domain Scan URL

URL: https://a59ba2ylcpx-e69v29-cr56yff.hop.clickbank.net/?tid=BINRTL103122
Title: Quickly Say Goodbye to Most Aches and Pains... and Experience Pain–Free DAYS With No Side Effects. Clinically Proven!

Search URL Search Domain Scan URL

URL: https://30fda1-sfnvajgcnslzckcpsti.hop.clickbank.net/?tid=BINRTL103122
Title: Men! Eat This Sweet “Anabolic Candy” Before 10 pm To Shred Stubborn Fat, Begin To Pile On More Rock-Solid Muscle… And Start To Unleash A Flood Of Energizing Testosterone Almost Overnight

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/products/humic-fulvic-liquid-trace-mineral-complex

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/products/ultracur-bioavailable-curcumin-complex

Search URL Search Domain Scan URL

URL: https://491ceq5pdeu1nf2kqse9u37sd6.hop.clickbank.net/?tid=BINRTL103122
Title: Make The Bad Guys Crap In Their Pants

Search URL Search Domain Scan URL

URL: https://7aeb41tqph3bj5ehq3mktifucm.hop.clickbank.net/?tid=BINRTL103122
Title: Add This To Your Tea - Increase Metabolism - Burn Fat. Patent Pending. Up to 80% Off Today

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://23b56uuehf-0jf6vgywrl0u60q.hop.clickbank.net/?tid=BINPTL11722

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720413

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://xcraft/Baue_einen_Planeten_von_Grund_auf_in_dieser_Weltraumstrategie

Search URL Search Domain Scan URL

URL: https://4ae3c3vmlbxdr90eis3pnlfla4.hop.clickbank.net/?tid=BINRTL103122
Title: President Donald J. Trump Collectible Pocket Watch - Up To 80% Off!

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/

Search URL Search Domain Scan URL

URL: https://promoteyourwebsite.com/

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/
Title: Protection Against Toxic EMF Damage - Smart Meter Covers

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://ocuvit/Augen%C3%A4rzte_sind_geschockt._Sehverm%C3%B6gen_in_7_Tagen_wieder_bei_100

Search URL Search Domain Scan URL

URL: https://ocuvit/100__Sehkraft_in_6_Tagen_Hier_ist_das_Rezept

Search URL Search Domain Scan URL

URL: https://amazontrading/Investiere_250_%E2%82%AC_in_Amazon_und_verdiene_9000_%E2%82%AC

Search URL Search Domain Scan URL

URL: https://83424y5heky1e25rz5u8zx2pj3.hop.clickbank.net/?tid=BINRTL91422
Title: The World's Only Crystal Water Bottles Created To Infuse Water So That It Can Help Support Healthy Weight Loss!

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://ca784u6omkv4led3h722i8xssg.hop.clickbank.net/?tid=BINRTL112022
Title: NEW Breakthrough Formula Supports Healthy Brain and Memory Function

Search URL Search Domain Scan URL

URL: https://696f9y-knm2cdb7o9mgaunzjed.hop.clickbank.net/?tid=BINRTL112022
Title: New Easy-to-Take Exotic Gummy Melts 54 Pounds of Fat

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720415

Search URL Search Domain Scan URL

URL: https://w-loss/Ein_L%C3%B6ffel_n%C3%BCchtern_verbrennt_10_Kg_vom_Fett_in_einer_Woche

Search URL Search Domain Scan URL

URL: https://6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net/?tid=BINRTL1&s=suggesteda
Title: Learn The Secret To Manifesting Anything You Desire In Life - It's Easier Than You Think

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 237

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 252

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

275 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
beforeitsnews.com/
Redirect Chain

http://beforeitsnews.com/
https://beforeitsnews.com/

127 KB
25 KB

681ms
664ms

Document
text/html

2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a97d21e158e3bca5fb04e498c3a8599623c1ba805433d8363fdf59625e487ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-allow-origin: *
access-control-max-age: 3628800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 78e9ca504eb69b9a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 24 Jan 2023 15:26:56 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

CF-RAY: 78e9ca501dde2bad-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 24 Jan 2023 15:26:56 GMT
Expires: Tue, 24 Jan 2023 16:26:56 GMT
Location: https://beforeitsnews.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 qG8xE-Uz7lAm-63-NWifn0DDLXk.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 22ms
20ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/qG8xE-Uz7lAm-63-NWifn0DDLXk.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2703952e60425a622517c94e25a8de3f8cde240112f72f14eb39656ead0d93a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
x-amz-version-id: 94SU4Ibl7dVF7Yg_xi3TUasy2zB9jC2D
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: 0BNYXFTGMT3XNT5V
age: 426410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cFuRiLbOs57jlfymNn1C50tluYjgN0+4N0GJf22Lj4BT63Hp9qIK4+2c9kPmBDiGiYjIniFuLH4=
last-modified: Thu, 19 Jan 2023 16:59:57 GMT
server: cloudflare
etag: W/"9e77659ed104536aed1b88124c0fce65"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 78e9ca548fd39b9a-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 142ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

968223d9a08ecd504af62126c91de12e96fe95e2a3c00853d9b1a268dd6af653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 24 Jan 2023 15:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 15:26:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Jan 2023 15:26:56 GMT

GET
H2 200 global-bin-rev-202212281.css
beforeitsnews.com/static/css-v3/ 16 KB
4 KB 38ms
36ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-202212281.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a194ace54f5bfe33571be8873a85b98bfa9f7e7b7e9afc9e6fd9a354b23dd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1884077
cf-polished: origSize=16027
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-3e9b"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 78e9ca548fd79b9a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:01 GMT

GET
H2 200 fancybox-bin-rev-202212281.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 28ms
26ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-202212281.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1884077
cf-polished: origSize=8029
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-1f5d"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 78e9ca548fd99b9a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:01 GMT

GET
H2 200 home-bin-rev-202212281.css
beforeitsnews.com/static/css-v3/ 29 KB
7 KB 29ms
28ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-202212281.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1883476
cf-polished: origSize=29354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-72aa"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 78e9ca548fda9b9a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:05 GMT

GET
H2 200 responsive-bin-rev-202212281.css
beforeitsnews.com/static/css-v3/ 20 KB
4 KB 28ms
27ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-202212281.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ee5811c76d7723bfd84473090c1a356eaaf8e383d33dfc592275a375c9197fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1884077
cf-polished: origSize=21003
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-520b"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 78e9ca548fdd9b9a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:01 GMT

GET
H2 200 web-responsive-bin-rev-202212281.css
beforeitsnews.com/static/css-v3/ 371 B
227 B 35ms
34ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/web-responsive-bin-rev-202212281.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1884077
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-173"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 78e9ca548fdf9b9a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:01 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
57 KB 38ms
37ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1884077
cf-polished: origSize=149701
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
cf-bgj: minify
server: cloudflare
etag: W/"5fe55cb3-248c5"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 78e9ca548fe09b9a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:01 GMT

GET
H2 200 global-bin-rev-202212281.js Show response
beforeitsnews.com/static/js-v3/ 12 KB
4 KB 32ms
31ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-202212281.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1884077
cf-polished: origSize=12613
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:42 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be2-3145"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 78e9ca548fe19b9a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:01 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 41ms
29ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1884077
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-8ab"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca5579ef9b9a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:17 GMT

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 61ms
9ms Script
text/javascript 18.66.97.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-95.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f297139122eae436f4821d0b6ca590c1d0119f900cf1e6fa93dbc355f92250e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:28:02 GMT
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified: Tue, 24 Jan 2023 11:27:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 14335
etag: "e0987380ac0fca8478a5d4aaed9fa286"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 11138
x-amz-cf-id: U5xOXhHAHd6u5ND6WIWbJh8luU7LTIxZ1UXEA876fsf6SoNYAKVLyw==

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 28ms
26ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed1b3057133066e90a0d34d9b7969f9e078a55a6d8798189f6f207fde7cf3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 206709
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-95e7"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca5579f89b9a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 19 Jan 2024 22:38:13 GMT

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 68 B
236 B 28ms
26ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1884076
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-5f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca5579fa9b9a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:05 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/6Tl2K4yaMHk/ 13 KB
13 KB 175ms
39ms Image
image/jpeg 2a00:1450:400d:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/6Tl2K4yaMHk/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f4470e9ae3c02f22ea9a4e8325c3e3f130c85358b34fa657d666db99bbca520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 13:42:11 GMT
x-content-type-options: nosniff
age: 6286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13232
x-xss-protection: 0
server: sffe
etag: "1579557678"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 24 Jan 2023 15:42:11 GMT

GET
H2 200 beforeitsnews.com.720413.js Show response
jsc.mgid.com/b/e/ 3 KB
2 KB 55ms
22ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76d2bd4832614d4ac0742c3cbc98065f3e9296443ec4e89327ebbdf6ed8ea1aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
x-amz-version-id: VQGMrDuqXo0RZbUb1N1fgJlDaEkmxgTW
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 38DA0Z2REH7FHYY1
age: 3205
cf-polished: origSize=2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: emTS1C/ovP7ho+mjxXLz6e/TfxVGi9cpG1eiPPNnuiJZJxev7lKgI4/9J7nAD3gXBNQ+ldNeFKo=
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 10:08:11 GMT
server: cloudflare
etag: W/"a793db109920f959e48eddd1e04eb508"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 78e9ca55a9379a1d-FRA
expires: Tue, 24 Jan 2023 18:26:56 GMT

GET
H2 200 beforeitsnews.com.720415.js Show response
jsc.mgid.com/b/e/ 3 KB
1 KB 56ms
23ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b2c8d414700933213b9eb6361fbd2ed548aedc9ba2629fb51d220d29c77c115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
x-amz-version-id: 8P9S6h3niTa1v3X3YxhHEwebItRzhkYy
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: JDKPGTQT5S0A435G
age: 41
cf-polished: origSize=2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 9YBjsoAZMwZXEgmfqfFB2SvVOleqnGh9UBvq7IU1y6XSTb2NTqhFpmkD3J430uIlryrJUsA4PEQ=
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 10:08:28 GMT
server: cloudflare
etag: W/"bcc6f60d7986c9967ab5feebc06881cc"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 78e9ca55a93c9a1d-FRA
expires: Tue, 24 Jan 2023 18:26:56 GMT

GET
H3 200 tabs-bin-rev-202212281.js Show response
beforeitsnews.com/static/js-v3/ 148 B
625 B 41ms
40ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-202212281.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1883056
cf-polished: origSize=189
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:45 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be5-bd"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 78e9ca54db58bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:01 GMT

GET
H2 200 12098 Show response
pexoenne.site/easylist/ 202 KB
41 KB 226ms
167ms Script
text/javascript 2606:4700:3031::ac43:b20f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pexoenne.site/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b20f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56e83a5f5c473db8b3becab638e5f9fd2b577775a699bdc313aa082103cfb79e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 15:26:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"555a359d64095abee509fda6762fc8356a1e519d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHQx0NAClVX5THeHqN7DWVxTM9h%2FUiUSXY7Qne1Yed%2BuReftN2vHu8i%2BuoskhnXcbOq2BfekJuxgtGA8LIcQeAfHUYX65mYa5xlee7QxqRveo55iKifS2mdv%2BCBdmomnpNbAk1YSV%2Fc1zvhY"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 78e9ca55d80a5bf1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jsDeferParsing-bin-rev-202212281.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 44ms
44ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202212281.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f3eba1194c88bed5aea71a0e612cac14a5f13af4b072395d3327a462a050325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1883056
cf-polished: origSize=6187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-182b"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 78e9ca551beebc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:01 GMT

GET
H3 200 Uiolm44N3-FK93fQ9weJdchLqeU.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 36ms
35ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/Uiolm44N3-FK93fQ9weJdchLqeU.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/qG8xE-Uz7lAm-63-NWifn0DDLXk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a20b7d1ce9191eb91e7865d5792d5464ce35f112fda577d96eba93c719cd29ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
x-amz-version-id: INAQVQuYD4x4auwQtLst8_JfYhfaAD6x
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: HAANWBD5HC5Z9N2A
age: 426241
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: BSJYrofsH7xeoX7IMrMKrCmVjtYIOFdwy3hKzfDuYJy9BVqzPYjRnMVzQaS+G7w6Fvd8oThw2IU=
last-modified: Thu, 19 Jan 2023 16:59:57 GMT
server: cloudflare
etag: W/"a3b984d3941a206295ddc0b5932078dd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 78e9ca557ce1bc04-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
45 KB 144ms
51ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c2d998988d5d2df29f08d2e4ad3641322fc2af1e4c96a388a3ed564199ac53c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45779
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 24 Jan 2023 15:26:56 GMT

GET
H3 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
632 B 54ms
54ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202212281.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202212281.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1028017
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-a4"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca557cf0bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:01 GMT

GET
H3 200 search.png
beforeitsnews.com/img/b4in/ 686 B
1 KB 38ms
38ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202212281.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202212281.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1882857
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-325"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca558cf9bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:01 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 135ms
48ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 21:17:54 GMT
x-content-type-options: nosniff
age: 65342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 21:17:54 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v14/ 15 KB
15 KB 127ms
41ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v14/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 10:38:10 GMT
x-content-type-options: nosniff
age: 190126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15104
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:38:10 GMT

GET
H3 200 SG%20ANON%20MMS.jpg
img.beforeitsnews.com/contributor/upload/886595/images/ 23 KB
23 KB 41ms
41ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/886595/images/SG%20ANON%20MMS.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bbb640cd51526a0f853e067445ae206c8d5228fd5e26398b7f539193690685c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 61282
cf-polished: origSize=25443, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23523
last-modified: Mon, 23 Jan 2023 22:08:40 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63cf0568-6363"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca55bd65bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Jan 2024 22:12:19 GMT

GET
H2 200 78iv20.jpg
i.imgflip.com/ 66 KB
67 KB 81ms
29ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/78iv20.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e1d6adcab102a7d67c015575699fd2df5a15db85ed628d6782caf243feba3d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
cf-cache-status: HIT
x-amz-request-id: PKG5WC1QX06MG965
age: 55385
cf-polished: origSize=68618
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67934
x-amz-id-2: v85E/EVmIUTD4ur74zW9M0knR7QexWhGclLqJ1w2YC7at5jG+CiIidWlbG3Yu3KkGab4My/74cI=
cf-bgj: imgq:100,h2pri
last-modified: Mon, 23 Jan 2023 23:44:38 GMT
server: cloudflare
etag: "d071d02cfd54b2a4883c314fdad1be2e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 78e9ca560d1dbbbb-FRA
expires: Fri, 21 Jan 2033 15:26:56 GMT

GET
H2 200 SGANON-NESARA-GESARA.png
www.jamesredpillsamerica.com/wp-content/uploads/2023/01/ 2 MB
2 MB 138ms
35ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jamesredpillsamerica.com/wp-content/uploads/2023/01/SGANON-NESARA-GESARA.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ae0f30adacf9f575f5a2f735319a79adb35bf6cc1515a99eccede2aacd65b85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13406
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1618823
last-modified: Tue, 24 Jan 2023 11:31:13 GMT
server: cloudflare
etag: "63cfc181-18b387"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=borue1ubBEjCUh6xp5%2FAwcnkULg%2B74r2nv35bgEIk%2BPblpbP1IdyZC%2BSBWLYPqL%2FJPXvCLtWDBSLixbgqhZpvfNDUxCVS0n%2F%2BJYwWCF92d0%2BM9iDdaVNfBmvWfETAR5kZhNG6QXkY8Nh6B047o0v%2B6WEzw4c9F8n5NFx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e9ca565f47993f-FRA
expires: Wed, 24 Jan 2024 11:43:31 GMT

GET
H2 200 syp5h.oq1b-small-SITUATION-UPDATE-12323.jpg
sp.rmbl.ws/s8/1/s/y/p/5/ 34 KB
34 KB 73ms
20ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/s/y/p/5/syp5h.oq1b-small-SITUATION-UPDATE-12323.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 902542dcb3c9920973692bc31d67d2802a7d622748a04f302e425c39d94e0198

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
x-sp-metadata: HS256.CNCNwJ4GEooBCiQ3ZDhmNjhiZS0zYzcxLTQ2ODktOTg5OC1jNzBiNWY5ZDMxNGYQ2N7OgrrD/AIaBgjA8b+eBiIPMTg1LjIxMy4xNTUuMTc3KMqGAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkYTBkYmFlZDUtZjVkYS00MzZlLTljM2EtNDFjZTczM2FhZjg0GOONAiIYCAISFGNkczI4MC5hbTUuaHdjZG4ubmV0.MQzMjNNwwJ1tQ3x1Ey+8VGfSIBY0Hz9EvCkEeYy4oy8=
last-modified: Tue, 24 Jan 2023 00:04:01 GMT
server: nginx
etag: "198e6e26280ab7fe1bb5ab426c6e9969"
x-hw: 1674574016.cds227.am5.hn,1674574016.cds280.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=35783
accept-ranges: bytes
content-length: 34531

GET
H3 200 Happy-Sunday.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 45 KB
45 KB 51ms
48ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Happy-Sunday.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f80df881f4300620113717b24686456d7bd64ead2731d5c319ac1f1fd0fff489

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 711942
cf-polished: origSize=46170, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45655
last-modified: Thu, 21 Jan 2021 16:49:28 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6009b098-b45a"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca55bd73bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 06 Jan 2024 20:01:23 GMT

GET
H3 200 R(129).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 36 KB
36 KB 65ms
62ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/R(129).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d99577e02cb5c3614335bd7c1b9cc62e15ca71584c7552c44d6384135a5e001

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 7469
cf-polished: origSize=38282, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36379
last-modified: Tue, 09 Aug 2022 20:04:50 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "62f2bde2-958a"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca55bd75bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 21 Jan 2024 00:40:57 GMT

GET
H2 200 Hl8lTYX.jpg
iili.io/ 58 KB
58 KB 83ms
25ms Image
image/jpeg 2606:4700:3038::6815:eb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/Hl8lTYX.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e35af5ce6d1832a7e591d556a26aec2c7d81d46a1f3d76000b1e94c56447e532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41435
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58898
last-modified: Tue, 24 Jan 2023 03:40:43 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDyDP6sqAPWJiCXVIKfd9t8fPBpt73zrGHZrfdBRflQjFX2kqAD8nV0eolL2iFz%2B%2Fv2oT%2BnvyRCZB%2Bxf8upvmuMEDA4psnH5UzzrnW28HClq%2BSMZAfKXSfU3BnmGWWDDanGuUlMx"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 78e9ca561f962bd6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mnq5h.oq1b.2-small-Ep.-2979b-DSFVEY-Panicking-.jpg
sp.rmbl.ws/s8/1/m/n/q/5/ 35 KB
36 KB 78ms
35ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/m/n/q/5/mnq5h.oq1b.2-small-Ep.-2979b-DSFVEY-Panicking-.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: d007d8ba01d248db9058f8c2cb6d706222a65d616dab31e022b6dd4d1cadc025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
x-sp-metadata: HS256.CNCNwJ4GEooBCiQwYmJhOWI5MS00MDExLTQ4OTAtYjRhNi00YTZhMjc4NWRmYjMQ2N7OgrrD/AIaBgjA8b+eBiIPMTg1LjIxMy4xNTUuMTc3KMqGAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkYzA5OGE5NzYtOWQwZC00MzA3LTllODEtMDhkZTBiMDJkZWMwGJuaAiIYCAISFGNkczMxMS5hbTUuaHdjZG4ubmV0.hB5FexUVj+oZirEdPkLfSjejs/RmwN0sJKcucandvLo=
last-modified: Tue, 24 Jan 2023 00:23:46 GMT
server: nginx
etag: "20e1ac352b451b86f28459ce6e644dcb"
x-hw: 1674574016.cds227.am5.hn,1674574016.cds311.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=32790
accept-ranges: bytes
content-length: 36123

GET
H2 200 mni5h.oq1b.2-small-House-of-Cards-Continue-To-.jpg
sp.rmbl.ws/s8/1/m/n/i/5/ 57 KB
58 KB 78ms
42ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/m/n/i/5/mni5h.oq1b.2-small-House-of-Cards-Continue-To-.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: ca6922d67a8b337093ce7b289529513a600577d2df156ab5b50d71747f0a5330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
x-sp-metadata: HS256.CNCNwJ4GEooBCiRlNWI2M2VhMS1jYzg1LTQ1MTEtOTFkZS1mNTVjYmI0OTQxMGYQ2N7OgrrD/AIaBgjA8b+eBiIPMTg1LjIxMy4xNTUuMTc3KMqGAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkMjFkODhmNWYtZWNlOS00NGMzLTliZmMtMjI0OWYwOWVmMDg1GMXKAyIYCAISFGNkczI2OC5hbTUuaHdjZG4ubmV0.3RJwRVRxSmJitp/ayMcIOFz6xHSZYLaoYMddJU5cT7o=
last-modified: Mon, 23 Jan 2023 21:40:33 GMT
server: nginx
etag: "9b32ccd01dfc61a473f06b9eca8ecef4"
x-hw: 1674574016.cds227.am5.hn,1674574016.cds268.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=24529
accept-ranges: bytes
content-length: 58693

GET
H2 200 OOr5h.oq1b.2-small-SG-Anon-HUGE-Intel-1.23.23-.jpg
sp.rmbl.ws/s8/1/O/O/r/5/ 28 KB
28 KB 91ms
55ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/O/O/r/5/OOr5h.oq1b.2-small-SG-Anon-HUGE-Intel-1.23.23-.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 8caa7c25ed44ce832985cd27a85458a13433fc83e47f0ec40b364d9042a0e81a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
x-sp-metadata: HS256.CNCNwJ4GEooBCiRlNTE1NTI2Yy1kNmRlLTRhNjAtYmJmNy05OTVjODdlYWEzNTEQ2N7OgrrD/AIaBgjA8b+eBiIPMTg1LjIxMy4xNTUuMTc3KMqGAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkYmMyYWY0M2YtOGNkMi00ZDY2LTg0NzctZDliYjY3OWVmNjdjGOrcASIYCAISFGNkczE1MS5hbTUuaHdjZG4ubmV0.nXw+Y7DPXaHHPWOrMWHu8pPpgqItn/xZ4BsIEpsFJ+U=
last-modified: Tue, 24 Jan 2023 00:54:44 GMT
server: nginx
etag: "eef186148bbb7695e95fd6064e155808"
x-hw: 1674574016.cds227.am5.hn,1674574016.cds151.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=34727
accept-ranges: bytes
content-length: 28266

GET
H2 200 78iuko.jpg
i.imgflip.com/ 53 KB
53 KB 28ms
27ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/78iuko.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7ed22984ba5f5e116b3f46a7f1ad252884d7ea0d9debfcca0356b0b0ace872c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
cf-cache-status: HIT
x-amz-request-id: HF65T6FKQA0MG02N
age: 56628
cf-polished: origSize=54368
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53888
x-amz-id-2: U48AAvBSWeThVXlqpVJftlcMyZImzO6BGvyuNtJkEveSMRbpW0ghJvVcQziioi3gI5bvHxxNbeE=
cf-bgj: imgq:100,h2pri
last-modified: Mon, 23 Jan 2023 23:40:04 GMT
server: cloudflare
etag: "4f3103a268aace9ad5d2c6ed2383909e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 78e9ca560d24bbbb-FRA
expires: Fri, 21 Jan 2033 15:26:56 GMT

GET
H2 200 IMG_20230123_104333_958.jpg
m.beforeitsnews.com/contributor/upload/819011/images/ 28 KB
28 KB 83ms
31ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20230123_104333_958.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

152af5c675f49905d731e13e60ce44bb199be2f1102ca1ddaf8434783435fae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 66025
cf-polished: origSize=32383, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28711
last-modified: Mon, 23 Jan 2023 20:43:46 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63cef182-7e7f"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca568ca09b9a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Jan 2024 20:43:46 GMT

GET
H2 200 78izkp.jpg
i.imgflip.com/ 71 KB
72 KB 41ms
19ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/78izkp.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba19f839a13a8ba8183ca7c72e930db20468fb92ec85ba09f86257e5044b922e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
cf-cache-status: HIT
x-amz-request-id: A9833167AAWJWKGJ
age: 49303
cf-polished: origSize=73437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73113
x-amz-id-2: A2dOdDSDawReuckqbLuSx7lj0WxEOELd57qTO5j+zJe8n/rxRfIfvGFHEjLGjpCffSGLtqEHn+k=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 00:29:04 GMT
server: cloudflare
etag: "8573224a7293f4d85e0bf7f0169d88d3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 78e9ca560d21bbbb-FRA
expires: Fri, 21 Jan 2033 15:26:56 GMT

GET
H3 200 hqdefault(177).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 10 KB
11 KB 66ms
59ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/hqdefault(177).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd3b6ce4411c8cbbb668621aa4c93f279233372fcccd7516e3a228b161d95374

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 503426
cf-polished: origSize=10959, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10690
last-modified: Thu, 02 Jan 2020 11:03:48 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5e0dce14-2acf"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca55fdebbc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 18 Jan 2024 19:32:01 GMT

GET
H2 200 HOW-IS-THIS-STILL-SECRET.jpg
www.jamesredpillsamerica.com/wp-content/uploads/2023/01/ 850 KB
852 KB 90ms
20ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jamesredpillsamerica.com/wp-content/uploads/2023/01/HOW-IS-THIS-STILL-SECRET.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a7a3e62af4f20eb035d9dcaeefa63a021b387fd588475e150eaacdaed129fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 173171
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 870850
last-modified: Sun, 22 Jan 2023 15:07:16 GMT
server: cloudflare
etag: "63cd5124-d49c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRpGPMxwKypijc1chS1hLj8grrFEoP%2BprXEaP8cg3cf8%2BKEE5ZFeUhQE8G5De3nx4whddOu2Q6kGxYfIFOTeOaQJD2uNxqCDAip6VYC1XA2M1LR3lc%2FjM3ZJwKubx7TeXmQ4tnHtyY6hGRJBopbjO9vLVDi4aj%2BuD57t"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e9ca565f48993f-FRA
expires: Mon, 22 Jan 2024 15:20:45 GMT

GET
H3 200 th(20)(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 15 KB
16 KB 53ms
38ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/th(20)(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56438a82fdbefb67d4a30afd1d839de246b0e56832be695ade6660bdb6c35507

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 39980
cf-polished: origSize=16641, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15721
last-modified: Sat, 13 Feb 2021 03:15:25 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6027444d-4101"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca560e07bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Jan 2024 17:51:39 GMT

GET
H3 200 OIP%20(3)(58).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 18 KB
18 KB 52ms
37ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(3)(58).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ea20734cb830a4ce3e4bc91ae7eaca73b1e95cb5b38515bb1dcfe9baed1fdf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 684174
cf-polished: origSize=19787, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18281
last-modified: Tue, 24 Aug 2021 23:22:20 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "61257f2c-4d4b"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca560e0abc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 06 Jan 2024 21:48:51 GMT

GET
H3 200 1%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%202023-01-23%2021-15-56_Moment.jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 32 KB
32 KB 71ms
56ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/1%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%202023-01-23%2021-15-56_Moment.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

628058fca88e7ac700d756cc7385084466fbff4cdf5a03ae683df5c49d3ea0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 2240
cf-polished: origSize=36126, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32682
last-modified: Tue, 24 Jan 2023 14:33:18 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63cfec2e-8d1e"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca560e0bbc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 24 Jan 2024 14:42:20 GMT

GET
H2 200 HcXCLg9.jpg
iili.io/ 64 KB
64 KB 28ms
13ms Image
image/jpeg 2606:4700:3038::6815:eb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/HcXCLg9.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c683e1ded44f6112b3b438fac52304ce7767dba7b4868e65743d7f027f41c3f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 313498
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65301
last-modified: Fri, 20 Jan 2023 23:05:37 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2F7BvORAH4MINA0ZZIj0wTnNuOkXcg3v31UDmXBTDL1%2BcAoeTQqVC65pduvzxsadzPnFV%2FuK3OPKhnkxWLAUmRC9uYQc9XIJEwJVzHMQOr0InOeipmEISZ5Sf59VtdJxTddtgADn"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 78e9ca5648012bd6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 77posx.jpg
i.imgflip.com/ 72 KB
73 KB 25ms
10ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/77posx.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2523c13014e41785ad9af2c2a9892272cd99fd290a0bdca036ae43a5a7ff48f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
x-amz-request-id: DHM6NKFM1R2GMNW7
age: 655408
cf-polished: origSize=74321
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73928
x-amz-id-2: SDxPNJrwYTD3Toc3geHx3S+3mkOdXs/5NTWCNLADq9QFuTdJO+2tIC9F7nFDcymgz8Zcfo8zSuk=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 17 Jan 2023 00:52:19 GMT
server: cloudflare
etag: "69e650798f3bb713677aa42168e7d865"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 78e9ca564db4bbbb-FRA
expires: Fri, 21 Jan 2033 15:26:57 GMT

GET
H2 200 YxDqlDrmhJMi_320x180.jpg
static-3.bitchute.com/live/cover_images/hYAwjR83sVSl/ 17 KB
18 KB 148ms
54ms Image
image/jpeg 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/hYAwjR83sVSl/YxDqlDrmhJMi_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1082:1 , Slovenia, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1082 /

Resource Hash

525af95e89c1032ff2057a5d2fcb6ec74bbf3b59092fd46037c741fa208d6959

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 723
x-amz-request-id: tx000000000000015e810e5-0063cc4081-2c6c9f48-nyc3a
cdn-cachedat: 01/21/2023 19:44:03
cdn-pullzone: 89010
content-length: 17765
last-modified: Sat, 21 Jan 2023 18:22:27 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 02dd4df818194611c1489b5256509fd7
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 OIP%20(1)(90).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
13 KB 71ms
57ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(90).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a5def112a50a4851378065e3b8c8d5718ea46fb62bc32e04960803605e6b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 877739
cf-polished: origSize=13542, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12521
last-modified: Mon, 13 Sep 2021 00:31:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "613e9bfb-34e6"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca560e0ebc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 12 Jan 2024 03:04:56 GMT

GET
H2 200 sVX0nDq0pt8z_320x180.jpg
static-3.bitchute.com/live/cover_images/9c7qJvwx7YQT/ 18 KB
18 KB 138ms
55ms Image
image/jpeg 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9c7qJvwx7YQT/sVX0nDq0pt8z_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1082:1 , Slovenia, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1082 /

Resource Hash

71c6ab1fd663285502f122d6bc980b0b4be04df668ee1205f4754ec6a220eb92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 864
x-amz-request-id: tx000000000000049a25b32-0063ca58bf-21d29c43-nyc3a
cdn-cachedat: 01/20/2023 09:02:57
cdn-pullzone: 89010
content-length: 18170
last-modified: Fri, 20 Jan 2023 07:44:38 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: f6180fb8903e0a0c1fd638ba4f174fc4
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 Copy%20of%20Green%20and%20White%20Minimalist%20Nature%20Travel%20Vlog%20Youtube%20Thumbnail%20(1)(2).jpg
img.beforeitsnews.com/contributor/upload/886595/images/ 39 KB
39 KB 75ms
61ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/886595/images/Copy%20of%20Green%20and%20White%20Minimalist%20Nature%20Travel%20Vlog%20Youtube%20Thumbnail%20(1)(2).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cef7bd797f823e80bef4b02ad9e7f451b8abee12a6063a4707dfb9cde1220c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 122798
cf-polished: origSize=41607, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39728
last-modified: Mon, 23 Jan 2023 04:36:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63ce0eb6-a287"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca560e0fbc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Jan 2024 04:43:15 GMT

GET
H2 200 TSQuH3MLkw6G_640x360.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 50 KB
50 KB 130ms
56ms Image
image/jpeg 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/TSQuH3MLkw6G_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1082:1 , Slovenia, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1082 /

Resource Hash

b417e1d332b4a5940b1339ce5e4c8cbc9357e8f7a55a830d1a61df0283a2d960

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 1076
x-amz-request-id: tx000000000000016c4f084-0063ce69c4-2c6c9f48-nyc3a
cdn-cachedat: 01/23/2023 11:04:36
cdn-pullzone: 89010
content-length: 50879
last-modified: Mon, 23 Jan 2023 10:58:38 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 54b484e3fc884505a882b5ca24794879
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 no-img.png
img.beforeitsnews.com/img/v3/ 1 KB
2 KB 88ms
75ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/no-img.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1880643
cf-polished: origFmt=png, origSize=1604
content-disposition: inline; filename="no-img.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1298
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-644"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca560e11bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:15 GMT

GET
H2 200 HaOuVYF.jpg
iili.io/ 43 KB
43 KB 44ms
17ms Image
image/jpeg 2606:4700:3038::6815:eb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/HaOuVYF.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2d729d7f82fd615f7c77697904a2e44acb6976315d98c0c94e0820108cb7d00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575469
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43883
last-modified: Tue, 17 Jan 2023 23:05:23 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CD5rtX%2B%2F3fIQ3nDt3K10t5TRPRZagAuO0qsfrzrLVVZQok2dIS5ta8IqoEnsi4KG6yz8XLnZeZo55YbuJ7S4OLyGlQIr%2Brts%2BqoWBWX9pupeHqecuZln543Rfn8Z2fA5SZt%2Bug9i"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 78e9ca5688792bd6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IdbRjEI2JQXn_320x180.jpg
static-3.bitchute.com/live/cover_images/9c7qJvwx7YQT/ 14 KB
15 KB 128ms
57ms Image
image/jpeg 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9c7qJvwx7YQT/IdbRjEI2JQXn_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1082:1 , Slovenia, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1082 /

Resource Hash

ba33252fec71d8b8368c5d63034c7aaf7a9865ee20f2692f6cf5679c1a42ddd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 1076
x-amz-request-id: tx000000000000016a4163b-0063ce22d5-2c6c9f48-nyc3a
cdn-cachedat: 01/23/2023 06:01:57
cdn-pullzone: 89010
content-length: 14693
last-modified: Mon, 23 Jan 2023 02:58:48 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: ea5f4e7f436b8975aece717f75817307
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/e47DDvTr50Y/ 37 KB
37 KB 244ms
77ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/e47DDvTr50Y/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae97e0c940d6475f477f283bf51fffe26dcfaba529f989b2052fd6c8a027a328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:24:04 GMT
x-content-type-options: nosniff
age: 173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37494
x-xss-protection: 0
server: sffe
etag: "1674524303"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 24 Jan 2023 15:29:04 GMT

GET
H3 200 Copy%20of%20Green%20and%20White%20Minimalist%20Nature%20Travel%20Vlog%20Youtube%20Thumbnail(3).jpg
img.beforeitsnews.com/contributor/upload/886595/images/ 76 KB
76 KB 88ms
76ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/886595/images/Copy%20of%20Green%20and%20White%20Minimalist%20Nature%20Travel%20Vlog%20Youtube%20Thumbnail(3).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8035415e273f3d46a5319e78f834eff33d2aad6473fc16188365ba2e619ca05e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 122798
cf-polished: origSize=83984, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77359
last-modified: Mon, 23 Jan 2023 04:04:32 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63ce0750-14810"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca560e14bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Jan 2024 04:21:11 GMT

GET
H3 200 1%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20photo_2022-03-14_13-23-29.jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 22 KB
22 KB 65ms
53ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/1%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20photo_2022-03-14_13-23-29.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a9d4d3404fc3eabc428099964e6cec84d198ef1b8933dbe12f25c70b65b9f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 89619
cf-polished: origSize=23076, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22109
last-modified: Tue, 11 Oct 2022 11:53:09 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63455925-5a24"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca560e15bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Jan 2024 14:29:26 GMT

GET
H3 200 78bjv0.jpg
i.imgflip.com/ 79 KB
79 KB 52ms
33ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/78bjv0.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c669edfceea137a9c781896234e0aad6bb0e4b55938ba80e4880341686eb9ba5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
x-amz-request-id: QXAY8KNV902SATT6
age: 219144
cf-polished: origSize=81483
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80776
x-amz-id-2: 4tEEkqJ2ycjL1C/qKBvOKaB079Wqi7w3vSLbpvVVTsvTaHbbHMpuhZCX7NSADtcq9jBOxYh7VQ0=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 22 Jan 2023 02:16:12 GMT
server: cloudflare
etag: "21cc2a048fd6300dab4a0b43e03a8a3c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 78e9ca568e04929b-FRA
expires: Fri, 21 Jan 2033 15:26:57 GMT

GET
H3 200 dumb-1.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 22 KB
22 KB 95ms
83ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/dumb-1.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21194fe04d51c35097ae82c47060c996f7f856482eb14782bbb62787db74def1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 410468
cf-polished: origSize=24313, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22335
last-modified: Wed, 24 Feb 2021 00:11:22 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "603599aa-5ef9"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca560e16bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 19 Jan 2024 21:17:27 GMT

GET
H2 200 m894h.oq1b.2-small-1.23.23-Weekend-reveals-JAB.jpg
sp.rmbl.ws/s8/1/m/8/9/4/ 48 KB
49 KB 40ms
18ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/m/8/9/4/m894h.oq1b.2-small-1.23.23-Weekend-reveals-JAB.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 903fcfe36c0cc8498c1da1afeb8e7ec6b1da3d1f8810bb19ad97e875764c9c08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
x-sp-metadata: HS256.CNGNwJ4GEooBCiQ1NmRkZTExNC0wMzUzLTQ2NzUtODI2Zi1mYTg4MWE4ZmI1NzEQ2N7OgrrD/AIaBgjB8b+eBiIPMTg1LjIxMy4xNTUuMTc3KMqGAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkYTg0OTMyZjctNjNkOC00NmJmLWEyMzgtY2JhMWY4NzhkOTBkGN6DAyIYCAISFGNkczExNy5hbTUuaHdjZG4ubmV0.1/Yi/mE0McvrAcnITo1auDtr3NknVE7BrQ9rf6lVtro=
last-modified: Mon, 23 Jan 2023 17:56:35 GMT
server: nginx
etag: "9cf5b31bce4d5ed61ccf81af4f575608"
x-hw: 1674574017.cds227.am5.hn,1674574017.cds117.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=12749
accept-ranges: bytes
content-length: 49630

GET
H2 200 image_4487e-Artemisia-annua.jpg
www.prepperfortress.com/wp-content/uploads/2022/11/ 29 KB
29 KB 65ms
16ms Image
image/jpeg 2606:4700:3030::6815:4d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prepperfortress.com/wp-content/uploads/2022/11/image_4487e-Artemisia-annua.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 056b03edf4a33d5c9b4c145025a276266a95eda506b149973aeaaaa778c8c97f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
last-modified: Wed, 23 Nov 2022 17:30:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1689
etag: "7212-5ee26a6a5a269"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCSq9R2AuA4zMWVwi%2FXNmzEvzqynICbHdx1LBEOYzwfqcuRJ%2FAzFSfr0Ktns4pRwRgTYweFBzVL38liY5r4T8b0P4SfqU9xtAjUvSqJObBicmy8llOeXFWEe51uPdFPMluIMlvutr76OnnnzprxE8DTW1FWHeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 78e9ca56d88c920b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29202

GET
H2 200 DEREK-DECODES-TRUMP.jpg
www.jamesredpillsamerica.com/wp-content/uploads/2023/01/ 774 KB
775 KB 36ms
27ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jamesredpillsamerica.com/wp-content/uploads/2023/01/DEREK-DECODES-TRUMP.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae1f8288f965c987bd072fb347ba780ff8573fbc92c4a741463ed0a55b8ed833

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 429794
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 792342
last-modified: Thu, 19 Jan 2023 15:50:33 GMT
server: cloudflare
etag: "63c966c9-c1716"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmBAn2PvVmEUQkEaJOPlWrAf7dhajzVqhARO%2Fsy2G98RuwPed5IOzqdvF82Bk24QqG24TleSYqlbiufpdgn7KF7J2EwldusEu4VAs2nK3Cj2KwWOFXeecvgIhsresJ2yEYC%2FGPUJqsyidQGQN6R0sDJIg1z4aQM7i3Pn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e9ca569f9d993f-FRA
expires: Fri, 19 Jan 2024 16:03:42 GMT

GET
H3 200 OIP%20(1)(34)%20(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 24 KB
25 KB 96ms
85ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(34)%20(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a8e158db2d000a332b451889e71de1224fb81779bcc3896127f17db3e0a464

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 327688
cf-polished: origSize=26256, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24625
last-modified: Sun, 20 Mar 2022 22:49:36 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6237af80-6690"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca560e17bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 20 Jan 2024 20:22:12 GMT

GET
H3 200 OIP%20(3)(81).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 15 KB
15 KB 96ms
84ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(3)(81).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce628cae5a499a978e3786030f941b61fe70ae8bda2bc3f566186628775d58a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 56478
cf-polished: origSize=16493, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14931
last-modified: Fri, 15 Oct 2021 18:09:50 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6169c3ee-406d"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca560e19bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 22 Jan 2024 12:02:51 GMT

GET
H2 200 Utm4h.oq1b.2-small-PATRIOT-STREET-FIGHTER-SCOT.jpg
sp.rmbl.ws/s8/1/U/t/m/4/ 14 KB
14 KB 33ms
26ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/U/t/m/4/Utm4h.oq1b.2-small-PATRIOT-STREET-FIGHTER-SCOT.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: d2351d9ac99a6d257974674a546c4617de0875959382f900526b0d2ffb69a03b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
x-sp-metadata: HS256.CNGNwJ4GEooBCiRmNjhmNzgwMC00NDcwLTQzZTYtOWVhZC01YzNjYmYyMWM1OWIQ2N7OgrrD/AIaBgjB8b+eBiIPMTg1LjIxMy4xNTUuMTc3KMqGAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkOTQ5MDYzNDgtNmZhMS00NDJhLTgwMDUtNmQwMTc5MGMyMzIwGK1sIhgIAhIUY2RzMDA4LmFtNS5od2Nkbi5uZXQ=.I64tmiTDjdlA84gfrt/HzOMYi2NXQJMeF4+GtSWQYpQ=
last-modified: Sun, 22 Jan 2023 18:47:15 GMT
server: nginx
etag: "a6d2f143b3f1e83353230f1c7580d14f"
x-hw: 1674574017.cds227.am5.hn,1674574017.cds008.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=13732
accept-ranges: bytes
content-length: 13869

GET
H3 200 783drn.jpg
i.imgflip.com/ 78 KB
79 KB 157ms
152ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/783drn.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b709a16e6634813d223a8c5402e76d5e213dad2dc59c438a67882b1e2eecdef0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
x-amz-request-id: 5KM0WD4Y7NH7NT9X
age: 401049
cf-polished: origSize=80757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80118
x-amz-id-2: vDeH3by2GnBqvgEC4nKtj91LahetH0Gbzr+HkhJg3vFHq3t75bHFOQtyRvtBVVSdpIcN+kw/Ooo=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 19 Jan 2023 23:54:01 GMT
server: cloudflare
etag: "5888337f5b359634bb9ccbd0f9728493"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 78e9ca568e05929b-FRA
expires: Fri, 21 Jan 2033 15:26:57 GMT

GET
H3 200 78j0bx.jpg
i.imgflip.com/ 154 KB
154 KB 196ms
192ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/78j0bx.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dc98270face9301440983d4accc6262a72b70ed6b4743b1be7370fac84579df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
x-amz-request-id: C6BCP9Q28XADG6R1
age: 52922
cf-polished: origSize=158565
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 157580
x-amz-id-2: b25cYQTJiMXSxCRq/5gsBbUsBaBuRlasa8FQ0e5xdDQfh0XxPb/PRUs05tOnex5XWcQop3dqIXo=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 00:36:20 GMT
server: cloudflare
etag: "11607ba9bffc9d8f5c26e67f04fd2b50"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 78e9ca568e08929b-FRA
expires: Fri, 21 Jan 2033 15:26:57 GMT

GET
H/1.1 200
OK busty-blonde-with-a-pistol.jpg
www.myconfinedspace.com/wp-content/uploads/2015/09/ 143 KB
144 KB 487ms
117ms Image
image/jpeg 207.38.87.190
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myconfinedspace.com/wp-content/uploads/2015/09/busty-blonde-with-a-pistol.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.38.87.190 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

condor3113.startdedicated.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

14bf61c5770a2cc70b8db4dc7fc902d71180cdf5d518ce6f3ca6eab1f5f56f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 15:26:57 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin
Last-Modified: Sat, 26 Oct 2019 03:51:04 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "23d31-595c82d03600c"
X-Frame-Options: SAMEORIGIN
Upgrade: h2,h2c
Content-Type: image/jpeg
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Length: 146737
X-XSS-Protection: 1; mode=block

GET
H2 200 ARHjSG65BI1q_320x180.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 15 KB
16 KB 70ms
57ms Image
image/jpeg 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ARHjSG65BI1q_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1082:1 , Slovenia, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1082 /

Resource Hash

23f394016e0da953dbd26c66ad280494ad6cd4a8f873819dd7d38fbbf214401e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 1077
x-amz-request-id: tx0000000000000187af0f1-0063cf57a8-2c2c0512-nyc3a
cdn-cachedat: 01/24/2023 03:59:36
cdn-pullzone: 89010
content-length: 15523
last-modified: Tue, 24 Jan 2023 03:40:07 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 753011c98cb2b1a8ee359d03f13eb04d
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 celestsolum.png
www.ournewearthnews.com/wp-content/uploads/2023/01/ 13 KB
13 KB 1588ms
455ms Image
image/webp 162.241.30.109
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ournewearthnews.com/wp-content/uploads/2023/01/celestsolum.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.30.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5924.bluehost.com
Software: Apache /
Resource Hash: f61aac9e57cffbba777d84600f93c49488c3f184c622fc7ad2befccc86152bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
x-nginx-cache: WordPress
last-modified: Sun, 22 Jan 2023 16:19:14 GMT
x-wpo-webp: Redirected directly to existing webp
server: Apache
vary: Accept
x-endurance-cache-level: 2
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 13474
expires: Wed, 25 Jan 2023 15:26:58 GMT

GET
H2 200 boronboraxwalterlasthealthnewsmedicalnews.png
www.ournewearthnews.com/wp-content/uploads/2022/12/ 29 KB
29 KB 1548ms
456ms Image
image/webp 162.241.30.109
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ournewearthnews.com/wp-content/uploads/2022/12/boronboraxwalterlasthealthnewsmedicalnews.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.30.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5924.bluehost.com
Software: Apache /
Resource Hash: dc8e25ec2dd84af976b1cf1e7755b77e2589b2f89617cdc8b7ef8e452cd97a30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
x-nginx-cache: WordPress
last-modified: Fri, 09 Dec 2022 17:45:53 GMT
x-wpo-webp: Redirected directly to existing webp
server: Apache
vary: Accept
x-endurance-cache-level: 2
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 29468
expires: Wed, 25 Jan 2023 15:26:58 GMT

GET
H3 200 78hakk.jpg
i.imgflip.com/ 105 KB
105 KB 152ms
151ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/78hakk.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88cc897c1a7d0c03a880c22ad87562233f4eea92dffc97a9a532daf1ec14b32c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
x-amz-request-id: A6MDC77P4XVA4VN5
age: 79113
cf-polished: origSize=107598
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107108
x-amz-id-2: cQaDSnCGQCbihencTScDP26k4b+zcRFtB+GbRz+uMuYr90338cQOaIPs5Mi3JSjX9ZxpqRXV+28=
cf-bgj: imgq:100,h2pri
last-modified: Mon, 23 Jan 2023 17:22:03 GMT
server: cloudflare
etag: "a6ae5963445e94b29c19b6150ad2f5ff"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 78e9ca573f00929b-FRA
expires: Fri, 21 Jan 2033 15:26:57 GMT

GET
H2 200 sDq0h.oq1b-small-SGANON-W-EXPLOSIVE-INTERVIE.jpg
sp.rmbl.ws/s8/1/s/D/q/0/ 19 KB
19 KB 20ms
18ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/s/D/q/0/sDq0h.oq1b-small-SGANON-W-EXPLOSIVE-INTERVIE.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 4c0939c4a09ebdceae04db026a7ad9e0e6dfe9871b9a88331a559ca6bfea6910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
x-sp-metadata: HS256.CNGNwJ4GEooBCiQwYWU3YWJmYy04MjQxLTQ4MWEtYmI3ZS1kODc2OGJjZTQwYzYQ2N7OgrrD/AIaBgjB8b+eBiIPMTg1LjIxMy4xNTUuMTc3KMqGAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkMjNkMWEzNDgtOGFmNS00ODVmLTljNzUtOTA5MjAyNjZmMTliGJKXASIYCAISFGNkczEyOC5hbTUuaHdjZG4ubmV0.qxnE30UDQOacG01v+Y/aTCHI7ItzUnUktC3gutbsYAE=
last-modified: Wed, 18 Jan 2023 04:33:23 GMT
server: nginx
etag: "06a423e6d20e807946e29ca492dc9779"
x-hw: 1674574017.cds227.am5.hn,1674574017.cds128.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=52575
accept-ranges: bytes
content-length: 19346

GET
H3 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 73ms
72ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202212281.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202212281.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1882824
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-3be6"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca561e5ebc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:01 GMT

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame D1D9 3 KB
1 KB 22ms
21ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202302415
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cc6ec239f234d5a18b64d69e6d302015311830e98901815992b422fe553c3a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:56 GMT
x-amz-version-id: 2EmxEJ1mNzNKIsquEMAeHH6ZccNpbB2O
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 87ZD5C5GVCEKM0NT
age: 3390
cf-polished: origSize=2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: dB2k2+D2aw6hJSO0ZJBIWcvPbaRH4zrenvHcOF2rHGEgzb//w9ZtJM/Nn5RiEToIhw1q+jT01Eg=
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 10:07:34 GMT
server: cloudflare
etag: W/"bdada3687ff26c2d0b9aeee7bfa977a2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 78e9ca562a219a1d-FRA
expires: Tue, 24 Jan 2023 18:26:56 GMT

GET
H2 200 ajs.js Show response
cdn2.customads.co/_js/ 7 KB
3 KB 149ms
25ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.customads.co/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
content-encoding: gzip
via: 1.1 google
x-sp-metadata: HS256.CNGNwJ4GEooBCiRkMTQwNDFmMC1kNGRkLTQwYmUtODllMy00OWMxODM2NmEzNWIQqNnfzcKz/AIaBgjB8b+eBiIPMTg1LjIxMy4xNTUuMTc3KOiGAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkZjcyOTAzZjYtZTc4ZC00NzM5LThhNTItNzIyODU3OTRlYjdhGJIXIhgIAhIUY2RzMzE2LmFtNS5od2Nkbi5uZXQ=.9KPHd5Tk4vuoOia5uOZRT/m0fA3wPRSap50XAmuFyZ0=
last-modified: Mon, 23 Jan 2023 17:37:39 GMT
etag: W/"1a40-185dfb4ffb6"
x-hw: 1674574017.cds151.am5.hn,1674574017.cds316.am5.c
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2962

GET
H3 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
43 KB 63ms
62ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202212281.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202212281.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1882817
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-a834"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca563e88bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
49 KB 169ms
88ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4086e914356edc6a59a47ac5add3bfe4920bada525bbb722731ea281777ce172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49789
x-xss-protection: 0
server: cafe
etag: 11330174613106167465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 15:26:57 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
527 B 52ms
15ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 10:19:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 18433
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPg6Fp2PXeHhXY4AL%2BOP%2BDPJF7ZR0lu8I738rzA9JKnWST5WZ6CYbKrD1Zyj1BXdYTOytI5f5BBPEcfIG19qaHguduyFnqevE9cuBsMK329U8mRu4%2FZP0x3z7Y3gdXp81rk7ptD%2FqUXZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 78e9ca577de99070-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9

GET
H2 200 adcode.png
rddywd.com/ 43 B
554 B 67ms
21ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 55385
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8u2bVZfsxAt559%2FXZu1WERE0CEW2PgTYZFxB00JL37cj9dlPpmFVAyV8eQvkSWp%2FFOMmWAVY8WabMAn7lZoujP%2FnA6hM%2BMxclawzC41H%2FGx%2Bef1tiDmi9gSCdKqv9poKEWEE6YvrJIe"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 78e9ca578d7a904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 204 generate_204
www.googleapis.com/ 0
210 B 120ms
37ms Image
text/plain 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 58ms
38ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202212281.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202212281.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 711054
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-a0e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca568f4ebc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 06 Jan 2024 19:54:23 GMT

GET
H2 200 eMj5h.oq1b.2-small-LIVE-The-Plot-To-VAXX-Every.jpg
sp.rmbl.ws/s8/1/e/M/j/5/ 37 KB
38 KB 36ms
23ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/e/M/j/5/eMj5h.oq1b.2-small-LIVE-The-Plot-To-VAXX-Every.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 0f92a9744abe399bad1b949e050c69d4b3490fcc677e4fa52188de3a32884714

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
x-sp-metadata: HS256.CNGNwJ4GEooBCiQwMjliYWQ5Ny1lNThhLTQ1MDYtYmYyYS02NDc0NDYwMTkxYzkQ2N7OgrrD/AIaBgjB8b+eBiIPMTg1LjIxMy4xNTUuMTc3KMqGAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkNzYxMTc1N2MtNDkyMS00YTNiLWFhYzQtYmVhZjAxMmU4YWU2GN+qAiIYCAISFGNkczIwMy5hbTUuaHdjZG4ubmV0.li6IFeWypETe0O5kkvYUuVtqesL6V4c3SpSdbcy/imI=
last-modified: Mon, 23 Jan 2023 22:04:50 GMT
server: nginx
etag: "5a8e6038daf0b666f18537afd88f265c"
x-hw: 1674574017.cds227.am5.hn,1674574017.cds203.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=24043
accept-ranges: bytes
content-length: 38239

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/2rtmNNtj9k8/ 42 KB
43 KB 38ms
36ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/2rtmNNtj9k8/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4108e6e1f52de73c63f4b5888c5d826de8284f7c34109a5f5990526c055d4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:24:52 GMT
x-content-type-options: nosniff
age: 125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43275
x-xss-protection: 0
server: sffe
etag: "1674557089"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 24 Jan 2023 15:29:52 GMT

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
486 B 999ms
715ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe2f2ccf31bf1b69c020d42c67ef29440eec4d6d6327e38af79c998a837846d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
x-frame-options: SAMEORIGIN
cf-ray: 78e9ca58ba262c5e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
content-length: 16
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame 527C 33 KB
10 KB 60ms
9ms Document
text/html 99.86.4.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-40.fra6.r.cloudfront.net

Software

tv /

Resource Hash

05ca25fa74fb13d508e5e80cfb87b6c112ab536415c59ccce3ce4a956b9629bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'; object-src 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://.ampproject.org/ https://.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-a7V2tjWhoWTmJWvgEG4ptQ=='
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81
alt-svc: h3=":443"; ma=86400
cache-control: max-age=120
content-encoding: gzip
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'; object-src 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-a7V2tjWhoWTmJWvgEG4ptQ=='
content-type: text/html; charset=utf-8
date: Tue, 24 Jan 2023 15:25:36 GMT
expires: Tue, 24 Jan 2023 15:27:36 GMT
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-id: jlZjVtg1jLA8xCnMDDSgEMDXcAVp-EYzPV1qDJw3SOj7HduVPXIYJQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 beforeitsnews.com.720413.es6.js Show response
jsc.mgid.com/b/e/ 265 KB
76 KB 28ms
28ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 963e8f3a4445ad949ba7d22f576988862f6f6dd41dcdfd105534de80690262ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
x-amz-version-id: khMKR_6sbveBnhWzZS97vJ3PrOZ5mSPB
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: ANDFX9SQ4A1ZT9SZ
age: 4267
cf-polished: origSize=271407
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: yRqK1sPvIcA3gGNtqtnokBMVOidFP2JCkmbWDAX4X5EcxQ/NrNFmfY5MWgkTywYRwX1wCQIwdS8=
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 10:08:11 GMT
server: cloudflare
etag: W/"9a7ce1287621131baa436a9819a8807d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 78e9ca5729112c6e-FRA
expires: Tue, 24 Jan 2023 18:26:57 GMT

GET
H3 200 beforeitsnews.com.720415.es6.js Show response
jsc.mgid.com/b/e/ 265 KB
76 KB 45ms
45ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2a485a12877fea07455a904403772cd14d17015280daa9f88882d21f5d8873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
x-amz-version-id: JhyK2GbxQ2w0RJGadc.t92bEJxKc7Nc7
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 01SCW7GKXZ30JCMZ
age: 62
cf-polished: origSize=271407
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 9QwSO8etS9Q8ls5NzJgU1tCWDf6G7G5yYFA78JJ9UgaNhocksATI2M5mpblrj1cU1xpQeuNgnwc=
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 10:08:28 GMT
server: cloudflare
etag: W/"8f33533cb60220b44f3322eb1da4acd3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 78e9ca5729142c6e-FRA
expires: Tue, 24 Jan 2023 18:26:57 GMT

GET
H3 200 beforeitsnews.com.351459.es6.js Show response
jsc.mgid.com/b/e/ Frame D1D9 266 KB
76 KB 31ms
31ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202302415
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d4a5500923a659d39bd547d72f37372f7e97ab0cae00e9f25cf431095a7420a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
x-amz-version-id: yG8FFov0kFyrKWLc0awUFgTGxkkUowmb
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: JNADQFMZXWKEK391
age: 4267
cf-polished: origSize=272074
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: iL5gnQ/Acfcxfnkp0rIzIBMiFx+4qUxbutFSDNUN1khYdhF4+lNrFei25dfoWczMRlVNompdUWM=
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 10:07:34 GMT
server: cloudflare
etag: W/"63df79f68a4872c0606743b11f1329ed"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 78e9ca57495d2c6e-FRA
expires: Tue, 24 Jan 2023 18:26:57 GMT

GET
H2 200 runtime.f041f1866286de4e12b1.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 63 KB
26 KB 47ms
14ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/runtime.f041f1866286de4e12b1.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

959921de973b59e11381ed7a5f03d3851d8debd0193c35d63aa02a41fbcbcd53

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 14271
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 26162
referrer-policy: origin-when-cross-origin
last-modified: Tue, 24 Jan 2023 10:51:56 GMT
server: tv
etag: "63cfb84c-6632"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 5Dnq9Om_tVcXv2IHljzGliBzzi-M4rLWNpUC8lsCw_ZJI3jEtR66tA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 en.4571.0ea7a2ca821ebc2828f7.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 3 KB
2 KB 48ms
16ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/en.4571.0ea7a2ca821ebc2828f7.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

827846bf37c1ddb30e84958ef807853bf1d2482b3629927c1034f84b85f32bf3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 14271
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1018
referrer-policy: origin-when-cross-origin
last-modified: Tue, 24 Jan 2023 10:51:56 GMT
server: tv
etag: "63cfb84c-3fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: qU-cKXUMNxN2Gqqzwbv2x-GsYTFTD8sIYuJObY55xVox7_RLTqxVDw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 en.73717.1edce5cc655220d8d9ed.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 10 KB
4 KB 8ms
7ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/en.73717.1edce5cc655220d8d9ed.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

ad60e82991479b97628d23059388eee30e8ef242a8c5f66ca91e4b177e1a6261

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 14271
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3471
referrer-policy: origin-when-cross-origin
last-modified: Tue, 24 Jan 2023 10:51:56 GMT
server: tv
etag: "63cfb84c-d8f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: VsPU-ZAwEzgslP5-10_p4TD6YJb6FPY-8ZxNgNI7b8G8fAl66J1_HA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 en.29610.91311073b079aae08237.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 39 KB
8 KB 8ms
7ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/en.29610.91311073b079aae08237.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

a7e44100eab9ff10eaf86232be5858183f50e27488f572f4899c71a60f73107d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 14271
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7204
referrer-policy: origin-when-cross-origin
last-modified: Tue, 24 Jan 2023 10:51:56 GMT
server: tv
etag: "63cfb84c-1c24"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: F7kLfb5yV1JR9x5jlN2rrPsLr_etTM1WkIyh2MoaeKwx6W5zi4sRDg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 en.79079.ba22ccafd0f0a3ccecc4.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 368 B
703 B 9ms
7ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/en.79079.ba22ccafd0f0a3ccecc4.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

f889c27015d4eb32a74d57f4fd5d3b67327065c7f7e021188e23a3b7d8ba7bdc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 11:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 534107
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 187
referrer-policy: origin-when-cross-origin
last-modified: Wed, 18 Jan 2023 10:21:42 GMT
server: tv
etag: "63c7c836-bb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: AIOv8521Wvc_1TTBnGnY5JBWHje8TWLgRwj4It7XoL26WqgCP0VedQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 46647.52493ae9f967406f683d.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 16 KB
5 KB 12ms
9ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/46647.52493ae9f967406f683d.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

1ae27091f28bc446830f5e45027d17a1099b7ab8357aa5a72a5f3c84a6d87901

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 10:17:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1314591
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4240
referrer-policy: origin-when-cross-origin
last-modified: Mon, 09 Jan 2023 09:06:03 GMT
server: tv
etag: "63bbd8fb-1090"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: C4iHJO6-kG4dKDAwd_asq19l7bUmIeSO82OJcuUGYl5MsYqDHtmNTw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 97532.539979dcf078d6273a99.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 20 KB
7 KB 13ms
9ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/97532.539979dcf078d6273a99.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

8ee3e1c1fe9cf8bc9804cf8b46b91f77d322c1d3fa7c1fb3dacd56f919bd4ca8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 967972
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6196
referrer-policy: origin-when-cross-origin
last-modified: Fri, 13 Jan 2023 08:35:55 GMT
server: tv
etag: "63c117eb-1834"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: ocmY98DJYchuQajAldEWKA24E4UMIl6ejJcKKORZ7w2B8JUpujcdaw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 53748.06fcdc5a1b850f86a915.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 13 KB
5 KB 13ms
10ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/53748.06fcdc5a1b850f86a915.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

a0d7b8a6237561de8a6c9369317d85f5d62d83b26847b181ddeef13c5ac3ea6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 06:06:17 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 4353640
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5057
referrer-policy: origin-when-cross-origin
last-modified: Fri, 02 Dec 2022 08:23:06 GMT
server: tv
etag: "6389b5ea-13c1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: bqSd3Rcjtfenr0G_kVrmycHvz6RowJdW9i8AewIuHnJLqmpSALWB-A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 61636.ada40e4c652da924bfce.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 6 KB
2 KB 14ms
11ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/61636.ada40e4c652da924bfce.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

6baa953e15a3b8c9ea11599c20b1ea9b494c3c8e76b3fee6434ff014a2933ca8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 11:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2865947
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1872
referrer-policy: origin-when-cross-origin
last-modified: Thu, 22 Dec 2022 10:52:18 GMT
server: tv
etag: "63a436e2-750"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: EofCYy-mYX3cT2LwkdeTtcsdHtFuQzal447GkPEZlbAg7tbxufFDfA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 43312.beb3e53ad0a7d21ff637.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 28 KB
11 KB 14ms
11ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/43312.beb3e53ad0a7d21ff637.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

1c65f5fb98903274d505057dc79049625c53a410fee21859e6f902610e9d64ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 14271
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 10254
referrer-policy: origin-when-cross-origin
last-modified: Tue, 24 Jan 2023 10:51:58 GMT
server: tv
etag: "63cfb84e-280e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: A-RSMdADIiX64ncxwyWqdvFoxVvqAq4MKfameIG7FbP6tjb1fG3VkA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 88698.c1751595eef9be47dce2.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 24 KB
8 KB 14ms
12ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/88698.c1751595eef9be47dce2.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

6e9a7da361305d9aafe70f454854ac8e196eedf4a581c21f047e4d57793b2b1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 10:14:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 364372
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7211
referrer-policy: origin-when-cross-origin
last-modified: Fri, 20 Jan 2023 08:57:11 GMT
server: tv
etag: "63ca5767-1c2b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 4kcurKqfeODEv7IXwMp9FMLPp9Sae3oYmA-ZAAvCUJXO3YHX-88BMg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 86981.19aa0ac24d19d5900500.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 80 KB
17 KB 15ms
13ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/86981.19aa0ac24d19d5900500.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

f8ca543be24fae0bffafd7ab5c7904ea9154be1069dcc0d93d3129744a0aed35

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 10:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1053890
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17228
referrer-policy: origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 08:43:58 GMT
server: tv
etag: "63bfc84e-434c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: xpxlHMwg78e61rEpCJ4Ai6_vOO1isXuhdEw7AlHXir2Y3ohrD1SKCA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 19240.9336c626b12d6ce72dba.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 28 KB
9 KB 16ms
13ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/19240.9336c626b12d6ce72dba.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

14c51f0de90f3f9528679d1b7477a76aec15be7e3c8bc0848fa490483e3d405b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 448431
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8505
referrer-policy: origin-when-cross-origin
last-modified: Thu, 19 Jan 2023 10:06:58 GMT
server: tv
etag: "63c91642-2139"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: oiPN9RgCGInSmZKMi1MDeslmwk7d5yyjSfQ5AEbvbHF7yoqfe0sTCg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 84258.cc38cadc45775e01eebd.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 28 KB
9 KB 16ms
14ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/84258.cc38cadc45775e01eebd.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

a47600637704c2c05ee69a3cd348a9c9a76f8a8f655899efeff70266ffb10fc9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 448431
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8242
referrer-policy: origin-when-cross-origin
last-modified: Thu, 19 Jan 2023 10:06:57 GMT
server: tv
etag: "63c91641-2032"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: po1XihFg_gzni7F4THBS3R_mbkneJi8QQRWMO-ZWz7_bDeOSti16nw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 69550.dfd2d402de02e09aca70.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 20 KB
6 KB 17ms
15ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/69550.dfd2d402de02e09aca70.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

163d5c11f834ccff3bb12178c3b98f97881877007464cceba82f66c2668b43d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 11:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 534110
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5551
referrer-policy: origin-when-cross-origin
last-modified: Wed, 18 Jan 2023 10:21:40 GMT
server: tv
etag: "63c7c834-15af"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: qkC4aWZvGHdCL5Uxihw63OhYlsXM23o2pMwjj-ECC1CRTeUJjlUCrg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 47393.fc138b600a435dee3542.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 15 KB
6 KB 18ms
16ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/47393.fc138b600a435dee3542.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

90f87a06cb8013db52dcc04f5123531ac9b917789071e60af9c32a615b83f4aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:10:07 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2175410
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5755
referrer-policy: origin-when-cross-origin
last-modified: Fri, 30 Dec 2022 10:36:31 GMT
server: tv
etag: "63aebf2f-167b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: syyOgDAwu70HNdp-rtLxa1l1oa6q4VTHWaSQYyLrO1GwqCKdwaxmoA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.3fbe4fab9c14ffb75527.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 23 KB
8 KB 19ms
17ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.3fbe4fab9c14ffb75527.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

fda06c42bf9de3e7fbd7bcf44d22b897ec103692d8569c64d568c015500e7d23

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 10:14:07 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 364370
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7426
referrer-policy: origin-when-cross-origin
last-modified: Fri, 20 Jan 2023 08:57:09 GMT
server: tv
etag: "63ca5765-1d02"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: rQLxyvdwzyqP8CciKqjV9kkC2HQUSrpKXxx-fFoZIwuhSwQL7XxXCA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 32350.ca9918cbf462aff5b55b.css
static.tradingview.com/static/bundles/embed/ Frame 527C 1 KB
1 KB 39ms
7ms Stylesheet
text/css 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/32350.ca9918cbf462aff5b55b.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

6159f32f1b79a94b26c2c580fdd4ffdfc91af5334f46c4d8b2a1597925fb2e78

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 07:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2186876
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 611
referrer-policy: origin-when-cross-origin
last-modified: Thu, 29 Dec 2022 09:47:02 GMT
server: tv
etag: "63ad6216-263"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: XDrdReOmu_d5S1zpFm5rYjH6em4dYTJ0QuUJSlMTTj-CHf3cCw7SkQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 96972.3ff50c27a31c85df6216.css
static.tradingview.com/static/bundles/embed/ Frame 527C 1 KB
810 B 39ms
8ms Stylesheet
text/css 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/96972.3ff50c27a31c85df6216.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

cb19fbbe887b10fc39e63ba83f2da46f1c24f2d7e965a5cba217c0db9099d136

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 07:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2186876
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 304
referrer-policy: origin-when-cross-origin
last-modified: Thu, 29 Dec 2022 09:46:53 GMT
server: tv
etag: "63ad620d-130"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: Bi-42_2n8Z4UnVhociu7Ka3j_ZdDtmlRlp3GAIGQYVYTNeMOChjOJw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 75398.2e21e39552e27b0c3f8d.css
static.tradingview.com/static/bundles/embed/ Frame 527C 2 KB
865 B 40ms
9ms Stylesheet
text/css 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/75398.2e21e39552e27b0c3f8d.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

31568e93727ea81019c4ad3ee96535f2999688c83e5612c45096a0a576a31701

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 09:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1317947
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 358
referrer-policy: origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 10:07:02 GMT
server: tv
etag: "63b7f2c6-166"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: DOnETRm1q1rqyh83GumOteAqmx2kipdfKFZDSXxyi5-g7BwM0iD7Qg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 34145.83330e98cd0f13f52e0f.css
static.tradingview.com/static/bundles/embed/ Frame 527C 9 KB
2 KB 40ms
9ms Stylesheet
text/css 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/34145.83330e98cd0f13f52e0f.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

35756cfdc99cea57d1bebba0304db1a4657bbfae0366c0bf15b1e48bdf113e9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 09:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1317947
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1254
referrer-policy: origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 10:07:05 GMT
server: tv
etag: "63b7f2c9-4e6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: jQu9S_kY6MD8Mm8Jp1W8wj02THAPEr3sU2dOetFAM37h5TOXZVd0nQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 31755.721cbfb1a5d6784e3109.css
static.tradingview.com/static/bundles/embed/ Frame 527C 2 KB
989 B 40ms
10ms Stylesheet
text/css 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/31755.721cbfb1a5d6784e3109.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

d1b8a0fc8cd1e1cee4a88d59f5787fdd243f2fbf583f809d5c8d5028ea2b1162

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 17:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3103910
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 482
referrer-policy: origin-when-cross-origin
last-modified: Mon, 19 Dec 2022 16:46:03 GMT
server: tv
etag: "63a0954b-1e2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: DEPdSHycBvUT7GHQQAj7fsiALfCY0bdq-QmMwXhwTfj83NCW7kYNzw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 75270.6f14db348a1e75a5a425.css
static.tradingview.com/static/bundles/embed/ Frame 527C 2 KB
1 KB 41ms
11ms Stylesheet
text/css 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/75270.6f14db348a1e75a5a425.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

d8a3a72207710b7b22ca2f4e82eb8fc7a14a514c655eeca8b8bc93ee2d467bbe

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 07:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2186876
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 541
referrer-policy: origin-when-cross-origin
last-modified: Thu, 29 Dec 2022 09:46:55 GMT
server: tv
etag: "63ad620f-21d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: ikR6FIvZMGnU0Ur6rGyvah7PHWVL85CXArLQnG6PbZXV2LBvC74szQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 76045.57ed1f0e14de0ce7dcbb.css
static.tradingview.com/static/bundles/embed/ Frame 527C 868 B
780 B 40ms
10ms Stylesheet
text/css 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/76045.57ed1f0e14de0ce7dcbb.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 09:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1317947
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 275
referrer-policy: origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 10:07:08 GMT
server: tv
etag: "63b7f2cc-113"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 15cas1HQN0E6KQ_2ePcYwujMGFy0N61055MbDlwcbukpZoM3YjYgdw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 66690.c7183a76dc0599de9f42.css
static.tradingview.com/static/bundles/embed/ Frame 527C 4 KB
1 KB 43ms
13ms Stylesheet
text/css 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/66690.c7183a76dc0599de9f42.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

fe19334709cd41c6c626aa65d242a3c096e5ef4d92097fc19fc27ab73d31d50a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 09:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1317947
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 566
referrer-policy: origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 10:07:02 GMT
server: tv
etag: "63b7f2c6-236"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 1SuRZCbFgvhYrHmv0Z76V4YY_5ZMFw5OUfKtDmShrGaYB-PyUvg7Ug==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 76270.a819f80182db62e2c3b6.css
static.tradingview.com/static/bundles/embed/ Frame 527C 6 KB
2 KB 40ms
10ms Stylesheet
text/css 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/76270.a819f80182db62e2c3b6.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

7908c2f4b89146df43567c37fef2bfcb60e7cbad27f8e6650c5d6f94388778b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 10:42:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1053888
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1102
referrer-policy: origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 08:44:00 GMT
server: tv
etag: "63bfc850-44e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: i5V8-fkNS0ENEV3P4lMTf1pxN2surF3HYqbT7OfyxUj8UghjTShh0w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 125ms
36ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Jan 2023 14:26:10 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 24 Jan 2023 16:26:10 GMT

GET
BLOB 200
OK 54bdd7a3-2791-43b1-bbbf-128249de9bb5
https://beforeitsnews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/54bdd7a3-2791-43b1-bbbf-128249de9bb5
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 258a95b6-4c5d-4d89-a745-39fa811c0819
https://beforeitsnews.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/258a95b6-4c5d-4d89-a745-39fa811c0819
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 9dbad97a-4640-493f-95d3-c66d6e27b1e6
https://beforeitsnews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/9dbad97a-4640-493f-95d3-c66d6e27b1e6
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK a8632781-f8ba-4a5f-81ae-b083e627f29e
https://beforeitsnews.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/a8632781-f8ba-4a5f-81ae-b083e627f29e
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK e99d40ab-76c2-4dbf-a5e7-936c46c0cb91
https://beforeitsnews.com/ Frame D1D9 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/e99d40ab-76c2-4dbf-a5e7-936c46c0cb91
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK d9435e4c-de81-42b7-ba38-4eaa4d53fb89
https://beforeitsnews.com/ Frame D1D9 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/d9435e4c-de81-42b7-ba38-4eaa4d53fb89
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 527C 110 KB
43 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/43312.beb3e53ad0a7d21ff637.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b7c0c53821ed7cd18719a8f8097718fac9aa3a6fd4b7600f9c8642d8732af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44033
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 24 Jan 2023 15:26:57 GMT

GET
H3 200 24966.415109541489380d12f6.css
static.tradingview.com/static/bundles/embed/ Frame 527C 801 B
585 B 9ms
8ms Stylesheet
text/css 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/24966.415109541489380d12f6.css

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/runtime.f041f1866286de4e12b1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

a5068464290b2b7404e5f67f0bbbcabfc046b1e6d635430e91e77d96461c95ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 07:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
age: 2186874
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 219
referrer-policy: origin-when-cross-origin
last-modified: Thu, 29 Dec 2022 09:46:56 GMT
server: tv
etag: "63ad6210-db"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: n7of4JqdwcqUyYMEMJXri0jKbzWpxPv4qqJJ6TURJrx4yinJ4bhgSA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tradingview-copyright-data-impl.633dde454d123fa388d9.js Show response
static.tradingview.com/static/bundles/embed/ Frame 527C 4 KB
2 KB 8ms
8ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.633dde454d123fa388d9.js

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/runtime.f041f1866286de4e12b1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

143.204.215.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-19.fra53.r.cloudfront.net

Software

tv /

Resource Hash

4a726be2f2c71e83ac3a30833a22ee41fe2653aeedc4ef4699dc68ab85467d90

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
age: 2954210
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2082
referrer-policy: origin-when-cross-origin
last-modified: Wed, 21 Dec 2022 10:09:18 GMT
server: tv
etag: "63a2db4e-822"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: g4umijuRyo1Nzrxi5IqcDAHJZjOqbeIKDFh2B3-9lScGlQj7XmZrcQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230119/r20190131/ Frame 88B5 10 KB
5 KB 125ms
38ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230119/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 20:06:15 GMT
etag: 10353107486223812946
expires: Mon, 06 Feb 2023 20:06:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
148 B 43ms
42ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=156838433&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=339293129&gjid=1533354891&cid=1858559797.1674574017&tid=UA-16055024-1&_gid=2002177170.1674574017&_r=1&_slc=1&gtm=2wg1n05D8XJ6Q&z=584898872

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 15:26:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 35ms
35ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=156838433&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=1858559797.1674574017&tid=UA-16055024-1&_gid=2002177170.1674574017&gtm=2wg1n05D8XJ6Q&z=1322579128

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 18:07:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76766
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 36ms
36ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 18:07:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76766
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8301289771671655 Show response
customads.co/lad/ Frame 0BC4 1 KB
1 KB 180ms
139ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Tue, 24 Jan 2023 15:26:57 GMT
via: 1.1 google

GET
H2 200 10864438442185062 Show response
customads.co/lad/ Frame 4082 1 KB
2 KB 173ms
135ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Tue, 24 Jan 2023 15:26:57 GMT
via: 1.1 google

GET
H2 204 search
www.tradingview-widget.com/sheriff/api/v1/rules/ Frame 527C 0
0 51ms
10ms Fetch 18.66.112.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tradingview-widget.com/sheriff/api/v1/rules/search?origin=https%3A%2F%2Fbeforeitsnews.com
Requested by: Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/43312.beb3e53ad0a7d21ff637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-36.fra56.r.cloudfront.net
Software: tv /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:32:57 GMT
via: 443, 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: tv
x-amz-cf-pop: FRA56-P5
age: 3240
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-cache: Hit from cloudfront
access-control-allow-origin: https://s.tradingview.com
cache-control: public, max-age=3600, s-maxage=3600
cross-origin-resource-policy: same-site
vary: Origin
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: sIdpBD1byvVRcTvlMKR67tYyX7hmDy-2webcQnhB5MjAUl7ta4PhWw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 527C 49 KB
20 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Jan 2023 14:26:10 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 24 Jan 2023 16:26:10 GMT

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 527C 3 KB
928 B 102ms
7ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:44:58 GMT
content-encoding: gzip
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2519
x-cache: Hit from cloudfront
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
server: AmazonS3
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: qCJpmzQdxuVRMNIIyziKuW4ZHgKPnFt7tf34W2gu46hrd3dfNOiVoA==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 527C 870 B
1 KB 102ms
7ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:45:22 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2496
x-cache: Hit from cloudfront
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
alt-svc: h3=":443"; ma=86400
content-length: 870
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
server: AmazonS3
etag: "e9173ef4613c3da43c45885ea39c4b96"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: pgR5N40XaUjdS8reBzzUTPduzGn1At_H0cq1zZrE7mUI5q2U_kS9MQ==

GET
H2 200 nasdaq-100.svg
s3-symbol-logo.tradingview.com/indices/ Frame 527C 777 B
1 KB 103ms
9ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:34:46 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 3132
x-cache: Hit from cloudfront
x-amz-meta-hash: fe60c6206a39b7984b1ebb2b8234c5ab
alt-svc: h3=":443"; ma=86400
content-length: 777
last-modified: Thu, 26 May 2022 07:17:23 GMT
server: AmazonS3
etag: "fe60c6206a39b7984b1ebb2b8234c5ab"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 9Ts6oBNtL6K2yqgzN-cX_VMDFaB8IPfmzdoQqsPEwLsgDpirJL0iAg==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 527C 801 B
1 KB 104ms
9ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:47:27 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2370
x-cache: Hit from cloudfront
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
alt-svc: h3=":443"; ma=86400
content-length: 801
last-modified: Wed, 08 Sep 2021 09:03:52 GMT
server: AmazonS3
etag: "107060b925841745f310697bd9f1f83d"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 5iTUziapDt86FSIilwDpDcEY3DEocVK8-96QCdVP7tfODhaTiFRB2g==

GET
H2 200 s-and-p-500.svg
s3-symbol-logo.tradingview.com/indices/ Frame 527C 1 KB
1 KB 105ms
10ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc65c6721af6fef8b02dca12cd466a18150acbe66203f45d76782f210194867e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:17:24 GMT
content-encoding: gzip
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 574
x-cache: Hit from cloudfront
x-amz-meta-hash: f120e635d6a57528861fe87233bc6c11
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 May 2022 07:17:22 GMT
server: AmazonS3
etag: W/"f120e635d6a57528861fe87233bc6c11"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 7nHoVziUnCROMczELvx54SX_YmHv58uBk_XyhDQsgtAEgpv4MMFhvQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-16055024-1&cid=1858559797.1674574017&jid=339293129&gjid=1533354891&_gid=2002177170.1674574017&_u=YEBAAEAAAAAAACAAI~&z=375253170

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 24 Jan 2023 15:26:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 527C 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1479733597&t=pageview&_s=1&dl=https%3A%2F%2Fs.tradingview.com%2Fembed-widget%2Fticker-tape%2F%3Flocale%3Den&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Ticker%20Tape%20Widget&sd=24-bit&sr=1600x1200&vp=775x46&je=0&_u=YEAAAQABAAAAAAAAIE~&cid=1247474754.1674574018&tid=UA-132755435-1&_gid=1017922214.1674574018&gtm=2ou1n0&gcs=G1-0&z=792934621

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 09:07:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22751
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 apple.svg
s3-symbol-logo.tradingview.com/ Frame 527C 1 KB
1 KB 47ms
10ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/apple.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:40:44 GMT
content-encoding: gzip
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2774
x-cache: Hit from cloudfront
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
server: AmazonS3
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: OMlcSXUBVmLogj5JP_42jTmWQzwSI5NgpzslhkKzO562AqRNsBkWYA==

GET
H2 200 meta-platforms.svg
s3-symbol-logo.tradingview.com/ Frame 527C 786 B
1 KB 8ms
7ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/meta-platforms.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:34:07 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 3171
x-cache: Hit from cloudfront
x-amz-meta-hash: cafd1d7d717ad67e5dbe45b88fa3d47b
alt-svc: h3=":443"; ma=86400
content-length: 786
last-modified: Fri, 05 Nov 2021 11:07:13 GMT
server: AmazonS3
etag: "cafd1d7d717ad67e5dbe45b88fa3d47b"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: sKAbG-SMssQ0jLD9QSI0JssjM8BZCrWDvsSvOECJm-wZ56poUJprdw==

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 527C 836 B
1 KB 9ms
8ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b9fe71606636a37b6f7fb74e8ea572130d0f61dbcd92fe3ae40e80425f56fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:42:09 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2689
x-cache: Hit from cloudfront
x-amz-meta-hash: 22c56ff05dc453a69fdbae0b7a7eb06c
alt-svc: h3=":443"; ma=86400
content-length: 836
last-modified: Fri, 18 Nov 2022 08:44:55 GMT
server: AmazonS3
etag: "22c56ff05dc453a69fdbae0b7a7eb06c"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: si1KTQArrL3GXlsNnpKu7SBh2BYN8mN0s-S0qXGnCDmgf2gUJHmGVA==

GET
H2 200 alphabet.svg
s3-symbol-logo.tradingview.com/ Frame 527C 761 B
1 KB 9ms
8ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/alphabet.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:30:35 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 3382
x-cache: Hit from cloudfront
x-amz-meta-hash: d721ee9258a9e765f67ec5dfb05d72f2
alt-svc: h3=":443"; ma=86400
content-length: 761
last-modified: Wed, 08 Sep 2021 08:55:20 GMT
server: AmazonS3
etag: "d721ee9258a9e765f67ec5dfb05d72f2"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: KKUHeWy78F4GdpbLdNN932XtTWPdiZl5rylc5X-b8vVWF1uaas2J1w==

GET
H2 200 berkshire-hathaway.svg
s3-symbol-logo.tradingview.com/ Frame 527C 1 KB
1 KB 9ms
9ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/berkshire-hathaway.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:23:01 GMT
content-encoding: gzip
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1817
x-cache: Hit from cloudfront
x-amz-meta-hash: 7c18bc7ae368cb48e47ba8066bb6f18d
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 09:01:25 GMT
server: AmazonS3
etag: W/"7c18bc7ae368cb48e47ba8066bb6f18d"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 5EWnqefpKO1jdKhhBMVhmu15znK1PkXFY8kFPoywk7Al7-6M7uRmig==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 139ms
59ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-16055024-1&cid=1858559797.1674574017&jid=339293129&_u=YEBAAEAAAAAAACAAI~&z=667546326

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 15:26:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 207ms
85ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-16055024-1&cid=1858559797.1674574017&jid=339293129&_u=YEBAAEAAAAAAACAAI~&z=667546326

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 15:26:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
66 B 48ms
33ms Script
text/plain 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1674574017597270753790&lct=1674000000&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=63cff8c2-0fce7&pageView=1&pvid=185e463b43eab11cc12&site=310742&implVersion=10&dpr=1&tfre=884
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78e9ca5a19589a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content b7e30ebf-c04f-49ce-a0d3-be608746bb75
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/b7e30ebf-c04f-49ce-a0d3-be608746bb75
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 amazon.svg
s3-symbol-logo.tradingview.com/ Frame 527C 1 KB
1 KB 20ms
19ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/amazon.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:22:32 GMT
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 267
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 08:57:49 GMT
server: AmazonS3
etag: W/"839d24db4574bb8543cec9624d3e1007"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: JDfXyy12zVGwEmgbFmd4rSNb4dy0bYVLQ3U581d8j7uVBjnKaRJKww==

GET
H3 200 crispr-therapeutics-ag.svg
s3-symbol-logo.tradingview.com/ Frame 527C 1 KB
1 KB 21ms
20ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crispr-therapeutics-ag.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:25:55 GMT
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 120
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: 16a44c1a6154b68c7aa2fa206e59c817
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 09:03:06 GMT
server: AmazonS3
etag: W/"16a44c1a6154b68c7aa2fa206e59c817"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: ucfg9JJkMU17LEQkxZs9WqmhWqCs0xOpF8W0Mk7-tn26IdNOONY7OA==

GET
H3 200 dillards.svg
s3-symbol-logo.tradingview.com/ Frame 527C 522 B
951 B 20ms
19ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/dillards.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:05:27 GMT
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 1495
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: fe0a346dd65be84d3e810b04e0ec4c77
alt-svc: h3=":443"; ma=86400
content-length: 522
last-modified: Wed, 08 Sep 2021 08:56:49 GMT
server: AmazonS3
etag: "fe0a346dd65be84d3e810b04e0ec4c77"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: pDB39G3lUr8uZer82_3dfb2QeJc5fN0ew1O-tZXL-SvYIpbnUdGxQQ==

GET
H3 200 united-parcel.svg
s3-symbol-logo.tradingview.com/ Frame 527C 1 KB
1 KB 21ms
20ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/united-parcel.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:21:49 GMT
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 309
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: ffadcdfb231eca2a6bddb9ca0efde5be
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 08:56:05 GMT
server: AmazonS3
etag: W/"ffadcdfb231eca2a6bddb9ca0efde5be"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: kVhxpdkd4hpsLBpu-bcCJEeZ8IjRvpgN7E1y97QenneZ1_JgUDTB7w==

GET
H3 200 fedex.svg
s3-symbol-logo.tradingview.com/ Frame 527C 182 B
612 B 19ms
19ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/fedex.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:10:43 GMT
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 976
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: a4fcbd383e2f657b6528f4aa95844de5
alt-svc: h3=":443"; ma=86400
content-length: 182
last-modified: Wed, 08 Sep 2021 08:56:21 GMT
server: AmazonS3
etag: "a4fcbd383e2f657b6528f4aa95844de5"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 7IVdeB_g40zNXyw2-ddkfyTRnhxe2y3Kj_X9vrZereciaoDYc31NTA==

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 4082 45 KB
17 KB 20ms
19ms Script
text/javascript 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Jan 2023 14:21:41 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3916
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Tue, 24 Jan 2023 16:21:41 GMT

GET
BLOB 206
Partial Content f6c57310-e94a-43e4-808b-f95e07fa3c67
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/f6c57310-e94a-43e4-808b-f95e07fa3c67
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 0BC4 45 KB
17 KB 23ms
23ms Script
text/javascript 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Jan 2023 14:21:41 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3916
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Tue, 24 Jan 2023 16:21:41 GMT

GET
BLOB 206
Partial Content 7f0bb9c8-0730-4d09-b42d-3c5b9ed3080f
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/7f0bb9c8-0730-4d09-b42d-3c5b9ed3080f
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 microsoft.svg
s3-symbol-logo.tradingview.com/ Frame 527C 304 B
734 B 8ms
7ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/microsoft.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:16:43 GMT
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 615
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
alt-svc: h3=":443"; ma=86400
content-length: 304
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
server: AmazonS3
etag: "074d127e2f9fd8c2e79c01a5f002979c"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: BaHA3hk1ln41cokuCdLmytFYW1vZTKvZcEJLM4Vk6wN0CXMP4Y0zfg==

GET
H3 200 tesla.svg
s3-symbol-logo.tradingview.com/ Frame 527C 508 B
940 B 8ms
8ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/tesla.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:30:04 GMT
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 3414
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
alt-svc: h3=":443"; ma=86400
content-length: 508
last-modified: Wed, 08 Sep 2021 09:01:16 GMT
server: AmazonS3
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: PXmQ5nDNvBcQfPlUz-j8PMwr3-RHoz6tq56HH6DQi0C2L5r97S7jDw==

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 32ms
17ms Image
image/svg+xml 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BMS2JTQQHWBDN39N
age: 3090
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: itZtl/vncvcRl3RoPVhXerIphKTDQdl/P4V3JLIGOpGgPpKAtk6qw8GTCLFwy+LbMB6dIQXcAKI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 78e9ca5a9a669a1d-FRA
expires: Wed, 25 Jan 2023 15:26:57 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
812 B 35ms
20ms Image
image/svg+xml 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 66PF1CB395F0JDWF
age: 971
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: km11XDsIRyZsaniKfGBc8XlTPA6yEL6A44r4R4TfKSkGebd8aBSAnLJauwTmCCA+L1Nhx9YyloQ=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 78e9ca5a9a649a1d-FRA
expires: Wed, 25 Jan 2023 15:26:57 GMT

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 19:21:31 GMT
x-content-type-options: nosniff
age: 590726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 19:21:31 GMT

GET
H3 200 ebay.svg
s3-symbol-logo.tradingview.com/ Frame 527C 1 KB
1 KB 8ms
8ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/ebay.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:21:57 GMT
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 313
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: 10fc27643c8debeb225d244f546f3641
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 08:57:07 GMT
server: AmazonS3
etag: W/"10fc27643c8debeb225d244f546f3641"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: n_ctwQVufLROgSdCA-o8G454ErkuqV6_HDZTBAdoVFCTLUOgguFAcA==

GET
H3 200 walt-disney.svg
s3-symbol-logo.tradingview.com/ Frame 527C 1 KB
1 KB 10ms
9ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/walt-disney.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31257fdc7fa342a349e0e054c694570eba2bd8e05f44444def4021d549ed8153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:04:29 GMT
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 1349
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: 56b3637bda59798c561f6b371aa11c36
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 08:58:26 GMT
server: AmazonS3
etag: W/"56b3637bda59798c561f6b371aa11c36"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 5zhelLs4k3j-GXPOCz-A7TwAjTkqEgRXue7EfvOhDR9tu11D5kkwEA==

GET
H3 200 paypal.svg
s3-symbol-logo.tradingview.com/ Frame 527C 1 KB
1 KB 10ms
9ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/paypal.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:06:31 GMT
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 1226
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: 65eea60fcee5ecdfdbb1acd1ba7cc66b
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 09:02:09 GMT
server: AmazonS3
etag: W/"65eea60fcee5ecdfdbb1acd1ba7cc66b"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: e3UYGOb-v_Pqhx9LdeVInCdcpFg3NVO8_yDwzEZEnN7kQ2mBti86Lw==

GET
H3 200 gamestop.svg
s3-symbol-logo.tradingview.com/ Frame 527C 1 KB
1 KB 10ms
9ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/gamestop.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:00:35 GMT
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 1585
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: bbf56edc1acae4673f8e03ab9e3e2290
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 08:53:53 GMT
server: AmazonS3
etag: W/"bbf56edc1acae4673f8e03ab9e3e2290"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: fBzcylXmnVtcZQ23xe1b3odRk-nTovahqlPRC4oA4XcLhl4FaqFSCQ==

GET
H3 200 icahn-enterprises.svg
s3-symbol-logo.tradingview.com/ Frame 527C 168 B
599 B 9ms
8ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/icahn-enterprises.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c589c7f1b9c73d8c3a073c49d14d7acc7d8af6e2bee79ed841cf07ec635c851f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:43:39 GMT
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 2627
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: 78b7400ec504733273e5f39b20f5f3c7
alt-svc: h3=":443"; ma=86400
content-length: 168
last-modified: Wed, 08 Sep 2021 09:00:49 GMT
server: AmazonS3
etag: "78b7400ec504733273e5f39b20f5f3c7"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: Jq1-OK16fUq84uqcsu8bSr-wuXsdO1vehFAPtZY8ASNpWaHoTJQK4g==

GET
H3 200 s-and-p-500.svg
s3-symbol-logo.tradingview.com/indices/ Frame 527C 1 KB
948 B 9ms
8ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
Requested by: Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.3fbe4fab9c14ffb75527.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc65c6721af6fef8b02dca12cd466a18150acbe66203f45d76782f210194867e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:17:24 GMT
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 574
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: f120e635d6a57528861fe87233bc6c11
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 May 2022 07:17:22 GMT
server: AmazonS3
etag: W/"f120e635d6a57528861fe87233bc6c11"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: o5zLhoUjua_U8xj6FcaTeu1-Ip2lmDE29qONIcWhmkmPd0ZQcUXPew==

GET
H3 200 nasdaq-100.svg
s3-symbol-logo.tradingview.com/indices/ Frame 527C 777 B
1 KB 9ms
9ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
Requested by: Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.3fbe4fab9c14ffb75527.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:34:46 GMT
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 3132
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: fe60c6206a39b7984b1ebb2b8234c5ab
alt-svc: h3=":443"; ma=86400
content-length: 777
last-modified: Thu, 26 May 2022 07:17:23 GMT
server: AmazonS3
etag: "fe60c6206a39b7984b1ebb2b8234c5ab"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: Qeg7MBwUrDxanbl76fOJV8pdJ731ig7zXAcy1LxawbrVRvQrvV_6Zg==

GET
H3 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 527C 3 KB
815 B 9ms
9ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Requested by: Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.3fbe4fab9c14ffb75527.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:44:58 GMT
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 2519
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
server: AmazonS3
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: QI0NjRXGpUIlCu344-6Zbxxlh_O3hJanxlBBHIpm27GSoMM1mLILEw==

GET
H3 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 527C 870 B
1 KB 9ms
9ms Image
image/svg+xml 2600:9000:225e:7000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Requested by: Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.3fbe4fab9c14ffb75527.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:7000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:45:22 GMT
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
age: 2496
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
alt-svc: h3=":443"; ma=86400
content-length: 870
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
server: AmazonS3
etag: "e9173ef4613c3da43c45885ea39c4b96"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 1Odr_fu-V4fDUS73urxwyfrD0JoPLtV5SQPMXgf64Q6qy0jx8GlF3g==

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 4 KB
2 KB 64ms
55ms Script
application/x-javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1674574017777829719608&lct=1674000000&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=370&h=1095&maxw_3=366&maxh_3=247&cols=1&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=63cff8c2-0fce7&pageView=1&pvid=185e463b43eab11cc12&implVersion=10&dpr=1&tfre=1063
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77bfd39cf6ec513fa22176f557217b1be99383cf47c07ca6e2f6e655ca5fae28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 78e9ca5b2b679a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/720413/ 1 KB
955 B 227ms
227ms Script
application/x-javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720413/1?scum=%3F0&scuw=%3F0&mp4=1&ap=1&w=370&h=330&maxw_1=366&maxh_1=284&ident_p=true&cols=1&pv=5&cbuster=1674574017793549176962&uniqId=04773&lct=1674000000&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=63cff8c2-0fce7&pageView=0&pvid=185e463b43eab11cc12&implVersion=11&dpr=1&tfre=1079
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dba31a9f09567787915fc79f95dc4264b20905b4a6d1ec72ace4de250c21fc82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 78e9ca5b3b7b9a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/720415/ 1 KB
938 B 236ms
236ms Script
application/x-javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720415/1?scum=%3F0&scuw=%3F0&mp4=1&ap=1&w=370&h=330&maxw_1=366&maxh_1=284&ident_p=true&cols=1&pv=5&cbuster=1674574017795842835502&uniqId=0cc93&lct=1674000000&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=63cff8c2-0fce7&pageView=0&pvid=185e463b43eab11cc12&implVersion=11&dpr=1&tfre=1081
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3368b190f77e2394ec13bd7bba3e623d104035f6242e3a41ee9a53b0f87ba5d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 78e9ca5b3b829a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC81NDE5ODEvOWFjY...
s-img.mgid.com/g/14293688/492x277/-/ 18 KB
18 KB 62ms
28ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14293688/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC81NDE5ODEvOWFjYzY3NzdmNTJjNzc1OTA3ODRhMWJlMGIxMzhkMTQuanBlZw.webp?v=1674574017-9WyCVP80TUzLE0YyNNWQl5Q07F8BM9mG1LZusyLy1BQ
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71067e23db2a0cff04bbf93fabf21a38b21943a2e7cafae9db7e845078885cbb

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Dec 2022 10:16:08 GMT
x-mg-request-uuid: 6e2a814d-90ca-4726-9960-6e90f61e5a20
server: cloudflare
age: 1770810
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78e9ca5bcf732d04-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18362

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS81NDcyNTgvMTYyY...
s-img.mgid.com/g/15195168/492x277/-/ 14 KB
14 KB 78ms
45ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15195168/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS81NDcyNTgvMTYyYjU3MGQ0MWQxMTQzMjMwMTdiNjY3ZmE2NjM4MDEuanBn.webp?v=1674574017-AtsFa_0mpsElq_MPO-SXWj6BcZi6a9oldB1SQXKx_Vk
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb1a0866742e391a1f67fc4ee93804ab0ffd570870af2a28586b39ac1695a91b

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 12:06:48 GMT
x-mg-request-uuid: c327a574-78dc-4d9f-95ac-26f8da6ec232
server: cloudflare
age: 11812
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78e9ca5bcf762d04-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14116

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi80NDY5MjcvNDE2ZWQ0MmEyNDhhYjc3Z...
s-img.mgid.com/g/11613777/492x277/-/ 19 KB
20 KB 51ms
19ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11613777/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi80NDY5MjcvNDE2ZWQ0MmEyNDhhYjc3ZjNhNGIxMzhhODYyMTM3ZTMuanBlZw.webp?v=1674574017-Z70tVHXj1vFzMf1MdfplsDnQ6SogizlWZ8ZLsRJ1VQQ
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37d56c3df75ebee23cca9b8070e9432451fd370aa1e409247f88c47b8a4cda09

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Dec 2021 13:17:42 GMT
x-mg-request-uuid: e615c4d0-276c-4ee6-bbf6-19ba22e001e6
server: cloudflare
age: 1771107
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78e9ca5bcf772d04-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19872

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS83MTExMjYvZDBmO...
s-img.mgid.com/g/14213652/492x277/-/ 19 KB
19 KB 64ms
32ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14213652/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS83MTExMjYvZDBmODZmMzYxYWIxMTk0ODk0MTg2YWQyNTE1ODQxZTguanBn.webp?v=1674574017-hZiiCEmL3ycvowQO-UhRSuYx3m510vcFWuvHSJat9PI
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 258fec8722e5dfbd22339dca550e010c55c4fdef35ca2622d9bf3bc96317f13a

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Jan 2023 08:53:19 GMT
x-mg-request-uuid: 8f641ac7-197a-4eb6-8599-63142e02ee95
server: cloudflare
age: 1550963
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78e9ca5bcf7a2d04-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19010

GET
H2 200 i.js Show response
cm.mgid.com/ 0
101 B 121ms
107ms Script
application/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1674574017855747404855
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 78e9ca5bbc5a9a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 88BF 0
37 B 112ms
112ms Script
application/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1674574017869969707212
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 15:26:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 78e9ca5bbc589a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
17 KB 67ms
24ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: HF79PDKRZBHBZCEA
age: 182
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 78e9ca5c2ce0997a-FRA
x-amz-id-2: d6YXv2aqwcTOb9vCXp5wuAtkAcEHI60J3TZSO9HzTC+Is9Wujb9Ah88TDiX3VWoTdGyXWE7zLGs=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 227 KB
72 KB 106ms
7ms Script
application/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 12:15:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=122435
accept-ranges: bytes
content-length: 73257
expires: Thu, 26 Jan 2023 01:27:33 GMT

GET
H3 200 widget-ssp-performance
c.mgid.com/ 43 B
167 B 26ms
26ms Image
image/gif 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=237
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78e9ca5ccb8e2c6e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/gif

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzQ0NjkyNy80MTZlZDQyYTI0OGFiNzdmM...
s-img.mgid.com/g/11613777/492x328/-/ 22 KB
23 KB 22ms
21ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11613777/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzQ0NjkyNy80MTZlZDQyYTI0OGFiNzdmM2E0YjEzOGE4NjIxMzdlMy5qcGVn.webp?v=1674574017-EsKlFARNrVqab_CVpFz9yF0wX845kUEY1sX0HVKwHJ4
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f7132fb6c79568fe7b5313ab941ba9a8df49db83ba6c9e1ed14f3661df5d12d

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Dec 2021 13:17:31 GMT
x-mg-request-uuid: 6de8f82c-2316-4212-ac64-1dc347cc361d
server: cloudflare
age: 1769667
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78e9ca5cd9662d04-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22810

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEyLzQ4NTEwMC9iMWQyM...
s-img.mgid.com/g/15195750/492x328/-/ 19 KB
19 KB 20ms
20ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15195750/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEyLzQ4NTEwMC9iMWQyMmZiMTU4NThlOTIxYzliZWZmNDg1OTRlNjZmMy5qcGVn.webp?v=1674574017-09Gy1gxGuH_J0l8H4B3ztN8KZufHYjuCAK0hLWIeXKg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d0fdee477c094ee4e690f9e6f70f71285e356b8c0e01a8d3c509b2893cf6531

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 09:17:59 GMT
x-mg-request-uuid: e0a67ccb-3c83-4478-8863-76f9be12e6f8
server: cloudflare
age: 21669
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78e9ca5cd96f2d04-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19216

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 107ms
34ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

f2899f91dc32f3faf99899fcbb754711dc57aca020fd693ed722ccadb073f8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
232 B 39ms
7ms XHR
application/json 2001:41d0:701:1000::31ee
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::31ee , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6342d04d94a245436333810a1fc204c29aa4209f7ad44c2dc0a06620073b3c19

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 24 Jan 2023 15:26:58 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H3 200 jsDynamic-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 4 KB
2 KB 38ms
36ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202212281.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1882806
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-105e"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 78e9ca5d0e45bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:05 GMT

GET
H3 200 responsive-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
1 KB 38ms
37ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202212281.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1882806
cf-polished: origSize=1728
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-6c0"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 78e9ca5d0e48bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:05 GMT

GET
H3 200 validate-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 7 KB
2 KB 36ms
35ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202212281.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c5482525141cafe3826dd5c62639094fe6053531a9b93af37c3c396c2681d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 711584
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:46 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be6-1a18"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 78e9ca5d0e49bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:05 GMT

GET
H3 200 loadmore-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
3 KB 40ms
39ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202212281.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1882805
cf-polished: origSize=14745
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-3999"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 78e9ca5d0e4bbc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:05 GMT

GET
H3 200 lazy-loading-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 124 B
592 B 51ms
49ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/lazy-loading-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202212281.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1883048
cf-polished: origSize=173
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-ad"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 78e9ca5d0e4ebc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 09 Jan 2023 20:04:05 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 75 KB
26 KB 131ms
50ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202212281.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0dedcc5a82ca28d25465eba9bfd3ec330f20e93f4aec121a8bf71d4121f961c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 15:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showing.php Show response
a1.beforeitsnews.com/dAjax/ 120 KB
12 KB 764ms
749ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.beforeitsnews.com/dAjax/showing.php?_=1674574018125

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43a6f6debf6d6a498f2b133a5a0a312b758a19d9eb2045177e1a43d50afaec10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private
access-control-max-age: 3628800
cf-ray: 78e9ca5d6a302c5e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 54ms
24ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-202212281.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 502
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 78e9ca5d9bff5caa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 27 Jan 2023 15:26:58 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 28ms
8ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

f2899f91dc32f3faf99899fcbb754711dc57aca020fd693ed722ccadb073f8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
232 B 9ms
8ms XHR
application/json 2001:41d0:701:1000::31ee
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::31ee , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 58a9c974d10b0bdf9b41741b59bc435c213b7c9f84c597693f58bc82fd0e42c8

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 24 Jan 2023 15:26:58 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 47ms
31ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

f2899f91dc32f3faf99899fcbb754711dc57aca020fd693ed722ccadb073f8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
232 B 12ms
7ms XHR
application/json 2001:41d0:701:1000::31ee
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::31ee , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 4bd3fe755ebbba60d2916bb4e3fc258d0f168c785f4c224a5044edba42859628

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 24 Jan 2023 15:26:58 GMT
content-length: 54
vary: Origin
content-type: application/json

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
627 B 31ms
9ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

469eff1f50620aa14601b9cd62f2338258596ff0109b63f27aaaab6fc44df62c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
627 B 32ms
9ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

c21b79a5bb3f7281d31970036ed3b84620834b727234947def4f75cd6f6f6bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 33ms
33ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1505
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 78e9ca5dbc4a5caa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 27 Jan 2023 15:26:58 GMT

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
627 B 17ms
8ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

9268d466af386c0e7215ab2d21699b627b44fe27f8e6c5d97ad5ffa353a78d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Tue, 24 Jan 2023 15:26:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 web Show response
onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/ 4 KB
2 KB 39ms
25ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad94b975086564c977e2a1157cf2b28ae6996847e89f14e60d3f16bc7e427745

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 3428
cf-polished: origSize=4420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c8eb74dc-8220-47ee-a73e-9de8a6aa39fe
x-runtime: 0.025067
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"108ef4911b3c7d0bde4df796919d2e0a"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 78e9ca5e2d6b5caa-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 24 Jan 2023 16:26:58 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 22 KB
4 KB 117ms
36ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de._vxCRCupBf4.O/d=1/rs=AN8SPfryv0FA1Eq2T42h4tNtfa8kXID3gw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8953492dba77df435e5fbcd568b638fe049279d04fa0403f859d33e72fea74e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3632
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 24 Jan 2023 15:36:53 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de._vxCRCupBf4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfryv0FA1Eq2T42h4tNtfa8kXID3gw/ 207 KB
74 KB 117ms
37ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de._vxCRCupBf4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfryv0FA1Eq2T42h4tNtfa8kXID3gw/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de._vxCRCupBf4.O/d=1/rs=AN8SPfryv0FA1Eq2T42h4tNtfa8kXID3gw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 20:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75142
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 22:10:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 20:08:11 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 26ms
25ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2900
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 78e9ca5e68862be2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 15:26:58 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/ 44 B
528 B 65ms
47ms Fetch
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
x-xss-protection: 1; mode=block
x-request-id: 2cc2eda4-96c4-40d9-ae35-7ef0f9428067
x-runtime: 0.009118
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e51140cdcd044ad76335646936ec5319"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
cf-ray: 78e9ca5eb8262c75-FRA
access-control-allow-headers: SDK-Version

GET
H3 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
2 KB 36ms
36ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1881506
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-8ab"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca5f0aacbc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:11 GMT

GET
DATA 200
OK truncated Show response
/ Frame CC0A 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 275ms
38ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:12:25 GMT
x-content-type-options: nosniff
age: 873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 24 Jan 2024 15:12:25 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 1BF8 22 KB
4 KB 36ms
35ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de._vxCRCupBf4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfryv0FA1Eq2T42h4tNtfa8kXID3gw/m=el_main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8953492dba77df435e5fbcd568b638fe049279d04fa0403f859d33e72fea74e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3632
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 24 Jan 2023 15:36:53 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 272ms
37ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:05:24 GMT
x-content-type-options: nosniff
age: 1294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 24 Jan 2024 15:05:24 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
320 B 50ms
50ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 15:26:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
rumble.com/embed/v24agd4/ Frame 96AB 17 KB
8 KB 569ms
184ms Document
text/html 172.98.57.100
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/v24agd4/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.100 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

877f82e0c49ee94a6458179e80a7c054ed9f1df4406c9c6634a5887bedfd4370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=1
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 24 Jan 2023 15:26:59 GMT
link: <https://rumble.com/v26wl4e-following-diamonds-death-silk-now-engaged-in-necromancy-and-autowriting.html>; rel="canonical"
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
vary: Accept-Encoding

GET
H2 200 aRBsbkNZEvY Show response
www.youtube.com/embed/ Frame 8D51 68 KB
28 KB 219ms
130ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/aRBsbkNZEvY

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ff18560218976d743e5e6ce67f6ace5acafd2f1e9028dda46b2855aa472380e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 15:26:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 94ffcdb0680690132d3ef97592cbc74e20387484.jpeg
beforeitsnews.com/img/year2023/01/ 16 KB
16 KB 42ms
40ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/year2023/01/94ffcdb0680690132d3ef97592cbc74e20387484.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c56f2323f2989f02aae3d11743ea8798eec7b75206035cacc2cdce72eafb9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1880404
cf-polished: origSize=17070, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16067
last-modified: Wed, 30 Jan 2019 00:31:53 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5c50f079-42ae"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca625a01bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:27:37 GMT

GET
H3 200 080e11447b9e43711f1bacad58d3d182bf3dff3d.jpg
beforeitsnews.com/img/year2023/01/ 31 KB
32 KB 57ms
55ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/year2023/01/080e11447b9e43711f1bacad58d3d182bf3dff3d.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d3b433431802d018a8b322eb26e7e4afa84001f6dcc52d62b4ce661722f1660

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1882574
cf-polished: origSize=34991, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32023
last-modified: Sun, 09 May 2021 18:46:36 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "60982e0c-88af"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca625a02bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:27:39 GMT

GET
H3 200 70189017dfbe10d1266577b2701c43e156554529.jpg
beforeitsnews.com/img/banner_contract/ 60 KB
61 KB 34ms
31ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/70189017dfbe10d1266577b2701c43e156554529.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc93f930396c1e55d7d0ebce7db81b3b9f12fbaa3e4b7fe184787ba9c16b6dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1883406
cf-polished: origSize=69526, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61721
last-modified: Thu, 06 Oct 2022 00:57:10 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "633e27e6-10f96"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca625a04bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:05 GMT

GET
H3 200 f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
beforeitsnews.com/img/banner_contract/ 36 KB
36 KB 57ms
54ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1883406
cf-polished: origSize=36512, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36504
last-modified: Sat, 22 May 2021 12:16:37 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "60a8f625-8ea0"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca625a05bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:04 GMT

GET
H3 200 273ceae2fc3c0ab4b860bbeb5b0ec043cfe78267.jpg
beforeitsnews.com/img/banner_contract/ 24 KB
24 KB 40ms
36ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/273ceae2fc3c0ab4b860bbeb5b0ec043cfe78267.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

642dbae86cac1cdb3ec7335358c89e077a11b5d28bdc51dd706216af312e7dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1017165
cf-polished: origSize=25060, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24113
last-modified: Thu, 12 Jan 2023 20:49:19 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63c0724f-61e4"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca625a06bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 12 Jan 2024 20:49:19 GMT

GET
H3 200 1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg
beforeitsnews.com/img/banner_contract/ 81 KB
82 KB 38ms
35ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1883406
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83236
last-modified: Fri, 04 Mar 2022 07:11:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6221bbbb-14524"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca625a07bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:05 GMT

GET
H3 200 39809350864b0a3554f604e504aca8b82b3c4df8.jpg
beforeitsnews.com/img/banner_contract/ 39 KB
40 KB 43ms
40ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/39809350864b0a3554f604e504aca8b82b3c4df8.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bf1ff7c861b303af85db79af26f29bd653f3a16fe257b9c2614d46e8b85f683

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1883406
cf-polished: origSize=46051, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40061
last-modified: Tue, 08 Nov 2022 05:16:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6369e647-b3e3"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 78e9ca625a08bc04-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 02 Jan 2024 20:04:05 GMT

GET
H2 200 SHCcaxGqfEM Show response
www.youtube.com/embed/ Frame BE11 68 KB
29 KB 156ms
94ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/SHCcaxGqfEM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1106ec9a93277df6d86961f48f351b7230207297ef58e958d451568829f06bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 15:26:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/4248d311/ Frame BE11 360 KB
49 KB 47ms
46ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SHCcaxGqfEM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SHCcaxGqfEM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:46:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49911
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Jan 2024 11:46:56 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BE11 15 KB
15 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SHCcaxGqfEM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 19:21:27 GMT
x-content-type-options: nosniff
age: 590732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 19:21:27 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BE11 15 KB
15 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SHCcaxGqfEM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:59:48 GMT
x-content-type-options: nosniff
age: 592031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 17 Jan 2024 18:59:48 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4248d311/www-embed-player.vflset/ Frame BE11 342 KB
107 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SHCcaxGqfEM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SHCcaxGqfEM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 09:40:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109432
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Jan 2024 09:40:46 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame BE11 2 MB
599 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SHCcaxGqfEM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a433e03ca9fc6dbff0d21de71dd9bdd710808a0833683aad93788ff208f0e306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SHCcaxGqfEM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:02:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 612479
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Jan 2024 16:02:19 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/ Frame BE11 9 KB
3 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SHCcaxGqfEM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SHCcaxGqfEM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 16:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81838
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Jan 2024 16:43:01 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/4248d311/ Frame 8D51 360 KB
49 KB 132ms
131ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aRBsbkNZEvY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/aRBsbkNZEvY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:46:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49911
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Jan 2024 11:46:56 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D51 15 KB
15 KB 35ms
35ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aRBsbkNZEvY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 19:21:27 GMT
x-content-type-options: nosniff
age: 590732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 19:21:27 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D51 15 KB
15 KB 49ms
49ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aRBsbkNZEvY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:59:48 GMT
x-content-type-options: nosniff
age: 592031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 17 Jan 2024 18:59:48 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4248d311/www-embed-player.vflset/ Frame 8D51 342 KB
107 KB 128ms
127ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aRBsbkNZEvY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/aRBsbkNZEvY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 09:40:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109432
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Jan 2024 09:40:46 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 8D51 2 MB
599 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aRBsbkNZEvY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a433e03ca9fc6dbff0d21de71dd9bdd710808a0833683aad93788ff208f0e306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/aRBsbkNZEvY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:02:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 612479
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Jan 2024 16:02:19 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/ Frame 8D51 9 KB
3 KB 130ms
129ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aRBsbkNZEvY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/aRBsbkNZEvY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 16:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81838
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Jan 2024 16:43:01 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame BE11
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

46ms
46ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SHCcaxGqfEM

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab8ae0aefb884be0285a216de243eb1c3b97735b2d8d19d54c91c467ebc9e8f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 24 Jan 2023 15:26:59 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame BE11 29 B
588 B 169ms
51ms Script
text/javascript 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:16:54 GMT
x-content-type-options: nosniff
age: 605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 15:31:54 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 135ms
47ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 24 Jan 2023 15:26:59 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BE11 66 KB
30 KB 58ms
54ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5f55c291951619eaa67cca30096997468075bedfe6303e74271d0e95e3d8e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 24 Jan 2023 15:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30923
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame BE11 119 KB
37 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5664fcf19557b11d3f0fcc04ddc212955127891377cb7ebfe411dc46ab2c93e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SHCcaxGqfEM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 17:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 339054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37359
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Jan 2024 17:16:05 GMT

GET
H3 200 wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js Show response
www.google.com/js/th/ Frame BE11 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0135793b43a5767641dac229394d46fa89dd1fc9d0ea9717eb585c89750e97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 427333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14173
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 16:44:46 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame BE11 26 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ce0d28ff580ad038695051ae756991625aa3882e7ae7e743d00f37bf17ff833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SHCcaxGqfEM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429862
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8398
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Jan 2024 16:02:37 GMT

GET
DATA 200
OK truncated
/ Frame BE11 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame BE11 942 B
1 KB 134ms
37ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SHCcaxGqfEM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 13:18:15 GMT
x-content-type-options: nosniff
server: fife
age: 7724
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 942
x-xss-protection: 0
expires: Wed, 25 Jan 2023 13:18:15 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/SHCcaxGqfEM/ Frame BE11 28 KB
28 KB 51ms
49ms Image
image/jpeg 2a00:1450:400d:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/SHCcaxGqfEM/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGCMgVihyMA8=&rs=AOn4CLCucWQ0VtwT4ctCl5WOPyYZGaddbg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SHCcaxGqfEM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86d77a5e02277bd49f09d2b4e46ae55001fcac4aa5cc71ebc999510b2688696e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:31:33 GMT
x-content-type-options: nosniff
age: 3326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28183
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 24 Jan 2023 16:31:33 GMT

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame 96AB 77 KB
28 KB 177ms
176ms Script
application/javascript 172.98.57.100
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=335

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v24agd4/?pub=hw409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.100 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

eedda45be3c48912f2e0a2c7d947c1cca93370fbe26ac15e505f96a31b4bad46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/v24agd4/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:59 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br
last-modified: Tue, 17 Jan 2023 21:40:17 GMT
server: nginx
etag: W/"63c715c1-13452"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000

GET
H2 200 hls.js Show response
rumble.com/j/p/ Frame 96AB 283 KB
78 KB 350ms
350ms Script
application/javascript 172.98.57.100
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/hls.js?_v=335

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v24agd4/?pub=hw409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.100 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

c3172c7509bf4154cbb891f05ed395a2b6bddd8e58224f31861714165450aca0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/v24agd4/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:59 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br
last-modified: Wed, 28 Sep 2022 11:14:20 GMT
server: nginx
etag: W/"63342c8c-46c33"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000

GET
H2 200 UdK5h.qR4e-small-Following-Diamonds-Death-Si.jpg
sp.rmbl.ws/s8/1/U/d/K/5/ Frame 96AB 50 KB
50 KB 21ms
21ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/U/d/K/5/UdK5h.qR4e-small-Following-Diamonds-Death-Si.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/v24agd4/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 357711d207bb07e3130b6916376cbdfd931be8f24fbd21d0c45cd8af5d2a61ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:59 GMT
x-sp-metadata: HS256.CNONwJ4GEooBCiQzZTA5MjEzYy00ODYzLTQ3MGUtOWQ2OC1kMzYxNWZmMTRiZjQQ2N7OgrrD/AIaBgjD8b+eBiIPMTg1LjIxMy4xNTUuMTc3KMqGAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkZjg3YTFmYWItZjJjYy00MTk1LTk1MjItODgwYTZiYTdhOTNjGI6QAyIYCAISFGNkczMwOS5hbTUuaHdjZG4ubmV0.iCB+E/jhSXZaB7/OTm08COFwfmYn/wAXO93TPXnvbm0=
last-modified: Tue, 24 Jan 2023 10:42:00 GMT
server: nginx
etag: "8ba6ca992681b331154ecb274384a274"
x-hw: 1674574019.cds227.am5.hn,1674574019.cds309.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=70517
accept-ranges: bytes
content-length: 51214

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame BE11 4 KB
2 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 15:26:59 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BE11 90 B
134 B 59ms
59ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a19c76ce5b46b9051d0f4cd3b81614be3b72b4c99c03eb9ac372c65c5f1a0454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 24 Jan 2023 15:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 8D51
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

43ms
43ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aRBsbkNZEvY

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb928d8249b8939879d7ed5868215d1f2e56d5fbe1b0251612a55b77cf010335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 24 Jan 2023 15:26:59 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 8D51 29 B
89 B 47ms
47ms Script
text/javascript 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:16:54 GMT
x-content-type-options: nosniff
age: 605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 15:31:54 GMT

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8D51 66 KB
30 KB 55ms
54ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad6011ef10b4ff26a47da48d79798fd4fa52d93f6b71a420639af47c31d5a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 24 Jan 2023 15:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30967
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 8D51 119 KB
37 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5664fcf19557b11d3f0fcc04ddc212955127891377cb7ebfe411dc46ab2c93e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/aRBsbkNZEvY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 17:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 339054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37359
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Jan 2024 17:16:05 GMT

GET
H3 200 wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js Show response
www.google.com/js/th/ Frame 8D51 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0135793b43a5767641dac229394d46fa89dd1fc9d0ea9717eb585c89750e97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 427333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14173
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 16:44:46 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 8D51 26 KB
8 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ce0d28ff580ad038695051ae756991625aa3882e7ae7e743d00f37bf17ff833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/aRBsbkNZEvY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429862
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8398
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Jan 2024 16:02:37 GMT

GET
DATA 200
OK truncated
/ Frame 8D51 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 8D51 942 B
1000 B 37ms
36ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aRBsbkNZEvY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 13:18:15 GMT
x-content-type-options: nosniff
server: fife
age: 7724
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 942
x-xss-protection: 0
expires: Wed, 25 Jan 2023 13:18:15 GMT

GET
H3 200 sddefault.jpg
i.ytimg.com/vi/aRBsbkNZEvY/ Frame 8D51 40 KB
40 KB 48ms
47ms Image
image/jpeg 2a00:1450:400d:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/aRBsbkNZEvY/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEEgUihyMA8=&rs=AOn4CLAc4JsejqYNQsfm0IybmnD5aFLg2w

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aRBsbkNZEvY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

005e51a0337fe8a0fdaeeadf46311ff99173b9f2f47c4fc20bfa9986f06d10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:57:03 GMT
x-content-type-options: nosniff
age: 1796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41348
x-xss-protection: 0
server: sffe
etag: "1665577236"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 24 Jan 2023 16:57:03 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/109/ Frame BE11 50 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/109/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 06:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 15:07:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 25 Jan 2023 06:49:42 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 96AB 49 KB
20 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=335

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Jan 2023 14:26:10 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3649
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 24 Jan 2023 16:26:10 GMT

POST
H2 200 view...24agd4.r08w6s
rumble.com/l/ Frame 96AB 35 B
191 B 178ms
178ms Ping
image/gif 172.98.57.100
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...24agd4.r08w6s?p=2.3&r=109537009&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.100 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/v24agd4/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 24 Jan 2023 15:26:59 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
server: nginx
log-code: 3
content-type: image/gif

GET
H2 200 playlist.m3u8 Show response
rumble.com/live-hls-dvr/24agd4/ Frame 96AB 412 B
675 B 177ms
176ms XHR
application/vnd.apple.mpegurl 172.98.57.100
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/live-hls-dvr/24agd4/playlist.m3u8?u=0&b=0

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/hls.js?_v=335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.100 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

5a63164e9def4cd43dec7f74753671ff0623da806448ee3167219daf1e3b372e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/v24agd4/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:27:00 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: stale-if-error=604800,stale-while-revalidate=60,max-age=60,public
content-length: 412
expires: Tue, 24 Jan 2023 15:28:00 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
46ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 24 Jan 2023 15:26:59 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 46ms
45ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 24 Jan 2023 15:26:59 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8D51 90 B
134 B 52ms
52ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36364e851341713c98f87e80a28590c25bb559de617362d1aa000a4c40310c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 24 Jan 2023 15:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 45ms
45ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 24 Jan 2023 15:27:00 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 96AB 4 B
24 B 45ms
45ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2013361832&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.v24agd4%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Following%20Diamond%27s%20Death%2C%20Silk%20Now%20Engaged%20In%20Necromancy%20%26%20Autowriting%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&_u=YEBAAEABAAAAACgBIC~&jid=285966168&gjid=1852905742&cid=1653774909.1674574020&tid=UA-44331619-1&_gid=1322828078.1674574020&_r=1&_slc=1&z=1465217869

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 15:27:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 96AB 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2013361832&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.v24agd4%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Following%20Diamond%27s%20Death%2C%20Silk%20Now%20Engaged%20In%20Necromancy%20%26%20Autowriting%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&ec=Embed&ea=View&el=v24agd4&_u=YEBAAEABAAAAACgBIC~&jid=&gjid=&cid=1653774909.1674574020&tid=UA-44331619-1&_gid=1322828078.1674574020&z=907764817

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v24agd4/?pub=hw409

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 09:07:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22754
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 8D51 4 KB
2 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 15:27:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 96AB 4 B
25 B 23ms
23ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-44331619-1&cid=1653774909.1674574020&jid=285966168&gjid=1852905742&_gid=1322828078.1674574020&_u=YEBAAEAAAAAAACgBIC~&z=328879834

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 24 Jan 2023 15:27:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 96AB 42 B
63 B 69ms
69ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-44331619-1&cid=1653774909.1674574020&jid=285966168&_u=YEBAAEAAAAAAACgBIC~&z=1687476786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 15:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame 96AB 42 B
107 B 81ms
80ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-44331619-1&cid=1653774909.1674574020&jid=285966168&_u=YEBAAEAAAAAAACgBIC~&z=1687476786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 15:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/109/ Frame 8D51 50 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/109/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 06:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 15:07:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 25 Jan 2023 06:49:42 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame BE11 28 B
54 B 82ms
81ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
X-Goog-Request-Time: 1674574022361
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/SHCcaxGqfEM
X-YouTube-Client-Version: 1.20230111.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtiaEZMSlBMWXg2QSjD8b-eBg%3D%3D
X-YouTube-Ad-Signals: dt=1674574019243&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C370%2C246&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 24 Jan 2023 15:27:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 24 Jan 2023 15:27:02 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 8D51 28 B
54 B 48ms
48ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
X-Goog-Request-Time: 1674574022435
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/aRBsbkNZEvY
X-YouTube-Client-Version: 1.20230111.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtUVE5qMk5LMEFpZyjD8b-eBg%3D%3D
X-YouTube-Ad-Signals: dt=1674574019334&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C367%2C245&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 24 Jan 2023 15:27:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 24 Jan 2023 15:27:02 GMT

Verdicts & Comments Add Verdict or Comment

287 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s3
beforeitsnews.com/	1970-01-20 09:09:42	Name: __cflb Value: 04dToerZmTfQcfwEHt8ULGdndf17BZ3rMBsZy7xKfd
.mgid.com/	1970-01-20 09:09:35	Name: __cf_bm Value: AwWMQskfwrt.vtrt6t816JSoarUtajhbNxUlu9Q90U8-1674574016-0-AdmXpYL1/iffl8lvVdBCF97jNGK9DLSok61GpHT+1snP1j14GS0dx4KnO4W+Zs0X9syBDT/iZVP2SxV8Nmr7guI=
beforeitsnews.com/	1970-01-20 18:45:34	Name: b4in-uuid Value: 01c5feea-d8ce-4414-bbcc-9a0b86a69913
.beforeitsnews.com/	1970-01-20 18:45:34	Name: _ga Value: GA1.2.1858559797.1674574017
.beforeitsnews.com/	1970-01-20 09:11:00	Name: _gid Value: GA1.2.2002177170.1674574017
.beforeitsnews.com/	1970-01-20 09:09:34	Name: _gat_UA-16055024-1 Value: 1
beforeitsnews.com/	1970-01-20 09:52:46	Name: _pbjs_userid_consent_data Value: 3524755945110770
beforeitsnews.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1674574017847%7D%2C%22C720413%22%3A%7B%22page%22%3A1%2C%22time%22%3A1674574018048%7D%2C%22C720415%22%3A%7B%22page%22%3A1%2C%22time%22%3A1674574018050%7D%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: -2sg9z6KgGY
.youtube.com/	1970-01-20 13:28:46	Name: DEVICE_INFO Value: ChxOekU1TWpJME1EWTBOelExTWpBek16WXhNZz09EMPxv54GGMPxv54G
.youtube.com/	1970-01-20 13:28:46	Name: VISITOR_INFO1_LIVE Value: TTNj2NK0Aig
.rumble.com/	1970-01-20 18:45:34	Name: _ga Value: GA1.2.1653774909.1674574020
.rumble.com/	1970-01-20 09:11:00	Name: _gid Value: GA1.2.1322828078.1674574020
.rumble.com/	1970-01-20 09:09:34	Name: _gat_rumble Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://beforeitsnews.com/(Line 169) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20230123_104333_958.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 169) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20230123_104333_958.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js Message: Unrecognized feature: 'web-share'.
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://fireballtim.com/wp-content/uploads/2023/01/DreamlandCarShow1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://fireballtim.com/wp-content/uploads/2023/01/SylvesterStallone1_POSTED.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/792498/images/1%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%202023-01-23%2021-15-56_Moment.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/738377/images/13DBBF66-E20B-44B8-83C4-AE60275840D7.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://fireballtim.com/wp-content/uploads/2023/01/JohnnyMartinez.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.beforeitsnews.com
ads.pubmatic.com
ajax.beforeitsnews.com
beforeitsnews.com
c.mgid.com
cdn.id5-sync.com
cdn.mgid.com
cdn.onesignal.com
cdn2.customads.co
cm.mgid.com
customads.co
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgflip.com
i.ytimg.com
id5-sync.com
iili.io
img.beforeitsnews.com
img.youtube.com
jnn-pa.googleapis.com
jsc.mgid.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
m.beforeitsnews.com
onesignal.com
pagead2.googlesyndication.com
pexoenne.site
rddywd.com
rumble.com
s-img.mgid.com
s.tradingview.com
s3-symbol-logo.tradingview.com
s3.tradingview.com
servicer.mgid.com
sp.rmbl.ws
static-3.bitchute.com
static.doubleclick.net
static.tradingview.com
stats.g.doubleclick.net
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.jamesredpillsamerica.com
www.myconfinedspace.com
www.ournewearthnews.com
www.prepperfortress.com
www.tradingview-widget.com
www.youtube.com
yt3.ggpht.com
104.18.255.14
141.95.98.64
143.204.215.19
151.139.128.10
162.19.138.118
162.241.30.109
172.98.57.100
18.66.112.36
18.66.97.95
2.18.233.180
2001:41d0:701:1000::31ee
207.38.87.190
2400:52e0:1e00::1082:1
2600:9000:225e:7000:1f:2f70:3e80:93a1
2606:4700:10::6816:3556
2606:4700:10::6816:4a8a
2606:4700:10::6816:4b8a
2606:4700:1::6813:844e
2606:4700:3030::6815:4d0
2606:4700:3031::ac43:b20f
2606:4700:3038::6815:eb46
2606:4700::6812:e134
2606:4700::6812:e234
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200a
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a00:1450:400c:c09::9a
2a00:1450:400d:802::2006
2a00:1450:400d:806::2003
2a00:1450:400d:806::2016
2a06:98c1:3120::3
35.190.30.115
99.86.4.40
005e51a0337fe8a0fdaeeadf46311ff99173b9f2f47c4fc20bfa9986f06d10a8
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
056b03edf4a33d5c9b4c145025a276266a95eda506b149973aeaaaa778c8c97f
05ca25fa74fb13d508e5e80cfb87b6c112ab536415c59ccce3ce4a956b9629bf
0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8
0c2d998988d5d2df29f08d2e4ad3641322fc2af1e4c96a388a3ed564199ac53c
0cef7bd797f823e80bef4b02ad9e7f451b8abee12a6063a4707dfb9cde1220c2
0ea20734cb830a4ce3e4bc91ae7eaca73b1e95cb5b38515bb1dcfe9baed1fdf3
0f92a9744abe399bad1b949e050c69d4b3490fcc677e4fa52188de3a32884714
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a
12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1
14bf61c5770a2cc70b8db4dc7fc902d71180cdf5d518ce6f3ca6eab1f5f56f55
14c51f0de90f3f9528679d1b7477a76aec15be7e3c8bc0848fa490483e3d405b
152af5c675f49905d731e13e60ce44bb199be2f1102ca1ddaf8434783435fae2
163d5c11f834ccff3bb12178c3b98f97881877007464cceba82f66c2668b43d6
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1ae27091f28bc446830f5e45027d17a1099b7ab8357aa5a72a5f3c84a6d87901
1c65f5fb98903274d505057dc79049625c53a410fee21859e6f902610e9d64ed
1ce0d28ff580ad038695051ae756991625aa3882e7ae7e743d00f37bf17ff833
1ed1b3057133066e90a0d34d9b7969f9e078a55a6d8798189f6f207fde7cf3f9
21194fe04d51c35097ae82c47060c996f7f856482eb14782bbb62787db74def1
23f394016e0da953dbd26c66ad280494ad6cd4a8f873819dd7d38fbbf214401e
24a5def112a50a4851378065e3b8c8d5718ea46fb62bc32e04960803605e6b80
258fec8722e5dfbd22339dca550e010c55c4fdef35ca2622d9bf3bc96317f13a
2703952e60425a622517c94e25a8de3f8cde240112f72f14eb39656ead0d93a8
293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643
2a2a485a12877fea07455a904403772cd14d17015280daa9f88882d21f5d8873
2a9d4d3404fc3eabc428099964e6cec84d198ef1b8933dbe12f25c70b65b9f9e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
2f3eba1194c88bed5aea71a0e612cac14a5f13af4b072395d3327a462a050325
31257fdc7fa342a349e0e054c694570eba2bd8e05f44444def4021d549ed8153
31568e93727ea81019c4ad3ee96535f2999688c83e5612c45096a0a576a31701
3368b190f77e2394ec13bd7bba3e623d104035f6242e3a41ee9a53b0f87ba5d9
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
35756cfdc99cea57d1bebba0304db1a4657bbfae0366c0bf15b1e48bdf113e9f
357711d207bb07e3130b6916376cbdfd931be8f24fbd21d0c45cd8af5d2a61ea
3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d
36364e851341713c98f87e80a28590c25bb559de617362d1aa000a4c40310c59
37d56c3df75ebee23cca9b8070e9432451fd370aa1e409247f88c47b8a4cda09
3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ee5811c76d7723bfd84473090c1a356eaaf8e383d33dfc592275a375c9197fc
4086e914356edc6a59a47ac5add3bfe4920bada525bbb722731ea281777ce172
425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4
43a6f6debf6d6a498f2b133a5a0a312b758a19d9eb2045177e1a43d50afaec10
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
43c56f2323f2989f02aae3d11743ea8798eec7b75206035cacc2cdce72eafb9b
469eff1f50620aa14601b9cd62f2338258596ff0109b63f27aaaab6fc44df62c
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c
4a726be2f2c71e83ac3a30833a22ee41fe2653aeedc4ef4699dc68ab85467d90
4b2c8d414700933213b9eb6361fbd2ed548aedc9ba2629fb51d220d29c77c115
4bd3fe755ebbba60d2916bb4e3fc258d0f168c785f4c224a5044edba42859628
4c0939c4a09ebdceae04db026a7ad9e0e6dfe9871b9a88331a559ca6bfea6910
4c5482525141cafe3826dd5c62639094fe6053531a9b93af37c3c396c2681d6d
4d4a5500923a659d39bd547d72f37372f7e97ab0cae00e9f25cf431095a7420a
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
4f4470e9ae3c02f22ea9a4e8325c3e3f130c85358b34fa657d666db99bbca520
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
525af95e89c1032ff2057a5d2fcb6ec74bbf3b59092fd46037c741fa208d6959
56438a82fdbefb67d4a30afd1d839de246b0e56832be695ade6660bdb6c35507
5664fcf19557b11d3f0fcc04ddc212955127891377cb7ebfe411dc46ab2c93e2
56e83a5f5c473db8b3becab638e5f9fd2b577775a699bdc313aa082103cfb79e
58a9c974d10b0bdf9b41741b59bc435c213b7c9f84c597693f58bc82fd0e42c8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a63164e9def4cd43dec7f74753671ff0623da806448ee3167219daf1e3b372e
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bbb640cd51526a0f853e067445ae206c8d5228fd5e26398b7f539193690685c
5bf1ff7c861b303af85db79af26f29bd653f3a16fe257b9c2614d46e8b85f683
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6159f32f1b79a94b26c2c580fdd4ffdfc91af5334f46c4d8b2a1597925fb2e78
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
628058fca88e7ac700d756cc7385084466fbff4cdf5a03ae683df5c49d3ea0d2
6342d04d94a245436333810a1fc204c29aa4209f7ad44c2dc0a06620073b3c19
642dbae86cac1cdb3ec7335358c89e077a11b5d28bdc51dd706216af312e7dc7
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a194ace54f5bfe33571be8873a85b98bfa9f7e7b7e9afc9e6fd9a354b23dd17
6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf
6a97d21e158e3bca5fb04e498c3a8599623c1ba805433d8363fdf59625e487ad
6baa953e15a3b8c9ea11599c20b1ea9b494c3c8e76b3fee6434ff014a2933ca8
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4
6d3b433431802d018a8b322eb26e7e4afa84001f6dcc52d62b4ce661722f1660
6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
6e9a7da361305d9aafe70f454854ac8e196eedf4a581c21f047e4d57793b2b1f
6ff18560218976d743e5e6ce67f6ace5acafd2f1e9028dda46b2855aa472380e
707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1
70a8e158db2d000a332b451889e71de1224fb81779bcc3896127f17db3e0a464
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
71067e23db2a0cff04bbf93fabf21a38b21943a2e7cafae9db7e845078885cbb
71c6ab1fd663285502f122d6bc980b0b4be04df668ee1205f4754ec6a220eb92
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
76d2bd4832614d4ac0742c3cbc98065f3e9296443ec4e89327ebbdf6ed8ea1aa
77bfd39cf6ec513fa22176f557217b1be99383cf47c07ca6e2f6e655ca5fae28
7908c2f4b89146df43567c37fef2bfcb60e7cbad27f8e6650c5d6f94388778b0
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7ae0f30adacf9f575f5a2f735319a79adb35bf6cc1515a99eccede2aacd65b85
7d0fdee477c094ee4e690f9e6f70f71285e356b8c0e01a8d3c509b2893cf6531
7dc98270face9301440983d4accc6262a72b70ed6b4743b1be7370fac84579df
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
8035415e273f3d46a5319e78f834eff33d2aad6473fc16188365ba2e619ca05e
80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db
827846bf37c1ddb30e84958ef807853bf1d2482b3629927c1034f84b85f32bf3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86d77a5e02277bd49f09d2b4e46ae55001fcac4aa5cc71ebc999510b2688696e
877f82e0c49ee94a6458179e80a7c054ed9f1df4406c9c6634a5887bedfd4370
88cc897c1a7d0c03a880c22ad87562233f4eea92dffc97a9a532daf1ec14b32c
8953492dba77df435e5fbcd568b638fe049279d04fa0403f859d33e72fea74e8
8a7a3e62af4f20eb035d9dcaeefa63a021b387fd588475e150eaacdaed129fe7
8caa7c25ed44ce832985cd27a85458a13433fc83e47f0ec40b364d9042a0e81a
8e1d6adcab102a7d67c015575699fd2df5a15db85ed628d6782caf243feba3d1
8ee3e1c1fe9cf8bc9804cf8b46b91f77d322c1d3fa7c1fb3dacd56f919bd4ca8
8f7132fb6c79568fe7b5313ab941ba9a8df49db83ba6c9e1ed14f3661df5d12d
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
902542dcb3c9920973692bc31d67d2802a7d622748a04f302e425c39d94e0198
903fcfe36c0cc8498c1da1afeb8e7ec6b1da3d1f8810bb19ad97e875764c9c08
90f87a06cb8013db52dcc04f5123531ac9b917789071e60af9c32a615b83f4aa
9268d466af386c0e7215ab2d21699b627b44fe27f8e6c5d97ad5ffa353a78d26
92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc
959921de973b59e11381ed7a5f03d3851d8debd0193c35d63aa02a41fbcbcd53
963e8f3a4445ad949ba7d22f576988862f6f6dd41dcdfd105534de80690262ac
968223d9a08ecd504af62126c91de12e96fe95e2a3c00853d9b1a268dd6af653
9b9fe71606636a37b6f7fb74e8ea572130d0f61dbcd92fe3ae40e80425f56fb2
9cc6ec239f234d5a18b64d69e6d302015311830e98901815992b422fe553c3a8
9d99577e02cb5c3614335bd7c1b9cc62e15ca71584c7552c44d6384135a5e001
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0d7b8a6237561de8a6c9369317d85f5d62d83b26847b181ddeef13c5ac3ea6b
a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a
a19c76ce5b46b9051d0f4cd3b81614be3b72b4c99c03eb9ac372c65c5f1a0454
a20b7d1ce9191eb91e7865d5792d5464ce35f112fda577d96eba93c719cd29ca
a433e03ca9fc6dbff0d21de71dd9bdd710808a0833683aad93788ff208f0e306
a47600637704c2c05ee69a3cd348a9c9a76f8a8f655899efeff70266ffb10fc9
a5068464290b2b7404e5f67f0bbbcabfc046b1e6d635430e91e77d96461c95ec
a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9
a7e44100eab9ff10eaf86232be5858183f50e27488f572f4899c71a60f73107d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab8ae0aefb884be0285a216de243eb1c3b97735b2d8d19d54c91c467ebc9e8f1
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ad6011ef10b4ff26a47da48d79798fd4fa52d93f6b71a420639af47c31d5a8eb
ad60e82991479b97628d23059388eee30e8ef242a8c5f66ca91e4b177e1a6261
ad94b975086564c977e2a1157cf2b28ae6996847e89f14e60d3f16bc7e427745
ae1f8288f965c987bd072fb347ba780ff8573fbc92c4a741463ed0a55b8ed833
ae97e0c940d6475f477f283bf51fffe26dcfaba529f989b2052fd6c8a027a328
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b417e1d332b4a5940b1339ce5e4c8cbc9357e8f7a55a830d1a61df0283a2d960
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2
b709a16e6634813d223a8c5402e76d5e213dad2dc59c438a67882b1e2eecdef0
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
ba19f839a13a8ba8183ca7c72e930db20468fb92ec85ba09f86257e5044b922e
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
ba33252fec71d8b8368c5d63034c7aaf7a9865ee20f2692f6cf5679c1a42ddd8
bb928d8249b8939879d7ed5868215d1f2e56d5fbe1b0251612a55b77cf010335
bc65c6721af6fef8b02dca12cd466a18150acbe66203f45d76782f210194867e
be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c
c0135793b43a5767641dac229394d46fa89dd1fc9d0ea9717eb585c89750e97c
c21b79a5bb3f7281d31970036ed3b84620834b727234947def4f75cd6f6f6bb0
c2523c13014e41785ad9af2c2a9892272cd99fd290a0bdca036ae43a5a7ff48f
c3172c7509bf4154cbb891f05ed395a2b6bddd8e58224f31861714165450aca0
c589c7f1b9c73d8c3a073c49d14d7acc7d8af6e2bee79ed841cf07ec635c851f
c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7
c669edfceea137a9c781896234e0aad6bb0e4b55938ba80e4880341686eb9ba5
c683e1ded44f6112b3b438fac52304ce7767dba7b4868e65743d7f027f41c3f2
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c
ca6922d67a8b337093ce7b289529513a600577d2df156ab5b50d71747f0a5330
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb19fbbe887b10fc39e63ba83f2da46f1c24f2d7e965a5cba217c0db9099d136
cb1a0866742e391a1f67fc4ee93804ab0ffd570870af2a28586b39ac1695a91b
ce628cae5a499a978e3786030f941b61fe70ae8bda2bc3f566186628775d58a2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d007d8ba01d248db9058f8c2cb6d706222a65d616dab31e022b6dd4d1cadc025
d0dedcc5a82ca28d25465eba9bfd3ec330f20e93f4aec121a8bf71d4121f961c
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d1b8a0fc8cd1e1cee4a88d59f5787fdd243f2fbf583f809d5c8d5028ea2b1162
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d2351d9ac99a6d257974674a546c4617de0875959382f900526b0d2ffb69a03b
d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619
d2d729d7f82fd615f7c77697904a2e44acb6976315d98c0c94e0820108cb7d00
d4108e6e1f52de73c63f4b5888c5d826de8284f7c34109a5f5990526c055d4a9
d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8a3a72207710b7b22ca2f4e82eb8fc7a14a514c655eeca8b8bc93ee2d467bbe
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dba31a9f09567787915fc79f95dc4264b20905b4a6d1ec72ace4de250c21fc82
dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816
dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391
dc8e25ec2dd84af976b1cf1e7755b77e2589b2f89617cdc8b7ef8e452cd97a30
e1106ec9a93277df6d86961f48f351b7230207297ef58e958d451568829f06bf
e35af5ce6d1832a7e591d556a26aec2c7d81d46a1f3d76000b1e94c56447e532
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b7c0c53821ed7cd18719a8f8097718fac9aa3a6fd4b7600f9c8642d8732af1
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e5f55c291951619eaa67cca30096997468075bedfe6303e74271d0e95e3d8e23
e7ed22984ba5f5e116b3f46a7f1ad252884d7ea0d9debfcca0356b0b0ace872c
edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eedda45be3c48912f2e0a2c7d947c1cca93370fbe26ac15e505f96a31b4bad46
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2899f91dc32f3faf99899fcbb754711dc57aca020fd693ed722ccadb073f8ab
f297139122eae436f4821d0b6ca590c1d0119f900cf1e6fa93dbc355f92250e0
f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897
f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0
f61aac9e57cffbba777d84600f93c49488c3f184c622fc7ad2befccc86152bb7
f80df881f4300620113717b24686456d7bd64ead2731d5c319ac1f1fd0fff489
f889c27015d4eb32a74d57f4fd5d3b67327065c7f7e021188e23a3b7d8ba7bdc
f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92
f8ca543be24fae0bffafd7ab5c7904ea9154be1069dcc0d93d3129744a0aed35
fc93f930396c1e55d7d0ebce7db81b3b9f12fbaa3e4b7fe184787ba9c16b6dfd
fd3b6ce4411c8cbbb668621aa4c93f279233372fcccd7516e3a228b161d95374
fda06c42bf9de3e7fbd7bcf44d22b897ec103692d8569c64d568c015500e7d23
fe19334709cd41c6c626aa65d242a3c096e5ef4d92097fc19fc27ab73d31d50a
fe2f2ccf31bf1b69c020d42c67ef29440eec4d6d6327e38af79c998a837846d6

beforeitsnews.com Open in urlscan Pro 2606:4700:10::6816:4b8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

275 Requests

96 %HTTPS

70 %IPv6

31 Domains

55 Subdomains

46 IPs

8 Countries

8922 kBTransfer

16374 kBSize

15 Cookies

30 Outgoing links

Page URL History

Redirected requests

275 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Screenshot
Live screenshot

Full Image

275
Requests

96 %
HTTPS

70 %
IPv6

31
Domains

55
Subdomains

46
IPs

8
Countries

8922 kB
Transfer

16374 kB
Size

15
Cookies

275 HTTP transactions
4 data transactions