beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4a8a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beforeitsnews.com/
Effective URL:
https://beforeitsnews.com/
Submission: On September 23 via manual (September 23rd 2022, 3:45:05 pm UTC) from US — Scanned from DE

Summary HTTP 268 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 48 IPs in 11 countries across 32 domains to perform 268 HTTP transactions. The main IP is 2606:4700:10::6816:4a8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com. The Cisco Umbrella rank of the primary domain is 155882.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2022. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 48	2606:4700:10:... 2606:4700:10::6816:4a8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.97.42 18.66.97.42	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:804::2016	15169 (GOOGLE) (GOOGLE)
17	2606:4700:1::... 2606:4700:1::6813:844e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:807::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
11	104.18.255.14 104.18.255.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700:303... 2606:4700:3033::6815:156e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	193.203.39.123 193.203.39.123	35711 (EXPANSION...) (EXPANSION-COMPUTERS-AS)
4	2400:52e0:1e0... 2400:52e0:1e00::865:1	200325 (BUNNYCDN) (BUNNYCDN)
1	52.250.30.213 52.250.30.213	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.60.38.190 65.60.38.190	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
11	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	209.58.165.79 209.58.165.79	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	2600:9000:223... 2600:9000:223c:ec00:18:9413:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:4b8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.89.58 143.204.89.58	16509 (AMAZON-02) (AMAZON-02)
26	18.66.97.26 18.66.97.26	16509 (AMAZON-02) (AMAZON-02)
2	35.190.30.115 35.190.30.115	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:804::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.51.9.34 184.51.9.34	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2600:9000:225... 2600:9000:225e:f000:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3038::6815:eb8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	141.95.98.70 141.95.98.70	16276 (OVH) (OVH)
3	2001:41d0:701... 2001:41d0:701:1000::31d2	16276 (OVH) (OVH)
3	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
19	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
3	38.70.190.101 38.70.190.101	399647 (RUMBLE) (RUMBLE)
2	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
268	48

48 2606:4700:10::6816:4a8a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-42.fra56.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:804::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:1::6813:844e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

borirait.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.255.14 (None, )

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:156e (United States)

ASN13335 (CLOUDFLARENET, US)

www.ournewearthnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.203.39.123 (Bucharest, Romania)

ASN35711 (EXPANSION-COMPUTERS-AS, RO)
PTR: mail6.startupdigital.ro

amg-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e00::865:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.250.30.213 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

external-content.duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.60.38.190 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: chip3.greengeeks.net

www.hopegirlblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.58.165.79 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: opal2.opalstack.com

tapnewswire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:ec00:18:9413:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4b8a (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-58.fra50.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 18.66.97.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-26.fra56.r.cloudfront.net

static.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.30.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.30.190.35.bc.googleusercontent.com

customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.9.34 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-34.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:225e:f000:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:eb8a (United States)

ASN13335 (CLOUDFLARENET, US)

img.rtbsystem.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.70 (France)

ASN16276 (OVH, FR)
PTR: ns3216620.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:41d0:701:1000::31d2 (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 38.70.190.101 (Toronto, Canada)

ASN399647 (RUMBLE, CA)

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	beforeitsnews.com 1 redirects beforeitsnews.com — Cisco Umbrella Rank: 155882 img.beforeitsnews.com — Cisco Umbrella Rank: 303216 m.beforeitsnews.com — Cisco Umbrella Rank: 402740 ajax.beforeitsnews.com — Cisco Umbrella Rank: 188065 a1.beforeitsnews.com — Cisco Umbrella Rank: 307411	885 KB
49	tradingview.com s3.tradingview.com — Cisco Umbrella Rank: 17812 s.tradingview.com — Cisco Umbrella Rank: 23315 static.tradingview.com — Cisco Umbrella Rank: 17335 s3-symbol-logo.tradingview.com — Cisco Umbrella Rank: 18822	282 KB
21	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7378 c.mgid.com — Cisco Umbrella Rank: 5166 cdn.mgid.com — Cisco Umbrella Rank: 10101 servicer.mgid.com — Cisco Umbrella Rank: 7579 s-img.mgid.com — Cisco Umbrella Rank: 4409 cm.mgid.com — Cisco Umbrella Rank: 1883	288 KB
20	youtube.com img.youtube.com — Cisco Umbrella Rank: 3092 www.youtube.com — Cisco Umbrella Rank: 96	2 MB
13	rmbl.ws sp.rmbl.ws — Cisco Umbrella Rank: 26465	429 KB
13	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40 www.googleapis.com — Cisco Umbrella Rank: 26 translate.googleapis.com — Cisco Umbrella Rank: 821 jnn-pa.googleapis.com — Cisco Umbrella Rank: 273	161 KB
11	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 340	40 KB
11	imgflip.com i.imgflip.com — Cisco Umbrella Rank: 24826	844 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	108 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	59 KB
6	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1406 lbs.eu-1-id5-sync.com	2 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 translate.google.com — Cisco Umbrella Rank: 1187	55 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3387 onesignal.com — Cisco Umbrella Rank: 1231	83 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1122 id5-sync.com — Cisco Umbrella Rank: 463	18 KB
4	bitchute.com static-3.bitchute.com — Cisco Umbrella Rank: 92697	71 KB
3	rumble.com rumble.com — Cisco Umbrella Rank: 19418	35 KB
3	customads.co cdn2.customads.co — Cisco Umbrella Rank: 125279 customads.co — Cisco Umbrella Rank: 89914	6 KB
3	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 117	93 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 232	2 KB
2	rtbsystem.org img.rtbsystem.org — Cisco Umbrella Rank: 18994	59 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6352	564 B
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 105781	1 KB
2	ournewearthnews.com www.ournewearthnews.com — Cisco Umbrella Rank: 445780	1 MB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	85 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 462	72 KB
1	jamesredpillsamerica.com jamesredpillsamerica.com	639 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105	57 KB
1	tapnewswire.com tapnewswire.com — Cisco Umbrella Rank: 367979	3 KB
1	hopegirlblog.com www.hopegirlblog.com — Cisco Umbrella Rank: 777881	12 KB
1	duckduckgo.com external-content.duckduckgo.com — Cisco Umbrella Rank: 6274	23 KB
1	amg-news.com amg-news.com — Cisco Umbrella Rank: 476130	747 KB
1	borirait.site borirait.site — Cisco Umbrella Rank: 304050	41 KB
268	32

	Domain	Requested by
30	beforeitsnews.com	1 redirects beforeitsnews.com
26	static.tradingview.com	s.tradingview.com static.tradingview.com
21	s3-symbol-logo.tradingview.com	beforeitsnews.com
18	www.youtube.com	beforeitsnews.com www.youtube.com
16	img.beforeitsnews.com	beforeitsnews.com
13	sp.rmbl.ws	beforeitsnews.com rumble.com
11	i.imgflip.com	beforeitsnews.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com beforeitsnews.com s.tradingview.com rumble.com
8	jnn-pa.googleapis.com	www.youtube.com
6	www.gstatic.com	translate.googleapis.com www.youtube.com www.gstatic.com
6	jsc.mgid.com	beforeitsnews.com jsc.mgid.com
5	www.google.com	beforeitsnews.com www.youtube.com
5	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com www.youtube.com
5	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com www.youtube.com
4	s-img.mgid.com	beforeitsnews.com
4	c.mgid.com	jsc.mgid.com beforeitsnews.com
4	stats.g.doubleclick.net	www.google-analytics.com customads.co
4	static-3.bitchute.com	beforeitsnews.com
3	rumble.com	beforeitsnews.com rumble.com
3	onesignal.com	cdn.onesignal.com
3	translate.googleapis.com	translate.googleapis.com
3	id5-sync.com	cdn.id5-sync.com
3	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
3	lb.eu-1-id5-sync.com	cdn.id5-sync.com
3	servicer.mgid.com	jsc.mgid.com
3	i.ytimg.com	beforeitsnews.com www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	cdn.onesignal.com	beforeitsnews.com cdn.onesignal.com
2	img.rtbsystem.org	beforeitsnews.com
2	cm.mgid.com	jsc.mgid.com
2	cdn.mgid.com	beforeitsnews.com
2	www.google.de	beforeitsnews.com
2	customads.co	cdn2.customads.co
2	rddywd.com	beforeitsnews.com
2	img.youtube.com	beforeitsnews.com
2	www.ournewearthnews.com	beforeitsnews.com
2	m.beforeitsnews.com	beforeitsnews.com
2	www.googletagmanager.com	beforeitsnews.com static.tradingview.com
1	a1.beforeitsnews.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	cdn.id5-sync.com	jsc.mgid.com
1	ads.pubmatic.com	jsc.mgid.com
1	s.tradingview.com	s3.tradingview.com
1	jamesredpillsamerica.com	beforeitsnews.com
1	ajax.beforeitsnews.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	cdn2.customads.co	beforeitsnews.com
1	tapnewswire.com	beforeitsnews.com
1	www.hopegirlblog.com	beforeitsnews.com
1	external-content.duckduckgo.com	beforeitsnews.com
1	amg-news.com	beforeitsnews.com
1	borirait.site	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
268	56

This site contains links to these domains. Also see Links.

Domain
www.herbanomics.com
www.tradingview.com
mitocopper.com
tinyurl.com
c206dt1hkf52hb9pfn3hobak55.hop.clickbank.net
forum.beforeitsnews.com
www.youtube.com
91a03fxdidgg3w4fglazb6s9fz.hop.clickbank.net
widgets.mgid.com
www.mgid.com
clck.mgid.com
www.braintuner.com
83424y5heky1e25rz5u8zx2pj3.hop.clickbank.net
dr.derm
parazitol
traugen
telegram.org
t.me
www.herbanomic.com
c4ab87v1jfg99ob6sl1ok12y2n.hop.clickbank.net
5f2fdk13ncob7k071lvbpbvp8z.hop.clickbank.net
intenskin
50793w5dgd62df1ilj6fw-3zc1.hop.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-14` - `2023-05-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.tradingview.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
sp.rmbl.ws R3	`2022-07-31` - `2022-10-29`	3 months	crt.sh
amg-news.com R3	`2022-09-12` - `2022-12-11`	3 months	crt.sh
static-3.bitchute.com R3	`2022-09-06` - `2022-12-05`	3 months	crt.sh
*.duckduckgo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-11-26`	a year	crt.sh
*.hopegirlblog.com R3	`2022-07-18` - `2022-10-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tapnewswire.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
*.customads.co Amazon	`2021-10-29` - `2022-11-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tradingview.com Amazon	`2022-04-09` - `2023-05-08`	a year	crt.sh
static.tradingview.com Amazon	`2022-06-23` - `2023-07-22`	a year	crt.sh
customads.co GTS CA 1D4	`2022-08-24` - `2022-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.rumble.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-11` - `2022-12-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: BBEB46C12109F6DF51E2A0721A15C384
Requests: 154 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202282315
Frame ID: A6600E946D838C8BA648C7D3FCEFC3D0
Requests: 4 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: AD20136B199ED0A4BDB9CA0E90122712
Requests: 51 HTTP requests in this frame

Frame: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: F3B7999B4CCE77A43C40F162F046412A
Requests: 2 HTTP requests in this frame

Frame: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: F7A97F85DFB55C30023C6DCCFC494629
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
Frame ID: AEF04B1ECB8049A86AA8A61FBC97E740
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=166394789786783106778
Frame ID: 4D86EB8E1BDD62E186B48454009CBE68
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3606C49400F7D8EF668F3418C2CECB49
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 163758C139D823A563D880CF6017F0D9
Requests: 1 HTTP requests in this frame

Frame: https://rumble.com/embed/v1ilafv/?pub=hw409
Frame ID: 2C31FCC9BEE4DAE701B2B31728E03963
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/1VIn21bpdF0
Frame ID: 87C8F4DDC8E11DDC2C0AC7BE16065406
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/zujULutG9Kk
Frame ID: CDA72A17D74111CC2A1FE18D7B15B470
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before It's News | People Powered News

Page URL History Show full URLs

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

268
Requests

96 %
HTTPS

70 %
IPv6

32
Domains

56
Subdomains

48
IPs

11
Countries

7991 kB
Transfer

20689 kB
Size

14
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Ticker Tape

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/herbanomic-fulvic-humic-complex/
Title: Deep Sleep - Energy - Vitality -- This Trace Mineral Complex Will Change How You Feel

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: ALERT! Protect Yourself NOW - They'll Never See It Coming Until They Are On The Ground and Can't Move!

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/hnex-hydronano-extracellular-oxygen-delivery-system/

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/products/ultracur-bioavailable-curcumin-complex

Search URL Search Domain Scan URL

URL: https://c206dt1hkf52hb9pfn3hobak55.hop.clickbank.net/?tid=BINRTL32021
Title: New Fat-Burning Formula Melts Off Fat While Enjoying The Best Sleep Of Your Life - Click Here For Details

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://91a03fxdidgg3w4fglazb6s9fz.hop.clickbank.net/?tid=BINRTL81222

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720413

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/d/10961461/i/22984/pp/1/1?h=dHuJa8tiEagM9RFJfpu6kVhh0OtGsS85CR-TW-VU7V_mNivCouaJpuy1ePCKH1G4YhMg_DCRuEC5r9VjVkNeBQ**&rid=ad40ced2-3b56-11ed-b62d-e43d1a2a04aa&u=qdcslSX3TxFX1JDukbtaMvQzXvUU1Wl2QMrsKl20vO3gUoSX8JFh_2DWmKK7Ffst3Efw93V0WgUq0KOYUHG7tFimLgYVPrEBO4fAJkLfQ4iulI0Yk2KurJiANuB2JhVPZHBVO2CNiHNNwyX67Nhps2Nv6M58NBSqIwY0bnZGxQjI_LGifUJnmEL6KGDYejONoYMUpmKinnQifZEwvXRALGZGpU4db_TM4E_zFBLxCi2pbl46FhGwVoGBm5Z1mgxFn3qkYur-RFbSn_rkoBOYOexlICH4wPoXsV7AvYySAkc*&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1&gdpr=1&st=120&mp4=1

Search URL Search Domain Scan URL

URL: https://tinyurl.com/28yb8h2s
Title: Real Online Social Media Jobs That Pay YOU $25 to $50 Per Hour - No Experience Required, Work From Home - Click Here for Details

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/products/humic-fulvic-liquid-trace-mineral-complex

Search URL Search Domain Scan URL

URL: https://83424y5heky1e25rz5u8zx2pj3.hop.clickbank.net/?tid=BINRTL91422
Title: The World's Only Crystal Water Bottles Created To Infuse Water So That It Can Help Support Healthy Weight Loss!

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://dr.derm/Mit_dieser_einfachen_Behandlung_verschwindet_Psoriasis_in_2_Tagen

Search URL Search Domain Scan URL

URL: https://parazitol/Wie_man_Papillome_auf_nat%C3%BCrliche_Weise_entfernt_3_Tage

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/d/10961461/i/30754/pp/3/1?h=dHuJa8tiEagM9RFJfpu6kfdG05Nph16A6KROeJwRnf-RxBnqJBod8Ai3fC5KEhU1hL_U-iJsP8ZrHnbyzb6eVQ**&rid=ad3eff33-3b56-11ed-a1f6-e43d1a2a96ec&u=0mcMKwmc2E8PqWSKE6sYeORyoBKcwiBMzBtNh6UyhKzkRwq9DV9suaWOCnqpnKubAyPZ8hExUAzD_I6N3z8fS_Gkm6cJNPql21TIwaYHcriulI0Yk2KurJiANuB2JhVPZHBVO2CNiHNNwyX67Nhps7iq7Ne6EjhdHyhmUGWrsRZTe9J3dGTGYq7U-j_RaFLVs0BJCSChZoFh6u85fxQwHRkrSgrBDYzWvksaLo0266dhc0XqUVF6ze40teEjeAFA2nSP0aVhGDvtW-Y9ACtiz1OybFk9rHhikha4qwzcNac*&tt=Direct&att=3&gbpp=1&abd=1&iv=10&ct=1&gdpr=1&st=120&mp4=1

Search URL Search Domain Scan URL

URL: https://traugen/Genug_von_Gelenkschmerzen_Keine_Schmerzen_in_7_Tagen

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/hnex-hydronano-extracellular-water/
Title: HENX - Light Years Beyond Colloidal Silver! Protect Your Family!

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/
Title: Accelerated Probiotic Improves Digestion, Boosts Energy & Improves Overall Immunity

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/humic-fulvic-liquid-trace-mineral-complex
Title: Experience Vitality Directly From Nature - Humic & Fulvic Trace Minerals Complex Is Something Your Body Craves For

Search URL Search Domain Scan URL

URL: https://c4ab87v1jfg99ob6sl1ok12y2n.hop.clickbank.net/?tid=BINRTL81422
Title: 126 Superfoods That You Can Store Without Refrigeration for Years

Search URL Search Domain Scan URL

URL: https://5f2fdk13ncob7k071lvbpbvp8z.hop.clickbank.net/?tid=BINRTL81422
Title: Women! STOP Spending a Fortune on Special Shampoos, Hair Creams and Potions. Instead… Do THIS

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720415

Search URL Search Domain Scan URL

URL: https://intenskin/63-j%C3%A4hrige_Frau_mit_Babygesicht_Hier_ist_ihr_Geheimnis

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxwvh36c
Title: Learn How You Can Become A Super Magnet That Attracts UNLIMITED Wealth, Inner Peace and Repels Doubt and Worry

Search URL Search Domain Scan URL

URL: https://50793w5dgd62df1ilj6fw-3zc1.hop.clickbank.net/?tid=BINRTL21129
Title: Have You Been Struggling With Obesity But Can’t Figure Out Why? You MUST Watch This Now!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 226

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 228

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

268 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
beforeitsnews.com/
Redirect Chain

http://beforeitsnews.com/
https://beforeitsnews.com/

119 KB
24 KB

829ms
792ms

Document
text/html

2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39929e93f40afe5740150352e6c4274322b12ac6aabceaa2c9752180d413f9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-allow-origin: *
access-control-max-age: 3628800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 74f4678ddb86902e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 15:44:56 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

CF-RAY: 74f4678d7ae6918f-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 23 Sep 2022 15:44:55 GMT
Expires: Fri, 23 Sep 2022 16:44:55 GMT
Location: https://beforeitsnews.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 d0TEFA1ti-Js6iM74ltdqi389Jg.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 29ms
27ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/d0TEFA1ti-Js6iM74ltdqi389Jg.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d01eee8af54b3ea2049757a2f70dee96fa85fcc3e701a7ba0d4c5bd2fcd91e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 7979240
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7S71N28W84ZZH96A
x-amz-id-2: gPIa5L1h5UAnU7MjBjM9sn9356j08KtaAmGydkaTW49tt9+0rgEyJ6cF1+dm0ON6EnUCE1Aeph0=
last-modified: Sun, 12 Jun 2022 05:41:00 GMT
server: cloudflare
etag: W/"7291ca9c7b46eeb160385263b9721596"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: X3HmeONKJ9H2z.qUWNLSZloFfmqkAw0k
cf-ray: 74f46792dc04902e-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 68ms
26ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

968223d9a08ecd504af62126c91de12e96fe95e2a3c00853d9b1a268dd6af653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 15:44:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Sep 2022 15:44:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Sep 2022 15:44:56 GMT

GET
H2 200 global-bin-rev-20220517.css
beforeitsnews.com/static/css-v3/ 16 KB
4 KB 37ms
35ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a194ace54f5bfe33571be8873a85b98bfa9f7e7b7e9afc9e6fd9a354b23dd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1668570
cf-polished: origSize=16027
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:39 GMT
server: cloudflare
etag: W/"628286bb-3e9b"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 74f46792dc08902e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 10:47:40 GMT

GET
H2 200 fancybox-bin-rev-20220517.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 34ms
32ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20220517.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2619773
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:39 GMT
server: cloudflare
etag: W/"628286bb-1f5d"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 74f46792dc09902e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:07:19 GMT

GET
H2 200 home-bin-rev-20220517.css
beforeitsnews.com/static/css-v3/ 29 KB
7 KB 37ms
36ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20220517.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2615658
cf-polished: origSize=29354
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:39 GMT
server: cloudflare
etag: W/"628286bb-72aa"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 74f46792dc0b902e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:09:25 GMT

GET
H2 200 responsive-bin-rev-20220517.css
beforeitsnews.com/static/css-v3/ 20 KB
4 KB 32ms
31ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20220517.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ee5811c76d7723bfd84473090c1a356eaaf8e383d33dfc592275a375c9197fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2616573
cf-polished: origSize=21003
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:39 GMT
server: cloudflare
etag: W/"628286bb-520b"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 74f46792dc0c902e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:08:14 GMT

GET
H2 200 web-responsive-bin-rev-20220517.css
beforeitsnews.com/static/css-v3/ 371 B
256 B 39ms
37ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/web-responsive-bin-rev-20220517.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1668013
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:39 GMT
server: cloudflare
etag: W/"628286bb-173"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 74f46792dc0d902e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 11 Sep 2022 08:10:12 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
57 KB 34ms
33ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 55050
cf-polished: origSize=149701
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 74f46792dc0f902e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 11 Sep 2022 08:10:51 GMT

GET
H2 200 global-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 12 KB
4 KB 39ms
38ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2616573
cf-polished: origSize=12613
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:01 GMT
server: cloudflare
etag: W/"62828695-3145"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 74f46792dc11902e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 11 Aug 2022 08:08:14 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 78ms
38ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2579015
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 24 Aug 2023 17:41:22 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f467939d5e902e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 10 KB
11 KB 83ms
16ms Script
text/javascript 18.66.97.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-42.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb51d1e5236e0daeb078e0df8e945e5a0afc06e83e0ed54281d9af4877f58df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:20:06 GMT
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
last-modified: Fri, 23 Sep 2022 10:20:02 GMT
server: AmazonS3
age: 19491
etag: "ec810cf189244421fbba88a8fb7661b4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 10745
x-amz-cf-id: 9XQ2GTwFBxZcjd8whlRU7MHmsIBzB9A7jZ9vX985t46QL_ZdXTnzhw==

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 77ms
37ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 7960519
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 08 Jun 2023 18:31:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f467939d5a902e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
187 B 89ms
49ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 753881
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 09 Sep 2023 11:03:15 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f467939d60902e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/G2fv2qns1k8/ 10 KB
10 KB 170ms
74ms Image
image/jpeg 2a00:1450:400d:804::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/G2fv2qns1k8/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9086c6aab4668300fa65f8a2bb6d1cb751282fdaea6a8901f3e62daa0987e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10180
x-xss-protection: 0
server: sffe
etag: "1612411343"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Sep 2022 17:44:56 GMT

GET
H2 200 beforeitsnews.com.720413.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 163ms
58ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de45bcb98a25e03737c45b0282d1b142498e520b5749f3168761c854f2769436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 443
cf-polished: origSize=2325
last-modified: Wed, 24 Aug 2022 10:04:57 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F8KP6RK1Q0PK9TWF
x-amz-id-2: 27oEE7MfpJ8Ga+kTemDcMIEVK75mjLjzV+H934OCtU0H6XsaOqdAwD+uk3lu3zhzxmMHBSP8lvA=
cf-bgj: minify
server: cloudflare
etag: W/"c8ca8c91465df93ec2b2353cb4d22528"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: cgIuy60B2PyvESXJmEIrCFPDSxe9ihMY
cf-ray: 74f4679428f9bbec-FRA
expires: Fri, 23 Sep 2022 18:44:56 GMT

GET
H2 200 beforeitsnews.com.720415.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 169ms
64ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ff0b1664e2f0f0fa78dca3bcac5ffd9801d90220c7deed2153b7c06e9e05905

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 444
cf-polished: origSize=2325
last-modified: Wed, 24 Aug 2022 10:04:27 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2WTXP03Y31WRCK1X
x-amz-id-2: MBERd40z9XfmpPbJqvk+Mi8ktkAU3x4IFzzBFGQjX5P6GphXc0gipAmnZzMeXE2SFWcfoL5winU=
cf-bgj: minify
server: cloudflare
etag: W/"932eb82033fc190930e7ca2beade011a"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: J30Aqpx02qXUtRmB6NsRovPRgu3RqqA_
cf-ray: 74f4679428febbec-FRA
expires: Fri, 23 Sep 2022 18:44:57 GMT

GET
H3 200 tabs-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 148 B
626 B 68ms
67ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1666589
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:04 GMT
server: cloudflare
etag: W/"62828698-bd"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 74f467935824bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 18 Aug 2022 03:52:01 GMT

GET
H2 200 12098 Show response
borirait.site/easylist/ 203 KB
41 KB 212ms
147ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borirait.site/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd2d1f56c766b4e34d7c39585ea5e8b59f80f29425bfa4a3808db73a82373f52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8234564ae853e5ba0c6fb3a1a54eab31494e8039"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BULaQKtd1v6QepIBRNZ5%2B1VQDjiOK4epZB9NcDGNGC7qQx16QqGA1pM%2Bv%2Bjg1%2FyFX%2FxIJao1QitoFXoVeC6FZDP5tHgz9Es8LkmzAGpn9m9%2Bgovs%2FZQpc3G4CJM3nOU06HUznYb06uoeuOkf"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 74f46793bd1168f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jsDeferParsing-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 91ms
91ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f3eba1194c88bed5aea71a0e612cac14a5f13af4b072395d3327a462a050325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1666589
cf-polished: origSize=6187
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:03 GMT
server: cloudflare
etag: W/"62828697-182b"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 74f467936855bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 11 Sep 2022 08:10:52 GMT

GET
H3 200 uIS3tZuchjgsdVfZJ4tq9DNH3cA.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 57ms
55ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/uIS3tZuchjgsdVfZJ4tq9DNH3cA.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/d0TEFA1ti-Js6iM74ltdqi389Jg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea96fd7ce63932fbc9213224d869baa7def0ffbd857e9e49a810f1c7c85fae6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 52354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6FWDN22PVMP9JAXB
x-amz-id-2: rVfbpgCKgteUbFwH7OB68RagcN49k6ZKV404I4DGQEPrFSvGmNohOCweiVW877QTtjzXQ0LAUuA=
last-modified: Sun, 12 Jun 2022 05:41:00 GMT
server: cloudflare
etag: W/"9c4467cd9e662b0279cdde807d82daa1"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: gaZSMZ.GDpEX.J6NBpTgInhRq7_87cCL
cf-ray: 74f46793888cbb5c-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
43 KB 139ms
58ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c90f4a6f0a7fb37cc6ee93d6ce68a80ec8778397312bce2f729b673f2a5d6e79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44022
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Sep 2022 15:44:56 GMT

GET
H3 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
633 B 74ms
73ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 331804
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 15 Sep 2023 02:36:32 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 74f46793888fbb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 search.png
beforeitsnews.com/img/b4in/ 686 B
1 KB 66ms
66ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 121777
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 14 Sep 2023 23:15:42 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 74f467938892bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 118ms
37ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:12:49 GMT
x-content-type-options: nosniff
age: 322327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 22:12:49 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v14/ 15 KB
15 KB 111ms
30ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v14/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 16:36:40 GMT
x-content-type-options: nosniff
age: 256096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15104
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 16:36:40 GMT

GET
H2 200 6udrqn.jpg
i.imgflip.com/ 57 KB
57 KB 87ms
31ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6udrqn.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b6a48937ba14dc7c5bd4fe4974fe8bf2b34efdd8b30106e77347e921f8a14c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
cf-cache-status: HIT
age: 45629
cf-polished: origSize=58708
cf-ray: 74f46793d96abb5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58204
x-amz-id-2: T5/l2QOYrAwzgae0z44wdIuk+T/MhTeiRj1u0vcO3MXAxJeF+AaWglagh9PwwXLcziIRoIxyx4w=
last-modified: Fri, 23 Sep 2022 02:47:00 GMT
server: cloudflare
etag: "62e2530d0725a74c04392c5ff73da282"
vary: Accept-Encoding
x-amz-request-id: AT68W0AG9SNYFPEA
access-control-allow-origin: *
expires: Mon, 20 Sep 2032 15:44:56 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 bIrRf.oq1b.2-small-Bombshell-Guantanamo-Bay-De.jpg
sp.rmbl.ws/s8/1/b/I/r/R/ 32 KB
32 KB 188ms
62ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/b/I/r/R/bIrRf.oq1b.2-small-Bombshell-Guantanamo-Bay-De.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bbec316dcf4b7f245634e5f5ddd8b0f25d4893529ce8a7bc3cf42dbbcaf4f08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
last-modified: Mon, 19 Sep 2022 15:56:16 GMT
server: nginx
etag: "eb1c4de68fdf231077e8033d1aac5c1b"
x-hw: 1663947897.cds284.lo4.hn,1663947897.cds256.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=28461
accept-ranges: bytes
content-length: 32877

GET
H2 200 th(69).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 16 KB
16 KB 52ms
38ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/th(69).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66fb4ae07e2a0dd52ce613f8a532bbe2b67546b0d50d7f3e1ffe9560e7e635d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 55241
cf-polished: origSize=16990, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16107
last-modified: Tue, 16 Aug 2022 19:34:11 GMT
server: cloudflare
etag: "62fbf133-425e"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 22 Sep 2023 23:46:56 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f467939d5f902e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 1%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20photo_2022-09-23_08-40-52.jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 41 KB
41 KB 149ms
148ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/1%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20photo_2022-09-23_08-40-52.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1de36d04b2af3c96c5b3b6c7332d11e72b1abfa396e2eda4269671623fd92655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 9193
cf-polished: origSize=44854, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41796
last-modified: Fri, 23 Sep 2022 12:41:31 GMT
server: cloudflare
etag: "632da97b-af36"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 23 Sep 2023 12:53:05 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f4679409a2bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 3naUf.oq1b-small-SITUATION-UPDATE-92222.jpg
sp.rmbl.ws/s8/1/3/n/a/U/ 27 KB
27 KB 174ms
102ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/3/n/a/U/3naUf.oq1b-small-SITUATION-UPDATE-92222.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 845bfa6079f8a53b5807e328c1b72bcfd431c0fbe69741491da97ba34d421edd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
last-modified: Thu, 22 Sep 2022 19:22:27 GMT
server: nginx
etag: "5cf1a242e35ae64a6b617e841d37c829"
x-hw: 1663947897.cds284.lo4.hn,1663947897.cds209.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=30786
accept-ranges: bytes
content-length: 27613

GET
H2 200 lviUf.oq1b.2-small-Ep.-2881b-Scavino-Message-R.jpg
sp.rmbl.ws/s8/1/l/v/i/U/ 27 KB
27 KB 181ms
109ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/l/v/i/U/lviUf.oq1b.2-small-Ep.-2881b-Scavino-Message-R.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: fd2f86b6a183bee3d16456fa035e14dfc12fe229ceae179ea1c2c26c584418a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
last-modified: Thu, 22 Sep 2022 22:35:59 GMT
server: nginx
etag: "4710e7251970d552a9bea17070eaec6f"
x-hw: 1663947897.cds284.lo4.hn,1663947897.cds223.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=25908
accept-ranges: bytes
content-length: 27431

GET
H3 200 9xIjmiYv94veGi0Uv1nMPFo9_medium.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 32 KB
32 KB 102ms
101ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/9xIjmiYv94veGi0Uv1nMPFo9_medium.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c1ddce8931cdef9752f261673de0833d924295dd786de6e1c8c6f7494bfd5ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1379736
cf-polished: origSize=34753, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32619
last-modified: Tue, 14 Jun 2022 17:37:57 GMT
server: cloudflare
etag: "62a8c775-87c1"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 04 Sep 2023 13:04:00 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f4679409a7bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 6udugz.jpg
i.imgflip.com/ 71 KB
71 KB 48ms
46ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6udugz.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf7973b8ac7e40e7b62dbf3bfd94f3bd5ed135b580e35ecbb59da2e19f32b42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
cf-cache-status: HIT
age: 44286
cf-polished: origSize=72943
cf-ray: 74f46793d96cbb5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72585
x-amz-id-2: 19X2OaV7GWR6hQ3/6JNUuumv0QcH4V7eU9H5yvhP03P/UT5wXPD+ywW4anUIMe1XoMhIqzGS4rU=
last-modified: Fri, 23 Sep 2022 03:17:41 GMT
server: cloudflare
etag: "114d003f8b94bcbe00173b4fe770d7f3"
vary: Accept-Encoding
x-amz-request-id: 3MHCW05BTH7WCHG9
access-control-allow-origin: *
expires: Mon, 20 Sep 2032 15:44:56 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 lVhUf.oq1b.2-small-THIS-IS-THE-END-GAME-Tom-Lu.jpg
sp.rmbl.ws/s8/1/l/V/h/U/ 29 KB
29 KB 182ms
114ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/l/V/h/U/lVhUf.oq1b.2-small-THIS-IS-THE-END-GAME-Tom-Lu.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 90dcaa5bda117bd3787553a7ad0c735b112538b0ae728d5dee5c175b7f63188c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
last-modified: Thu, 22 Sep 2022 22:21:36 GMT
server: nginx
etag: "8e70e668eae54ae30fdc099337585a82"
x-hw: 1663947897.cds284.lo4.hn,1663947897.cds290.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=28430
accept-ranges: bytes
content-length: 29332

GET
H2 200 6u90xo.jpg
i.imgflip.com/ 85 KB
85 KB 44ms
44ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6u90xo.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f400f74cbbfded26019dac22318392131333ce23b77950ff1a2281d47c574a21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
cf-cache-status: HIT
age: 131302
cf-polished: origSize=87541
cf-ray: 74f46793d973bb5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86895
x-amz-id-2: A+T87LJ15Z7EMlKsstyM9PlnEjd6a4WCjQgXuDexnjno6DewL45BRbMV3quDbiEuEAv2BqTtFwY=
last-modified: Thu, 22 Sep 2022 03:01:05 GMT
server: cloudflare
etag: "34b43ed7cbc1d74ab8735aede3b4606b"
vary: Accept-Encoding
x-amz-request-id: 17D4Z5HWS19APZ32
access-control-allow-origin: *
expires: Mon, 20 Sep 2032 15:44:56 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 IMG_20220922_064100_932.jpg
m.beforeitsnews.com/contributor/upload/819011/images/ 38 KB
39 KB 58ms
44ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20220922_064100_932.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3b8c90b0608fdf39e4a9cef5a2715a3bebe42498e4036e182dde366deae1f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 92520
cf-polished: origSize=40998, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39247
last-modified: Thu, 22 Sep 2022 13:52:47 GMT
server: cloudflare
etag: "632c68af-a026"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 22 Sep 2023 13:52:47 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 74f467945e99902e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 demonscaughtoncamera.png
www.ournewearthnews.com/wp-content/uploads/2022/09/ 713 KB
715 KB 82ms
27ms Image
image/png 2606:4700:3033::6815:156e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ournewearthnews.com/wp-content/uploads/2022/09/demonscaughtoncamera.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:156e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ace946e8f2a06dddc85cd16e81ed6a7ded3b78480917b6d2b87f150d21bd0cc3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59655
x-ezoic-cdn: Hit ds;mm;365662cd88fa39341593695d09555a76;2-354153-0;34f3b80a-01ee-47b3-4ba2-da9b319eb725
x-middleton-display: staticcontent_sol
last-modified: Thu, 22 Sep 2022 22:54:01 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-nginx-cache: WordPress
response: 200
server: cloudflare
x-frame-options: SAMEORIGIN
x-origin-cache-control: max-age=86400
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bp1a%2FZKw2mUdmLeOQMh6WdxwNpl2xlGQiDlxKODVvXK4tHDQo165CAEciYMHhmSMHaorW2cD29h8VhaRdrvCDAy486eyXchHUZZTU2k%2BMlmYiwPTpR10ecFh%2BUBkO40AQVNQq%2FReRXesOgaRKtrFTsWsQRvaBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 74f4679498039034-FRA
display: staticcontent_sol

GET
H2 200 6udt47.jpg
i.imgflip.com/ 85 KB
85 KB 65ms
34ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6udt47.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7009f71c32e8e7edf47dacdf5412bb8b682624689768cd01ad3e1f1f77634fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
cf-cache-status: HIT
age: 44286
cf-polished: origSize=86923
cf-ray: 74f46793d970bb5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86571
x-amz-id-2: HkkcUHAZRIb0VO3uL62HF897OtdjPne5eEzgnh4bmZUsvdCvcSFTj+bqm+neDm2NE4c1rcRqSp8=
last-modified: Fri, 23 Sep 2022 03:01:55 GMT
server: cloudflare
etag: "29341457c8674289db06100a7555ae8d"
vary: Accept-Encoding
x-amz-request-id: 17G7DVTG2VN81D80
access-control-allow-origin: *
expires: Mon, 20 Sep 2032 15:44:56 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 coperta.png
amg-news.com/wp-content/uploads/2022/09/ 746 KB
747 KB 290ms
112ms Image
image/png 193.203.39.123
EXPANSION-COMPUTE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2022/09/coperta.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.203.39.123 Bucharest, Romania, ASN35711 (EXPANSION-COMPUTERS-AS, RO),
Reverse DNS: mail6.startupdigital.ro
Software: nginx / PleskLin
Resource Hash: fedf7d86c7e52bb0f8b03d86a8cb2c83e038e3fedd5054c57f47c440043808cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
last-modified: Fri, 23 Sep 2022 13:44:08 GMT
server: nginx
x-powered-by: PleskLin
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 763923
expires: Sat, 21 Jan 2023 15:44:57 GMT

GET
H2 200 fXOUf.oq1b.2-small-The-Four-Horsemen-of-the-Ap.jpg
sp.rmbl.ws/s8/1/f/X/O/U/ 67 KB
67 KB 183ms
83ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/f/X/O/U/fXOUf.oq1b.2-small-The-Four-Horsemen-of-the-Ap.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ac8c0a91bb4875fe462b8b99d1b4246cc46699a63e6ad201cc6e705654abff66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
last-modified: Fri, 23 Sep 2022 12:30:05 GMT
server: nginx
etag: "d2c619f952519a2fa5a2b015aa21b593"
x-hw: 1663947897.cds284.lo4.hn,1663947897.cds221.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=77382
accept-ranges: bytes
content-length: 68270

GET
H2 200 RnKTf.oq1b.8-small-Derek-Johnson-Latest-Update.jpg
sp.rmbl.ws/s8/1/R/n/K/T/ 38 KB
39 KB 103ms
31ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/R/n/K/T/RnKTf.oq1b.8-small-Derek-Johnson-Latest-Update.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9cc058da8046efb3a04c5b02551f83bcff4221f0d2a65ef3a559e7d9546b674f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
last-modified: Thu, 22 Sep 2022 09:34:21 GMT
server: nginx
etag: "9e10f93bbb772c22e8580155eabb78ee"
x-hw: 1663947897.cds284.lo4.hn,1663947897.cds251.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=83915
accept-ranges: bytes
content-length: 39327

GET
H3 200 unnameddddddd.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 56 KB
57 KB 188ms
188ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/unnameddddddd.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0488ee06f43c2b00eb16be7cf745e9ed686e79061d5dd3dea7d54b38aa98067

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 57120
cf-polished: origSize=60496, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57609
last-modified: Fri, 28 Aug 2020 12:19:33 GMT
server: cloudflare
etag: "5f48f655-ec50"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 18 Sep 2023 01:39:49 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f4679409a4bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 5K4DTSwnvFDg_320x180.jpg
static-3.bitchute.com/live/cover_images/Htw7sVXytG2m/ 17 KB
17 KB 100ms
28ms Image
image/jpeg 2400:52e0:1e00::865:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/Htw7sVXytG2m/5K4DTSwnvFDg_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::865:1 , Slovenia, ASN200325 (BUNNYCDN, DE),

Reverse DNS

Software

BunnyCDN-DE-865 /

Resource Hash

d63bccdf3805ffff84e324ecff578b5bdbf49a867ab3c751509cff7d1bf3cb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx000000000000013dd62d4-00632cd09c-21d29c43-nyc3a
cdn-cachedat: 09/22/2022 21:16:13
cdn-pullzone: 89010
content-length: 17213
cache-control: public, max-age=31919000
server: BunnyCDN-DE-865
last-modified: Thu, 22 Sep 2022 20:33:41 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 725dc55a9ebf9656d564213751199fe5
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 /
external-content.duckduckgo.com/iu/ 21 KB
23 KB 705ms
334ms Image
image/jpeg 52.250.30.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Ftse2.mm.bing.net%2Fth%3Fid%3DOIP.sX4g03H5aAoXsuDkWaizxgHaEK%26pid%3DApi&f=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.250.30.213 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

f092cf05c597cc2653633471b0c96600e0c548ab7605fb57482d805e6a37a1ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-duckduckgo-locale: de_DE
date: Fri, 23 Sep 2022 15:44:57 GMT
referrer-policy: origin
server: nginx
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
content-disposition: inline; filename="th-3199099612"; filename*=UTF-8''th-3199099612
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
strict-transport-security: max-age=31536000
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
expires: Sat, 23 Sep 2023 15:44:57 GMT

GET
H3 200 OIP%20(1)(34)%20(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 24 KB
25 KB 160ms
159ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(34)%20(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a8e158db2d000a332b451889e71de1224fb81779bcc3896127f17db3e0a464

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 80221
cf-polished: origSize=26256, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24625
last-modified: Sun, 20 Mar 2022 22:49:36 GMT
server: cloudflare
etag: "6237af80-6690"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 21 Sep 2023 15:19:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f467949aafbb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 maxresdefault-300x169.jpg
www.hopegirlblog.com/wp-content/uploads/2022/09/ 12 KB
12 KB 1013ms
244ms Image
image/jpeg 65.60.38.190
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hopegirlblog.com/wp-content/uploads/2022/09/maxresdefault-300x169.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.60.38.190 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

chip3.greengeeks.net

Software

Resource Hash

d3e20841deb79b704c6aeb6200a763fefd9ef41ec0f73cea538bc2f8aa6f8b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 13:54:30 GMT
etag: "0632c6916-0;;;"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
vary: User-Agent
cache-control: max-age=1333600, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 12087
expires: Fri, 30 Sep 2022 15:44:57 GMT

GET
H3 200 Happy-Sunday.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 45 KB
45 KB 168ms
167ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Happy-Sunday.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f80df881f4300620113717b24686456d7bd64ead2731d5c319ac1f1fd0fff489

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 594799
cf-polished: origSize=46170, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45655
last-modified: Thu, 21 Jan 2021 16:49:28 GMT
server: cloudflare
etag: "6009b098-b45a"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 16 Sep 2023 02:39:45 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f467949ab2bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/OMNPY-nzqmk/ 25 KB
25 KB 190ms
56ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/OMNPY-nzqmk/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d622bf7a3a07d7df46cc7b61e076b908f2fc349138b71a40e60adbbdabad0494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:41:12 GMT
x-content-type-options: nosniff
age: 225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25953
x-xss-protection: 0
server: sffe
etag: "1663938030"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Sep 2022 15:46:12 GMT

GET
H2 200 ZkYTf.oq1b.2-small-Interview-with-FBI-Whistleb.jpg
sp.rmbl.ws/s8/1/Z/k/Y/T/ 38 KB
38 KB 92ms
92ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/Z/k/Y/T/ZkYTf.oq1b.2-small-Interview-with-FBI-Whistleb.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0667e9db65341587c9d4d2633079ac4e9acca2c874086806454d1b2a3bf17ead

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
last-modified: Thu, 22 Sep 2022 14:40:08 GMT
server: nginx
etag: "c173a3ddfd7dc8587fb7387051d8b40a"
x-hw: 1663947897.cds284.lo4.hn,1663947897.cds265.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=83745
accept-ranges: bytes
content-length: 39164

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/1MJDvr-1Z-A/ 23 KB
24 KB 140ms
30ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/1MJDvr-1Z-A/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f18da2cbad4e0169018d9e395c0126a709442d60a90ab8e1901a95e3d96c94d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:40:08 GMT
x-content-type-options: nosniff
age: 289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23942
x-xss-protection: 0
server: sffe
etag: "1663896279"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Sep 2022 15:45:08 GMT

GET
H3 200 OIP%20(1)(90).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
13 KB 143ms
142ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(90).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a5def112a50a4851378065e3b8c8d5718ea46fb62bc32e04960803605e6b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 9086360
cf-polished: origSize=13542, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12521
last-modified: Mon, 13 Sep 2021 00:31:55 GMT
server: cloudflare
etag: "613e9bfb-34e6"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 09 Jun 2023 08:15:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f46794cb01bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Q7wQwX4QGUZD_320x180.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 15 KB
15 KB 23ms
21ms Image
image/jpeg 2400:52e0:1e00::865:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/Q7wQwX4QGUZD_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::865:1 , Slovenia, ASN200325 (BUNNYCDN, DE),

Reverse DNS

Software

BunnyCDN-DE-865 /

Resource Hash

2ffcadb1cc1c8da3687578b4904e51c5995e93554c80f4d107762908f443f0ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx000000000000013c23056-00632c84df-21d2a51f-nyc3a
cdn-cachedat: 09/22/2022 15:53:03
cdn-pullzone: 89010
content-length: 15251
cache-control: public, max-age=31919000
server: BunnyCDN-DE-865
last-modified: Thu, 22 Sep 2022 14:58:20 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 1f51029bb3f61dff7b764e214ece24ef
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 6udzad.jpg
i.imgflip.com/ 40 KB
41 KB 46ms
45ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6udzad.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcb9cfe0806811271a234910ea1c677417beb917eb637abdb312d9b33a19ee7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: HIT
age: 38611
cf-polished: origSize=41970
cf-ray: 74f467949cb7925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41164
x-amz-id-2: W4KSBFeSj+sq2vcVTneMOIeqh3cbXHYpI2PtwzNMby3i8neUmnYysxvHjSR9r5Hzjmqw5V5T2bE=
last-modified: Fri, 23 Sep 2022 04:18:56 GMT
server: cloudflare
etag: "ffb3ff25c4a356c570dc38f9d96676da"
vary: Accept-Encoding
x-amz-request-id: 39AQKG5SP7X69N77
access-control-allow-origin: *
expires: Mon, 20 Sep 2032 15:44:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 6udsag.jpg
i.imgflip.com/ 76 KB
77 KB 59ms
58ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6udsag.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4df4b8aab4b155084d715f5e521838b02d3943f20944b595d8512b703afc40c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: HIT
age: 45626
cf-polished: origSize=78701
cf-ray: 74f467949cb9925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78151
x-amz-id-2: 7iBhhlFkSJuIN+sCJihI4GhOrNNQw+Xya+LViyGgyy4Y13QlDIrIAMUYSe+n6L+pjA5LU4kMRE8=
last-modified: Fri, 23 Sep 2022 02:53:09 GMT
server: cloudflare
etag: "3e0140a220fff6248664a05efb50a101"
vary: Accept-Encoding
x-amz-request-id: Y6Z4EADFGX5HSKAM
access-control-allow-origin: *
expires: Mon, 20 Sep 2032 15:44:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 VJmRf.oq1b.2-small-Derek-Johnson-and-Jason-Q-T.jpg
sp.rmbl.ws/s8/1/V/J/m/R/ 33 KB
33 KB 72ms
69ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/V/J/m/R/VJmRf.oq1b.2-small-Derek-Johnson-and-Jason-Q-T.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: e453866cf8ed222d6f3134a0cb58fae456f9e7bfbff4ccfe7218e4186d1c4cbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
last-modified: Mon, 19 Sep 2022 14:04:51 GMT
server: nginx
etag: "e8500cb29795294de0354259d08dda2b"
x-hw: 1663947897.cds284.lo4.hn,1663947897.cds310.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=16565
accept-ranges: bytes
content-length: 33903

GET
H3 200 maxresdefault(207).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 29 KB
29 KB 148ms
146ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/maxresdefault(207).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

091085c03d5da968532dbc47ed80a0c936005deaea18bd4a4edca94d0c415a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139716
cf-polished: origSize=30409, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29212
last-modified: Thu, 22 Sep 2022 00:38:24 GMT
server: cloudflare
etag: "632bae80-76c9"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 22 Sep 2023 00:39:20 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f46794cb04bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 OIP(273).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 17 KB
18 KB 160ms
159ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP(273).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d4ada376f87d8f6bb7a747ce86cd4c2a3b1640ae9dfec3ba42932f094dc9f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 423098
cf-polished: origSize=24070, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17722
last-modified: Sun, 18 Sep 2022 18:02:37 GMT
server: cloudflare
etag: "63275d3d-5e06"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 18 Sep 2023 18:02:49 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f46794cb06bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 2021_05_11-03_02-redvoicemedia-6099f3ad10f42.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 22 KB
23 KB 170ms
169ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/2021_05_11-03_02-redvoicemedia-6099f3ad10f42.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f810b28de9346b9574fca0b9a15f4acc101e7f20d6863fe3ff86f3badf1f1a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 264772
cf-polished: origSize=24183, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22836
last-modified: Wed, 25 Aug 2021 21:06:51 GMT
server: cloudflare
etag: "6126b0eb-5e77"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 19 Sep 2023 21:40:04 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f46794cb07bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 6u4hi4.jpg
i.imgflip.com/ 82 KB
82 KB 76ms
75ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6u4hi4.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e7348aab6061f187a14c4f715c2a3974ef285c3c7b0d31ab825314d29b025b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: HIT
age: 216301
cf-polished: origSize=83724
cf-ray: 74f467949cbc925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83487
x-amz-id-2: UrFHbcg7Wkpt8QIpvhJ0G2/NxOW2Ocu3Z2OsHTapMp78I2AiNNuPn9/D3S48KM+y221REdgzhS0=
last-modified: Wed, 21 Sep 2022 03:33:06 GMT
server: cloudflare
etag: "f7adb9e0169a0c784997c7f37146f520"
vary: Accept-Encoding
x-amz-request-id: NPJTJENB5JKG9WS3
access-control-allow-origin: *
expires: Mon, 20 Sep 2032 15:44:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 NxJTf.oq1b.2-small-Juan-O-Savin-Turning-Attack.jpg
sp.rmbl.ws/s8/1/N/x/J/T/ 31 KB
31 KB 72ms
70ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/N/x/J/T/NxJTf.oq1b.2-small-Juan-O-Savin-Turning-Attack.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b14bd413360e241c220633a5fcc61632b30f3a07fe710c1b2d936a1188f26842

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
last-modified: Thu, 22 Sep 2022 09:07:45 GMT
server: nginx
etag: "a845b9ad02fbf608e44c7187b2998a7b"
x-hw: 1663947897.cds284.lo4.hn,1663947897.cds224.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=75462
accept-ranges: bytes
content-length: 31680

GET
H2 200 N8P80JvydLvR_320x180.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 18 KB
19 KB 26ms
24ms Image
image/jpeg 2400:52e0:1e00::865:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/N8P80JvydLvR_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::865:1 , Slovenia, ASN200325 (BUNNYCDN, DE),

Reverse DNS

Software

BunnyCDN-DE-865 /

Resource Hash

cd1817793fd6fb9a3852bb48d686ce34f24745b3230603e1181a4def76b31c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx000000000000012e33ece-006329e73a-21d2756d-nyc3a
cdn-cachedat: 09/20/2022 16:15:54
cdn-pullzone: 89010
content-length: 18906
cache-control: public, max-age=31919000
server: BunnyCDN-DE-865
last-modified: Tue, 20 Sep 2022 14:57:29 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 7df8e5c9ec937209d2a3e2acd1f3ab66
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 2%20game%20over%20beauty!.jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 27 KB
27 KB 171ms
169ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/2%20game%20over%20beauty!.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab15f590ddef72972627cc14fae8a68c73eec3fda815c515bc3b6c0f84b8239

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 180292
cf-polished: origSize=29720, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27486
last-modified: Fri, 01 Apr 2022 19:40:08 GMT
server: cloudflare
etag: "62475518-7418"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 21 Sep 2023 12:17:31 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f46794cb09bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 6ts9fk.jpg
i.imgflip.com/ 77 KB
77 KB 47ms
45ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6ts9fk.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14740cf1b7fdd76519277ad288ca284bb9ab3ed8ae7c7f493b4381c4d0ecc82f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: HIT
age: 474753
cf-polished: origSize=78833
cf-ray: 74f467949cbe925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78613
x-amz-id-2: z00Ww9Wou5o1bYgT+3hHErgCLG2AOQ1+cZMnZZ281tEXNEaAtubYOjKwdQOxu4VAM19xw47FYc0=
last-modified: Sun, 18 Sep 2022 03:30:22 GMT
server: cloudflare
etag: "0e2a368d4317324dc8a8eb94d48593c8"
vary: Accept-Encoding
x-amz-request-id: T0YF92G28BSYEZES
access-control-allow-origin: *
expires: Mon, 20 Sep 2032 15:44:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 LouCoSBQzPj0_320x180.jpg
static-3.bitchute.com/live/cover_images/Htw7sVXytG2m/ 18 KB
19 KB 27ms
25ms Image
image/jpeg 2400:52e0:1e00::865:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/Htw7sVXytG2m/LouCoSBQzPj0_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::865:1 , Slovenia, ASN200325 (BUNNYCDN, DE),

Reverse DNS

Software

BunnyCDN-DE-865 /

Resource Hash

0d6c46418cd1aad046427d79c0fdfed5100bd6fb493885fcd7eb12d3a1305e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cdn-edgestorageid: 755
x-amz-request-id: tx0000000000000136e0675-00632b8869-21d2756d-nyc3a
cdn-cachedat: 09/21/2022 21:55:54
cdn-pullzone: 89010
content-length: 18819
cache-control: public, max-age=31919000
server: BunnyCDN-DE-865
last-modified: Wed, 21 Sep 2022 21:36:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: fc22fea40ab70cb596c618c176882c57
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 no-img.png
img.beforeitsnews.com/img/v3/ 1 KB
2 KB 176ms
174ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/no-img.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 8158501
cf-polished: origFmt=png, origSize=1604
content-disposition: inline; filename="no-img.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1298
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-644"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 19 Jun 2023 13:51:04 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f46794cb0bbb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 pL3Mf.oq1b.2-small-September-24-25-Catastrophe.jpg
sp.rmbl.ws/s8/1/p/L/3/M/ 40 KB
41 KB 72ms
70ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/p/L/3/M/pL3Mf.oq1b.2-small-September-24-25-Catastrophe.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f296ed20de9e6baea95f3c5cdcc9fb7d2c5f8790fc480cbbc355159d5206ea96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
last-modified: Wed, 14 Sep 2022 06:36:24 GMT
server: nginx
etag: "d9cb5f36d32ac25758c21a83b59e5f73"
x-hw: 1663947897.cds284.lo4.hn,1663947897.cds249.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=65830
accept-ranges: bytes
content-length: 41349

GET
H2 200 twitter.png
tapnewswire.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/ 3 KB
3 KB 1123ms
180ms Image
image/png 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/twitter.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: 9e60a41d7cc3c8c642a61b4707f23017f99d4ed04a5a4c91682d7b3c1cdc76b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:58 GMT
last-modified: Thu, 17 Mar 2022 00:06:03 GMT
server: nginx
accept-ranges: bytes
etag: "ad4-5da5ecbb7b898"
content-length: 2772
content-type: image/png

GET
H2 200 FftRf.oq1b-small-SITUATION-UPDATE-91922.jpg
sp.rmbl.ws/s8/1/F/f/t/R/ 24 KB
24 KB 35ms
33ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/F/f/t/R/FftRf.oq1b-small-SITUATION-UPDATE-91922.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ad9d718459a09f23762085255ea9d77865fc8158323392610b4d813c9a32c915

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
last-modified: Mon, 19 Sep 2022 16:37:20 GMT
server: nginx
etag: "5ced67faa23af04b0e1a9e291ff666d1"
x-hw: 1663947897.cds284.lo4.hn,1663947897.cds098.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=30704
accept-ranges: bytes
content-length: 24370

GET
H3 200 6u97um.jpg
i.imgflip.com/ 103 KB
104 KB 39ms
37ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6u97um.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f60e068995c5dc8911f1005231516b055924e47a6bbf7a3efd0e71057fe08ceb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: HIT
age: 126539
cf-polished: origSize=106389
cf-ray: 74f46794fd3e925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105591
x-amz-id-2: oz2PJfWXshKXR45lvaQDEpj+8K5ocYLMM17FR2s2B8i+et7YpTMEsxcU8NPOrFJXHMqAIPp8YP4=
last-modified: Thu, 22 Sep 2022 04:26:21 GMT
server: cloudflare
etag: "5dacde269dc04058c7e5460dd4b54aaa"
vary: Accept-Encoding
x-amz-request-id: 6W61NRPQMH82CQXW
access-control-allow-origin: *
expires: Mon, 20 Sep 2032 15:44:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 6udxzg.jpg
i.imgflip.com/ 109 KB
109 KB 44ms
43ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6udxzg.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dfed9b7f887b3ba3c77c0b44f2c349b238ec2510f270f0371bd2d7f4d049797

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: HIT
age: 41388
cf-polished: origSize=112298
cf-ray: 74f46794fd40925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 111687
x-amz-id-2: IjJgVfb10d2MsGVNkyHE8ZZdqwNw5jUR81/Bhe/GSHHHsQC1oTGW9G65TNAbHVTOCNSgmNUM84E=
last-modified: Fri, 23 Sep 2022 04:00:46 GMT
server: cloudflare
etag: "473b8b46bfeb9e00c0746fab8a4fb074"
vary: Accept-Encoding
x-amz-request-id: E37VBC3D5DCZ683H
access-control-allow-origin: *
expires: Mon, 20 Sep 2032 15:44:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 OIP%20(3)(81).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 15 KB
15 KB 118ms
116ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(3)(81).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce628cae5a499a978e3786030f941b61fe70ae8bda2bc3f566186628775d58a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4546244
cf-polished: origSize=16493, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14931
last-modified: Fri, 15 Oct 2021 18:09:50 GMT
server: cloudflare
etag: "6169c3ee-406d"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 30 Jul 2023 02:02:18 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f467953bc0bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 benjaminfulfordgoldenrobe.png
www.ournewearthnews.com/wp-content/uploads/2022/06/ 429 KB
430 KB 139ms
45ms Image
image/png 2606:4700:3033::6815:156e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ournewearthnews.com/wp-content/uploads/2022/06/benjaminfulfordgoldenrobe.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:156e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d539ad966796cd286951aff92363ea95781839e1368490bbf7cd344530f0dbb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85716
x-ezoic-cdn: Hit ds;mm;6ce8c07aa99ef48d81f0c02c8398d340;2-354153-0;b9a2eabb-9964-4bed-73e5-e06d178dab91
x-middleton-display: staticcontent_sol
last-modified: Wed, 14 Sep 2022 15:50:10 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-nginx-cache: WordPress
response: 200
server: cloudflare
x-frame-options: SAMEORIGIN
x-origin-cache-control: max-age=86400
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyt4k8znUuLC%2BtVXo98c2QG%2FclOScAOMcLj488rXKbytf9HvDGGkx%2B4S4zMXGuWoHlpryAwnIZRcB7cN%2F1oklpgUo3hJ%2F%2Flf5Q7GDnh59HlDA7JSDgWgY5oahXnA5M4IBHlrJri5bUSLCGXdLXBr691j0HAtCA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 74f4679498029034-FRA
display: staticcontent_sol

GET
H3 200 0AC5093F-B6AE-405C-9692-D5613FA9C710.jpeg
m.beforeitsnews.com/contributor/upload/738377/images/ 9 KB
9 KB 129ms
127ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.beforeitsnews.com/contributor/upload/738377/images/0AC5093F-B6AE-405C-9692-D5613FA9C710.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b80b4bfe6405fe68b42a652eb771057a01d3d5dc06c68563a11555c90f2325c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 9062
cf-polished: origSize=11637, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8856
last-modified: Tue, 15 Feb 2022 02:40:49 GMT
server: cloudflare
etag: "620b12b1-2d75"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 23 Sep 2023 12:58:56 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 74f467953bc3bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 60ms
59ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1666588
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 04 Sep 2023 08:10:13 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 74f46793f991bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame A660 2 KB
1 KB 277ms
251ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202282315
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cbab457694e9f5e2096f84323b0d46db15c5668ceebc1593b589b13f2813754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: EPKWQ9VFJVZ95XMZ
cf-polished: origSize=2325
cf-ray: 74f467942902bbec-FRA
last-modified: Wed, 15 Jun 2022 13:12:24 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: +uspInXjipx2CNR+Xv6T6Ry5MziFnp3dbl4aYq/ul7Dgd+6hXJQx2GqvwlmhTPc91Xn4PQDEB3k=
cf-bgj: minify
server: cloudflare
etag: W/"7289bc43abe91019280f51201c58429f"
vary: Accept-Encoding
x-amz-version-id: KLghKsCOEETLaqwHPgZiG5b.rcRVowO_
cache-control: public, max-age=10800
content-type: text/javascript
expires: Fri, 23 Sep 2022 18:44:57 GMT

GET
H2 200 ajs.js Show response
cdn2.customads.co/_js/ 7 KB
3 KB 138ms
14ms Script
application/javascript 2600:9000:223c:ec00:18:9413:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.customads.co/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ec00:18:9413:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 04:36:24 GMT
via: 1.1 google, 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 21:34:40 GMT
age: 40113
etag: W/"1a40-1835cd31345"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-encoding: gzip
x-amz-cf-id: _QV-tsjdUtN9VX3vRzZG0i7PUbfxwupxoPv_ZidJmnl_Fh55cMm0KQ==

GET
H3 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
43 KB 216ms
216ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:56 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1658892
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 04 Sep 2023 08:10:52 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 74f4679409aabb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 195ms
91ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27e072e6296b8668403f6be12f13311ada6c282c152b0c32a55b3dcccaa09a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57990
x-xss-protection: 0
server: cafe
etag: 10391807528859727156
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Sep 2022 15:44:57 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
524 B 174ms
56ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 13:07:32 GMT
server: cloudflare
age: 9445
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtqSrfp815Tg9q4WaGzSMxo1YszmtZ25Mlq%2F%2FlYc4PBspxRps7ifHcWXoSyvpzhQ3jMWfQFKrdjjeoT%2Fzf4BZK0qoZbgjJdSoBuI5Gu8bpSzvkiHls%2BMVlVj75HNUW2YXxWiCCajtBhx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74f4679628e39137-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9

GET
H2 200 adcode.png
rddywd.com/ 43 B
552 B 116ms
62ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
age: 3916
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egbVuT1Yw10QDRRGzaTj9nv1uyUdIaD4kRWzz4YER5vCy5gUYZrmcLx%2BXBMN%2FX9y50r%2Bk8X4fF37AdhHFEn1zCV7qNZsJkwl7W4BtWPwsMg2OFCM05waT0ZDwTj77MJfPMEC2M0elOmm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74f46795c9bfbbfb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 204 generate_204
www.googleapis.com/ 0
210 B 141ms
28ms Image
text/plain 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 226ms
225ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220517.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1666589
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 01 Sep 2023 17:01:59 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 74f4679429eabb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
485 B 762ms
649ms XHR
text/html 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55ab649996fa0a35d69681b0a6251829106efcf1178214744d942b0de69dcee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 74f467951e759205-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 RICH-MANS-TRICK-PT3.jpg
jamesredpillsamerica.com/images/ 638 KB
639 KB 184ms
57ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/RICH-MANS-TRICK-PT3.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 572965daa46d5f647dc97a6daee82121100d3212e367f3f17eb5d3eb08f5e806

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 75262
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 653156
last-modified: Thu, 22 Sep 2022 18:40:12 GMT
server: cloudflare
etag: "632cac0c-9f764"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKQOKkgLObuihp%2FTMwoBq5RK%2FxRDfLL0%2Bdmdf2m596GnH%2B4sJphECnmca%2BZiMhlvNFRHjEx1e4ZWwUmoIlcx2b7D%2BJiFy%2FBY1QuXWzyXP78eci7JYITipHIVQdKEXqB9GWtbonrLhlcKZAyqcJa3IgqPGZ5L%2F3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74f46796a9149bb0-FRA
expires: Fri, 22 Sep 2023 18:50:35 GMT

GET
H3 200 6tvjum.jpg
i.imgflip.com/ 55 KB
56 KB 51ms
27ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6tvjum.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f4980543b781c7568f2ae3731a19146bdb187ce2e7d52c8889359f2e1cb6ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: HIT
age: 390797
cf-polished: origSize=57199
cf-ray: 74f467946c66925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56650
x-amz-id-2: UaGZMEsKvzTa6XddXYDOoAOaCCfuHo16rfying4IaPBxwWf118Ve4WUILNhmkeRq/KSyoYEZljc=
last-modified: Mon, 19 Sep 2022 02:55:41 GMT
server: cloudflare
etag: "1628d51d482252941a2eeb423c943872"
vary: Accept-Encoding
x-amz-request-id: RDV3NZ3VWGZTN50M
access-control-allow-origin: *
expires: Mon, 20 Sep 2032 15:44:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame AD20 21 KB
7 KB 71ms
19ms Document
text/html 143.204.89.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-58.fra50.r.cloudfront.net

Software

tv /

Resource Hash

61cbccafa74622cc5de1c66593b5dbe0d39d01763e728ae3ae696eaa99571555

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://.ampproject.org/ https://.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-W+QSzhGHpi1M4HXrcYOltQ=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15
cache-control: max-age=120
content-encoding: gzip
content-security-policy: object-src 'none'; base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-W+QSzhGHpi1M4HXrcYOltQ=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 15:44:42 GMT
expires: Fri, 23 Sep 2022 15:46:42 GMT
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
x-amz-cf-id: o866oR-LFAD9BBLFF3mwy8x2Dv6blFNkiXfXgjvaPrxWZFpDurM1jA==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 beforeitsnews.com.720413.es6.js Show response
jsc.mgid.com/b/e/ 264 KB
76 KB 107ms
87ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c78c0e8094a90b756326fabb418f416dd0ac55c96cbf57f1efc57fbb3883631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 6991
cf-polished: origSize=270378
last-modified: Wed, 24 Aug 2022 10:04:57 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: XQQV0P1YHSSGMW9G
x-amz-id-2: t1MPiECWi2Zt5pEoRRfNTn5fvTCP22WOWScruqBDbpFkx94LyRpopOqtjXf6YJcM+lwtQrj3w6g=
cf-bgj: minify
server: cloudflare
etag: W/"beb82dedc229025b0d28c77242e75489"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: xLGQwECZFJqBGRSPuOPe.G1ZkZVZWQh8
cf-ray: 74f46794c99b9b45-FRA
expires: Fri, 23 Sep 2022 18:44:57 GMT

GET
H3 200 beforeitsnews.com.720415.es6.js Show response
jsc.mgid.com/b/e/ 264 KB
76 KB 53ms
33ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 912cc155f4bb11b6d6a0b37d046f87a0e0317a10a0c05bae207319e031cff8ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 1633
cf-polished: origSize=270378
last-modified: Wed, 24 Aug 2022 10:04:27 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: SB4R6Y9FST3XTEK8
x-amz-id-2: 1yqd0HjBGatpiEYykcQ/1mCc+Qcq+I9iuXQiYRHD10Ib6YfyasUnSOgV8NVsYLBECMKYtMWUQS4=
cf-bgj: minify
server: cloudflare
etag: W/"7ffb2a975b517fff054d3a67891196c4"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: UU_sIEq69gFxAaQvN88IqyEzb10C_4Su
cf-ray: 74f46794c9969b45-FRA
expires: Fri, 23 Sep 2022 18:44:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
29ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4644
date: Fri, 23 Sep 2022 14:27:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Fri, 23 Sep 2022 16:27:33 GMT

GET
H2 200 en.39dbf21df23abce9.js Show response
static.tradingview.com/static/localization/translations/ Frame AD20 582 KB
68 KB 97ms
40ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/localization/translations/en.39dbf21df23abce9.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

fcd78155ed45b65094ba1cee5506adf68c24172189e05765e6d9155986473e99

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19431
x-cache: Hit from cloudfront
content-length: 69437
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Sep 2022 08:31:25 GMT
server: tv
etag: "632d6edd-10f3d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: LbvC33x6XBZIpvhE6xmyEyDuOYop-EStcVeeOxKIfJh0gqa6fT3GBg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.4bcbc047b131d88cea00.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 49 KB
21 KB 88ms
32ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/runtime.4bcbc047b131d88cea00.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

ee979b57f0f6e0526736f805d58e4994bc5ae9cdcf6664b6be5f56ed35d290cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19431
x-cache: Hit from cloudfront
content-length: 20747
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Sep 2022 08:31:49 GMT
server: tv
etag: "632d6ef5-510b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: FkRdp7nmdbPgUhuwbHZPBN3-o1WOxkzTEsK0ezhOV8W-3A5J-P_ifw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 75932.cd4f83e4607134502a66.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 45 KB
13 KB 18ms
18ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/75932.cd4f83e4607134502a66.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

11d8ab754a7bd056500e49e7f473228063c95032e33794319a5f28cfaa511cb8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3301372
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 12665
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 16 Aug 2022 09:48:59 GMT
server: tv
etag: "62fb680b-3179"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: h_45-0NkA0vE05JL_FqqI23sjBTqAdL17NCQxNdN7b3AdJwU-9sA6Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 72369.9291747e1fab1074d523.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 97 KB
34 KB 17ms
17ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/72369.9291747e1fab1074d523.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

526f595b24ddc41e5f1cd91119435c1b6d4a577aa488ef034b2895fa9ce3c723

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 10:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2091410
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 34533
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 30 Aug 2022 10:04:53 GMT
server: tv
etag: "630de0c5-86e5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: Un_7qYYMSJ4gQ-kjovxRLKqQwrM8tEj32jP04RwJqef0YKai8I91Sw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 69952.06b0e333ddc07ff1bde0.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 15 KB
5 KB 20ms
18ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/69952.06b0e333ddc07ff1bde0.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

b034c556dd437cdd74e70deb98cd8da6fe3b513f6a76ef83adde44d47beb6883

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 10:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192290
x-cache: Hit from cloudfront
content-length: 4128
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
server: tv
etag: "632ace12-1020"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: cTdQJBecv0M2tJchw18g0XRVoGZ0v6Zm4v6Ho9InP9H9RFxbQZlP-Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 95170.8c229ea611144b3d939d.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 29 KB
9 KB 22ms
19ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/95170.8c229ea611144b3d939d.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

1284f3e8b0bd1cba40326776843f02447eaefa32133cccbb558699477c21723f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 06:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4785410
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 8938
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 29 Jul 2022 13:14:57 GMT
server: tv
etag: "62e3dd51-22ea"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: U_v9XlWr60KzMkychfaYKfO18-QNxmwhAOXm4RWOvSnrQi53S1fK0A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 59349.06c5af95e99eb360e0d3.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 12 KB
5 KB 22ms
19ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/59349.06c5af95e99eb360e0d3.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

8534a0f3394df3153ed72903a622ddfbaf32dcfa0b474326ee9fe67c9e12b94a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 10:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1402431
x-cache: Hit from cloudfront
content-length: 4541
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 07 Sep 2022 08:33:52 GMT
server: tv
etag: "63185770-11bd"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 6Url4U1J08gJ0d13dK-ps57ZOEmht8tatMKBS93Y651sXjcsjH2cCQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 28055.7fe079f819bb507d3dec.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 6 KB
2 KB 24ms
21ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/28055.7fe079f819bb507d3dec.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

f75ca0ab24d253d25934cf72cc029bf6d4d9944cfe62131c60338c43061c6aa9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 10:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192288
x-cache: Hit from cloudfront
content-length: 2064
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
server: tv
etag: "632ace12-810"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: w0lI42rfGp6rd2ECT-QBX-pxg1QjTpPaKZ80VcJcoqbHIYB56OKJxg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6373.cbf79a416472d97ee266.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 25 KB
9 KB 24ms
22ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/6373.cbf79a416472d97ee266.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

f78d130165b70d4717f80919b45cf25f7fb1f51a78055970359f11688211276b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 10:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192290
x-cache: Hit from cloudfront
content-length: 8861
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
server: tv
etag: "632ace12-229d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: aaFKfVHq4V1HDeboawMkWFMteOkuQaa343YmtFvSlB0IjcD664mnFQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 47872.b614638f482af661b1f9.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 79 KB
19 KB 26ms
23ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/47872.b614638f482af661b1f9.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

1e79f9f643c4a7fcac342f9ba323521af03244a7c53e994f563b4d3cc273e75f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 10:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192291
x-cache: Hit from cloudfront
content-length: 18927
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
server: tv
etag: "632ace12-49ef"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: GFIAoldSOG-chr7uVKwJUs7KY7H7KLxQ4x31pS5zr0D-LwXfx57s-g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 73405.648367a46b4e83b8a5ea.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 26 KB
9 KB 26ms
24ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/73405.648367a46b4e83b8a5ea.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

d9bdf3c6f2b54eb583973ab55f1aecbadb232a09d299a7b18ec6e94959f84bee

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 10:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192291
x-cache: Hit from cloudfront
content-length: 8882
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 21 Sep 2022 08:40:49 GMT
server: tv
etag: "632ace11-22b2"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: bH0GxQzORCQWIkEjFIKgCljqrCEt6XyXWvodBLlq_QV8t6jxLFBFWw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 61165.669f518fb3ca12a08781.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 37 KB
10 KB 27ms
25ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/61165.669f518fb3ca12a08781.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

624b432c85eff23dbd74f99c05e05e36096953c74f91454674a8ef315f4496dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 10:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2091410
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 9957
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 30 Aug 2022 10:04:54 GMT
server: tv
etag: "630de0c6-26e5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: a8GFj73X6pQFz5Cc2gOEARnYrvc3lZJ2FosLkboDGsr3cyvNmfuhbg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 21629.59ea3f34e1413a77f290.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 41 KB
11 KB 27ms
26ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/21629.59ea3f34e1413a77f290.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

10651781de7fb5b94c59037d8cfd1e3537dde917705dab62c4d94d572f70d1d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 10:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 708410
x-cache: Hit from cloudfront
content-length: 11131
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 15 Sep 2022 08:58:09 GMT
server: tv
etag: "6322e921-2b7b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: S-t4AJmkryxybjEW6ndMqZ_-pN5ZKlpF1Qb0Kt_GpPphDFG9PgZvsQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 87461.aa126d16f4609615d7a4.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 13 KB
6 KB 29ms
28ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/87461.aa126d16f4609615d7a4.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

6f0faa906ea50a95f0c0aa59bad510264f3cf3209561c7474d3727372071e9c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 10:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1402430
x-cache: Hit from cloudfront
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 07 Sep 2022 08:33:53 GMT
server: tv
etag: W/"63185771-1518"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: Y_bUVI6oG50VPW9XR_d29qMW5j0niMlx2KAneaIHORC0Zbj4bAWgdQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.530a55e441c55d6c8446.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 21 KB
7 KB 29ms
29ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.530a55e441c55d6c8446.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

865988ba198aa6565740a50bbcb96eb95444d663b7aeff07b09af841495872c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 10:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192288
x-cache: Hit from cloudfront
content-length: 6772
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
server: tv
etag: "632ace12-1a74"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: rMaoBOCKYon2yeG7e1qWT3mO0jUxhmZtArrOFgc9TMnDa10VDCDd2A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9610.4b9f8462aa3659c59d53.css
static.tradingview.com/static/bundles/embed/ Frame AD20 1 KB
1 KB 71ms
15ms Stylesheet
text/css 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/9610.4b9f8462aa3659c59d53.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

3a5baaf48425b11d6685e6dc62508c1419d7aceb5815c59f4f34a3fa10a48fca

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3130010
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 720
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
server: tv
etag: "62fdfacb-2d0"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: eBQ6bKlLBhteIPZ2ssj7lYsNavMi8sbBVUgtybupGzFkPOkS7Fe7QQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3086.0d1fcc5f4fdd633672c7.css
static.tradingview.com/static/bundles/embed/ Frame AD20 948 B
892 B 72ms
16ms Stylesheet
text/css 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/3086.0d1fcc5f4fdd633672c7.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

c7e58799078e5a29d5b03f677d5402d4c36edb7f2af33d6fad341cb998569ba2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3130010
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 356
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:37 GMT
server: tv
etag: "62fdfac9-164"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: nnBNmj1LPnS7vbUEu_fMhC3YY6X3ObAmzIR_bxAXD1jDxv9EPiz8jw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 72066.f1aaa4b56bfc5daefd58.css
static.tradingview.com/static/bundles/embed/ Frame AD20 1 KB
877 B 72ms
16ms Stylesheet
text/css 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/72066.f1aaa4b56bfc5daefd58.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

85a3d8af7a1f1580c3d29069e046b0bc5cea5406a3015d7f2de17d76fdef8711

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3130010
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 343
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:38 GMT
server: tv
etag: "62fdfaca-157"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: TiivZN70W_7x-sgNApVM1rqgi8l6l7SoRJ7crS68tZSfrgKxLMbX9A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 93419.83330e98cd0f13f52e0f.css
static.tradingview.com/static/bundles/embed/ Frame AD20 9 KB
2 KB 72ms
17ms Stylesheet
text/css 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/93419.83330e98cd0f13f52e0f.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

35756cfdc99cea57d1bebba0304db1a4657bbfae0366c0bf15b1e48bdf113e9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 10:03:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1489311
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 1402
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:07 GMT
server: tv
etag: "63170c8f-57a"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: CCazg6mCRqNPag79O4uI-Squ3SZFKRsLaHN6FF8TfLH9llG-UWw8Kw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4704.721cbfb1a5d6784e3109.css
static.tradingview.com/static/bundles/embed/ Frame AD20 2 KB
1015 B 73ms
17ms Stylesheet
text/css 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/4704.721cbfb1a5d6784e3109.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

d1b8a0fc8cd1e1cee4a88d59f5787fdd243f2fbf583f809d5c8d5028ea2b1162

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3130011
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 482
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
server: tv
etag: "62fdfacb-1e2"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: NDk7fBSmAHhgeIuHe10vwqOg6P0tAX3lqm-fEJtjWlA2TMe9Kncn9g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5735.c773d84ae2dfa00f5f7e.css
static.tradingview.com/static/bundles/embed/ Frame AD20 2 KB
993 B 73ms
18ms Stylesheet
text/css 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/5735.c773d84ae2dfa00f5f7e.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

df173c22699a580af5fc7e35726a17d7875d99fe824f3eefb2f4ff618537e1e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 10:02:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1489360
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 458
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:06 GMT
server: tv
etag: "63170c8e-1ca"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: KJEHYTByg4woUeoKGvbK4vLBZpvzblUKnotqOCXINMbQ8BQilhqHJQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 22641.c7183a76dc0599de9f42.css
static.tradingview.com/static/bundles/embed/ Frame AD20 4 KB
1 KB 73ms
18ms Stylesheet
text/css 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/22641.c7183a76dc0599de9f42.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

fe19334709cd41c6c626aa65d242a3c096e5ef4d92097fc19fc27ab73d31d50a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3130011
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 634
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
server: tv
etag: "62fdfacb-27a"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: nxJoztkYPgnBKjmyiL7xb3H6VX3AwHlvk8sPwdPA5ZTys-9-KXLDtQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 49859.57ed1f0e14de0ce7dcbb.css
static.tradingview.com/static/bundles/embed/ Frame AD20 868 B
888 B 73ms
18ms Stylesheet
text/css 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/49859.57ed1f0e14de0ce7dcbb.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3130010
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 353
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
server: tv
etag: "62fdfacb-161"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: aKWC5RCaLFPz1oiwmDha4p2nIfqO76YnxMdikETOmRzISo95Tbr0yA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 41848.a819f80182db62e2c3b6.css
static.tradingview.com/static/bundles/embed/ Frame AD20 6 KB
2 KB 83ms
28ms Stylesheet
text/css 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/41848.a819f80182db62e2c3b6.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

7908c2f4b89146df43567c37fef2bfcb60e7cbad27f8e6650c5d6f94388778b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 10:02:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1489346
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 1102
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:09 GMT
server: tv
etag: "63170c91-44e"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: VK2g5SLZ0ImJifKYzVusCOr0ql1DO2PqFrXPYLZc2ZMU-dDLGielVA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK 786a1dfc-fc5c-482b-a67e-0307a4ed128d
https://beforeitsnews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/786a1dfc-fc5c-482b-a67e-0307a4ed128d
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 10a20c79-6afa-48a3-9cc5-563c2512e91d
https://beforeitsnews.com/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/10a20c79-6afa-48a3-9cc5-563c2512e91d
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
BLOB 200
OK 045c07fa-a0a7-4a12-83b1-fde740d88603
https://beforeitsnews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/045c07fa-a0a7-4a12-83b1-fde740d88603
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 1a95889f-8cdd-400d-b76a-ab5839841b68
https://beforeitsnews.com/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/1a95889f-8cdd-400d-b76a-ab5839841b68
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
H3 200 beforeitsnews.com.351459.es6.js Show response
jsc.mgid.com/b/e/ Frame A660 265 KB
76 KB 43ms
42ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202282315
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de2223e46a7952c68666282f14bd7954b4969ab7f9d56cdfbbcd6b44f6bff36b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 716
cf-polished: origSize=271040
last-modified: Wed, 24 Aug 2022 10:03:57 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1SWCGZ7MNSW11ZAY
x-amz-id-2: 5df3Kv/ZvyXAlZaUn4jXxD6Le7zvw5U4n3Na/iNZRwGeSi0kp1XdyesuuxRJO6dtEmsb2s+qtk0=
cf-bgj: minify
server: cloudflare
etag: W/"7d3e196f6d958ba1e02688c77b41705a"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: goP9vBBMXN9g0k8Vkhn5DSBzUOGnri2W
cf-ray: 74f46795eb999b45-FRA
expires: Fri, 23 Sep 2022 18:44:57 GMT

GET
H2 200 8301289771671655 Show response
customads.co/lad/ Frame F3B7 1 KB
2 KB 239ms
134ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 15:44:57 GMT
via: 1.1 google

GET
H2 200 10864438442185062 Show response
customads.co/lad/ Frame F7A9 1 KB
1 KB 238ms
135ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 15:44:57 GMT
via: 1.1 google

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 113ms
50ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1546780160&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1732781843&gjid=1686071229&cid=1614301486.1663947897&tid=UA-16055024-1&_gid=1016702003.1663947897&_r=1&gtm=2wg9l05D8XJ6Q&z=777309836

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 15:44:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 87ms
31ms Image
image/gif 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1546780160&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1614301486.1663947897&tid=UA-16055024-1&_gid=1016702003.1663947897&gtm=2wg9l05D8XJ6Q&z=1138801519

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 22:17:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62840
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 88ms
32ms Image
image/gif 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 22:17:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62840
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame AD20 106 KB
41 KB 120ms
56ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/6373.cbf79a416472d97ee266.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94cd40f993a3a51bb2c2cb869c547af8f5c3dce9b348aa1fbc2ad4a4eb272106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42243
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Sep 2022 15:44:57 GMT

GET
H2 200 28903.415109541489380d12f6.css
static.tradingview.com/static/bundles/embed/ Frame AD20 801 B
701 B 28ms
28ms Stylesheet
text/css 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/28903.415109541489380d12f6.css

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/runtime.4bcbc047b131d88cea00.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

a5068464290b2b7404e5f67f0bbbcabfc046b1e6d635430e91e77d96461c95ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 10:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1489331
x-cache: Hit from cloudfront
content-length: 219
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:06 GMT
server: tv
etag: "63170c8e-db"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: -mesqfqjOe9ssD_2K_6MGozT-lG6b-JLouwN7qmvOBZvrBNAw0QnPA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js Show response
static.tradingview.com/static/bundles/embed/ Frame AD20 4 KB
3 KB 79ms
76ms Script
application/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/runtime.4bcbc047b131d88cea00.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-26.fra56.r.cloudfront.net

Software

tv /

Resource Hash

ec982be0fe0cbc9c721b3aface05cd386bec46dea3f004ed49b395617b1cc594

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 10:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1489311
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 2082
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:07 GMT
server: tv
etag: "63170c8f-822"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=315360000
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: C5UvocrkVL1a4KvjMzxIpme91vD2iMruga-IHt6SH4BL1Nu7-TvMGQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 83ms
27ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-16055024-1&cid=1614301486.1663947897&jid=1732781843&gjid=1686071229&_gid=1016702003.1663947897&_u=YEBAAEAAAAAAAC~&z=713724499

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 23 Sep 2022 15:44:57 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK f1dc2765-0fe0-4775-939f-08935ddc67a2
https://beforeitsnews.com/ Frame A660 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/f1dc2765-0fe0-4775-939f-08935ddc67a2
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 9be539ee-ca05-490f-a3a8-09bdb9a05788
https://beforeitsnews.com/ Frame A660 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/9be539ee-ca05-490f-a3a8-09bdb9a05788
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/ Frame AEF0 10 KB
5 KB 57ms
15ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 13:45:06 GMT
etag: 9671129459699598864
expires: Fri, 07 Oct 2022 13:45:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame AD20 49 KB
19 KB 29ms
28ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4644
date: Fri, 23 Sep 2022 14:27:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Fri, 23 Sep 2022 16:27:33 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 102ms
55ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-16055024-1&cid=1614301486.1663947897&jid=1732781843&_u=YEBAAEAAAAAAAC~&z=941086701

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 15:44:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 147ms
64ms Image
image/gif 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-16055024-1&cid=1614301486.1663947897&jid=1732781843&_u=YEBAAEAAAAAAAC~&z=941086701

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 15:44:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc.js Show response
stats.g.doubleclick.net/ Frame F3B7 45 KB
17 KB 85ms
28ms Script
text/javascript 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 6125
date: Fri, 23 Sep 2022 14:02:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Fri, 23 Sep 2022 16:02:52 GMT

GET
H3 200 dc.js Show response
stats.g.doubleclick.net/ Frame F7A9 45 KB
17 KB 88ms
32ms Script
text/javascript 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 6125
date: Fri, 23 Sep 2022 14:02:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Fri, 23 Sep 2022 16:02:52 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame AD20 35 B
55 B 30ms
29ms Image
image/gif 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&aip=1&a=1361828241&t=pageview&_s=1&dl=https%3A%2F%2Fs.tradingview.com%2Fembed-widget%2Fticker-tape%2F%3Flocale%3Den&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Ticker%20Tape%20Widget&sd=24-bit&sr=1600x1200&vp=775x46&je=0&_u=YEAAAQAB~&cid=203708433.1663947898&tid=UA-132755435-1&_gid=367387798.1663947898&gtm=2ou9l0&gcs=G1-0&z=1190381054

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 22:17:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62840
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
66 B 165ms
155ms Script
text/plain 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1663947897616517090361&uniqId=070f6&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=632dd47a-05570&pageView=1&pvid=1836b05fb118e777ff4&site=310742&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f467986c3fbbec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content 6558f22f-b579-4748-8585-d55e8151d481
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/6558f22f-b579-4748-8585-d55e8151d481
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content a82f0953-61b2-449f-8033-090d8bfa7bff
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/a82f0953-61b2-449f-8033-090d8bfa7bff
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content f1a74533-e181-40a3-9e7e-23a158e6828b
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/f1a74533-e181-40a3-9e7e-23a158e6828b
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 79ms
64ms Image
image/svg+xml 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 5085
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1SAKNE8T99VM7FFV
x-amz-id-2: ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 74f46798dd76bbec-FRA
expires: Sat, 24 Sep 2022 15:44:57 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
886 B 75ms
60ms Image
image/svg+xml 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BQQP2P0ZGAY0CMXJ
x-amz-id-2: Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 74f46798dd7cbbec-FRA
expires: Sat, 24 Sep 2022 15:44:57 GMT

GET
H3 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 91ms
31ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 09:36:16 GMT
x-content-type-options: nosniff
age: 108521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 09:36:16 GMT

GET
H2 200 1 Show response
servicer.mgid.com/720415/ 1 KB
965 B 86ms
73ms Script
application/x-javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720415/1?pv=5&cbuster=1663947897753578010840&uniqId=070f6&lct=1661299200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=370&h=330&maxw_1=366&maxh_1=284&ident_p=true&cols=1&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=632dd47a-05570&pageView=1&pvid=1836b05fb118e777ff4&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a6968c98d93f7a2446f3e64cd89e2d78a7b8e2854e740947395270378f4d85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 74f467994e95bbec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/720413/ 1 KB
968 B 227ms
219ms Script
application/x-javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720413/1?mp4=1&ap=1&w=370&h=330&maxw_1=366&maxh_1=284&ident_p=true&cols=1&pv=5&cbuster=1663947897758291067462&uniqId=11e73&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=632dd47a-05570&pageView=0&pvid=1836b05fb118e777ff4&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b169d01195387778b2127793672c0a4052e3eb12a257e8d4f4b50871c957372d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 74f467994e93bbec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 4 KB
2 KB 140ms
137ms Script
application/x-javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?mp4=1&ap=1&w=370&h=1095&maxw_3=366&maxh_3=247&cols=1&pv=5&cbuster=1663947897762199140203&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=632dd47a-05570&pageView=0&pvid=1836b05fb118e777ff4&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a942c14c1991ba24d8ecd3ef7b82d890cc85103aad360956770140c62116f7d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 74f467994e96bbec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 widget-ssp-performance
c.mgid.com/ 43 B
168 B 140ms
139ms Image
image/gif 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=167
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f4679939089b45-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/gif

GET
H3 200 widget-ssp-performance
c.mgid.com/ 43 B
167 B 130ms
127ms Image
image/gif 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=88
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f4679999ec9b45-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/gif

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzQ0NTQ0NC9mNDNkM...
s-img.mgid.com/g/14137148/492x328/-/ 6 KB
6 KB 83ms
32ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14137148/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzQ0NTQ0NC9mNDNkMWY0NGE3ZjUzMWFlZDhjMjM2MWE0MGJiYTE4Zi5qcGc.webp?v=1663947897-osSDvI23Wwa2P7eC5N1brm_dLp8s_7yf4oyaZ5PrCSg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d7840852d4aa28d4fb4a64a788387345ed4caf3136c4a6e4d04106d99fc928a

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 14:22:11 GMT
x-mg-request-uuid: 56afeb83-b142-441b-90c2-e1a62ba73543
age: 3842
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 74f46799ea0e92a8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5668
server: cloudflare

GET
H2 200 i.js Show response
cm.mgid.com/ 0
132 B 168ms
155ms Script
application/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1663947897858203743611
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 15:44:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 74f46799efe4bbec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 4D86 0
79 B 160ms
156ms Script
application/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=166394789786783106778
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 15:44:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 74f46799efe0bbec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 227 KB
72 KB 99ms
28ms Script
application/javascript 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:57 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 12:15:31 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=160261
accept-ranges: bytes
content-type: application/javascript
content-length: 73257
expires: Sun, 25 Sep 2022 12:15:58 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 56 KB
16 KB 164ms
61ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 23 Sep 2022 15:44:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
server: cloudflare
age: 1730
etag: W/"68154020ef14b5881614607902c7c21b"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 74f4679a99845c2c-FRA
x-amz-request-id: BNJ6QE5JEPQ6QZQN
x-amz-id-2: hJmPwVJFjVRFjjxB02rGj7iGRK80JkfiG0N/xC3qR9uTKG4G8bnSsVqbVVPjooGi44s5hsva9Y4=

GET
H2 200 paypal.svg
s3-symbol-logo.tradingview.com/ Frame AD20 1 KB
1 KB 87ms
22ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/paypal.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:35:44 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:02:09 GMT
server: AmazonS3
age: 554
etag: W/"65eea60fcee5ecdfdbb1acd1ba7cc66b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 65eea60fcee5ecdfdbb1acd1ba7cc66b
x-amz-cf-id: 9OPSV6T2Q7uVDtRC91V0G-8hgWex2P8j3rkoeeRr4ESBXKzO8flu2A==

GET
H2 200 ebay.svg
s3-symbol-logo.tradingview.com/ Frame AD20 1 KB
1 KB 84ms
20ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/ebay.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:58:46 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:07 GMT
server: AmazonS3
age: 2782
etag: W/"10fc27643c8debeb225d244f546f3641"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 10fc27643c8debeb225d244f546f3641
x-amz-cf-id: IZHAIBYe3V5eGSUF2x6QHcR1wlaTAYCrnrwBFVXm83tIXhl_HClzNQ==

GET
H2 200 gamestop.svg
s3-symbol-logo.tradingview.com/ Frame AD20 1 KB
1 KB 85ms
21ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/gamestop.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:36:05 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:53:53 GMT
server: AmazonS3
age: 534
etag: W/"bbf56edc1acae4673f8e03ab9e3e2290"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: bbf56edc1acae4673f8e03ab9e3e2290
x-amz-cf-id: oWvRYN1Kxant7M-uT5ce6Kvu64lMsgktCiGT_-IBlVMRS6-2FzLcjw==

GET
H2 200 united-parcel.svg
s3-symbol-logo.tradingview.com/ Frame AD20 1 KB
1 KB 95ms
31ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/united-parcel.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:32:53 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:56:05 GMT
server: AmazonS3
age: 747
etag: W/"ffadcdfb231eca2a6bddb9ca0efde5be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: ffadcdfb231eca2a6bddb9ca0efde5be
x-amz-cf-id: Bpb5wuA88W4kcjlgRUqk1U2AVbAy3rea8Uum8ee5HvHzCoHNXIJh2w==

GET
H2 200 microsoft.svg
s3-symbol-logo.tradingview.com/ Frame AD20 304 B
709 B 84ms
20ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/microsoft.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:08:31 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
server: AmazonS3
age: 2187
etag: "074d127e2f9fd8c2e79c01a5f002979c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
content-length: 304
x-amz-cf-id: tULNbhiDkJtm6FaNyMNSgoFlnn6CHPHTWyPsnepBr_kaCI1b93AmJQ==

GET
H2 200 fedex.svg
s3-symbol-logo.tradingview.com/ Frame AD20 182 B
589 B 94ms
30ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/fedex.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:48:20 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:21 GMT
server: AmazonS3
age: 3399
etag: "a4fcbd383e2f657b6528f4aa95844de5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: a4fcbd383e2f657b6528f4aa95844de5
content-length: 182
x-amz-cf-id: 3AF-0uDo67kiNdRxVL0D0WiNCX1zaQ_IE5l7-eFUcUGvL3fE-2RYvQ==

GET
H2 200 tesla.svg
s3-symbol-logo.tradingview.com/ Frame AD20 508 B
916 B 19ms
16ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/tesla.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:18:07 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:16 GMT
server: AmazonS3
age: 1611
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
content-length: 508
x-amz-cf-id: Z7Kfo8lvkSt3_X2ZKBvoN7hEVDXBDQfz-lsazrPf6JDS3fGHRCyZ2A==

GET
H2 200 amazon.svg
s3-symbol-logo.tradingview.com/ Frame AD20 1 KB
1 KB 19ms
17ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/amazon.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:41:57 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:49 GMT
server: AmazonS3
age: 182
etag: W/"839d24db4574bb8543cec9624d3e1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
x-amz-cf-id: 8CH4NiTZaKtf1tNlo644LKlUS418Yj8HCcS9EytDE1tA1T84a1L1fQ==

GET
H2 200 dillards.svg
s3-symbol-logo.tradingview.com/ Frame AD20 522 B
937 B 24ms
22ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/dillards.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:53:45 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:49 GMT
server: AmazonS3
age: 3131
etag: "fe0a346dd65be84d3e810b04e0ec4c77"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: fe0a346dd65be84d3e810b04e0ec4c77
content-length: 522
x-amz-cf-id: tXmxvr5rhpPIkN_jgzXqa0gLK1r8qZoY7C4nQrYYLAfpgg5XfqH28w==

GET
H2 200 crispr-therapeutics-ag.svg
s3-symbol-logo.tradingview.com/ Frame AD20 1 KB
1019 B 21ms
19ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crispr-therapeutics-ag.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:05:46 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:03:06 GMT
server: AmazonS3
age: 2409
etag: W/"16a44c1a6154b68c7aa2fa206e59c817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 16a44c1a6154b68c7aa2fa206e59c817
x-amz-cf-id: X2sxl0g0RDd4QusUNVZL1nZmU2BJ9qZAl3OrwKCEBTI6sRgS5vZ8cg==

GET
H2 200 twitter.svg
s3-symbol-logo.tradingview.com/ Frame AD20 635 B
1 KB 24ms
22ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/twitter.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:31:19 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:54:59 GMT
server: AmazonS3
age: 827
etag: "4c66a5172a9c77ab75e140f5079218ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 4c66a5172a9c77ab75e140f5079218ec
content-length: 635
x-amz-cf-id: aAAGPfaOKgOgN2rQ0otPfVK3em-zYXIM5ueTJwxum2r6W_2C1GUM4A==

GET
H2 200 berkshire-hathaway.svg
s3-symbol-logo.tradingview.com/ Frame AD20 1 KB
1 KB 20ms
17ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/berkshire-hathaway.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:01:20 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:25 GMT
server: AmazonS3
age: 2619
etag: W/"7c18bc7ae368cb48e47ba8066bb6f18d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 7c18bc7ae368cb48e47ba8066bb6f18d
x-amz-cf-id: JPIbuutWrQnvXF3Y6IDM9MQ4htdTzghtSPp4RK9LG94qDKQZzFvlag==

GET
H2 200 alphabet.svg
s3-symbol-logo.tradingview.com/ Frame AD20 761 B
1 KB 20ms
18ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/alphabet.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:27:56 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:55:20 GMT
server: AmazonS3
age: 1023
etag: "d721ee9258a9e765f67ec5dfb05d72f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: d721ee9258a9e765f67ec5dfb05d72f2
content-length: 761
x-amz-cf-id: afyqSicvBhapVO-8w5aUFWtj7oocmBODqOnSjHnwiOt8nMQnkF9RTw==

GET
H2 200 meta-platforms.svg
s3-symbol-logo.tradingview.com/ Frame AD20 786 B
1 KB 20ms
18ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/meta-platforms.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:41:49 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Fri, 05 Nov 2021 11:07:13 GMT
server: AmazonS3
age: 190
etag: "cafd1d7d717ad67e5dbe45b88fa3d47b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: cafd1d7d717ad67e5dbe45b88fa3d47b
content-length: 786
x-amz-cf-id: jFCuiM3tlP_zYmopGlf973XN7IS27oL-SwGvC0kTiJ5bMG75vDj_kg==

GET
H2 200 apple.svg
s3-symbol-logo.tradingview.com/ Frame AD20 1 KB
1 KB 21ms
19ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/apple.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:41:49 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
server: AmazonS3
age: 191
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
x-amz-cf-id: o9A45IVdae2hpy75F1GtMf1EWOlM9REmTq1JZPmKjPDvnZlo92Jqug==

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame AD20 523 B
931 B 22ms
20ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:36:06 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:05:18 GMT
server: AmazonS3
age: 533
etag: "4542d4ecd73f04c73affa787a4522596"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
content-length: 523
x-amz-cf-id: vzvF1OAAeLzojkm3BFDJ7JScj_S6SGgQ8HdP2q80TJGCf2d5VkRL6w==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame AD20 801 B
1 KB 22ms
20ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:26:37 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:03:52 GMT
server: AmazonS3
age: 1102
etag: "107060b925841745f310697bd9f1f83d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
content-length: 801
x-amz-cf-id: cX75Z7ZffhtxKlOyHSKfRIOyJOTY_jNmtZEtSKfoCRvTMAh5pISkHg==

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame AD20 3 KB
790 B 70ms
19ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:41:48 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
server: AmazonS3
age: 190
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
x-amz-cf-id: e6OoUjnrT1UybcEIhVTPadPbyLHs7KH_xKmMAKSxIENFDjTk04iiZw==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame AD20 870 B
1 KB 69ms
19ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:47:57 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
server: AmazonS3
age: 3421
etag: "e9173ef4613c3da43c45885ea39c4b96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
content-length: 870
x-amz-cf-id: 8qG02d7bAz8-bTMUKMNkNlK0mACDn5UTensG2LFkijgwZFJxdsZesQ==

GET
H2 200 nasdaq-100.svg
s3-symbol-logo.tradingview.com/indices/ Frame AD20 777 B
1 KB 68ms
18ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:48:41 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Thu, 26 May 2022 07:17:23 GMT
server: AmazonS3
age: 3376
etag: "fe60c6206a39b7984b1ebb2b8234c5ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: fe60c6206a39b7984b1ebb2b8234c5ab
content-length: 777
x-amz-cf-id: gbE2fVJc3DJiBQrjaQ9nhR-wtjgLS5kYekO7MGat60f7kgZlY-MV6g==

GET
H2 200 s-and-p-500.svg
s3-symbol-logo.tradingview.com/indices/ Frame AD20 1 KB
925 B 69ms
18ms Image
image/svg+xml 2600:9000:225e:f000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc65c6721af6fef8b02dca12cd466a18150acbe66203f45d76782f210194867e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:43:43 GMT
content-encoding: gzip
last-modified: Thu, 26 May 2022 07:17:22 GMT
server: AmazonS3
age: 75
etag: W/"f120e635d6a57528861fe87233bc6c11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: f120e635d6a57528861fe87233bc6c11
x-amz-cf-id: QhBbEeGW6DjemTkzGHJuwVdxk_iwpQAGV2AktXoZDmSZFrgfZhKY6Q==

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy80NDU0NDQvZTQ4M...
s-img.mgid.com/g/13448211/492x277/-/ 18 KB
19 KB 109ms
57ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13448211/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy80NDU0NDQvZTQ4MjJhZDQ2NjFkYzIyNDU1MTQwN2M0ODMyMDIyMjkuanBlZw.webp?v=1663947897-DC5BjEAHRmTthNfAyFzyoSA68gVwJyFgH4iQ8WTBdK0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6784ed7e640cc75abc5156ebe49d52a80c0291c8869a5333f39c9b984cfef25

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:58 GMT
cf-cache-status: HIT
last-modified: Thu, 07 Jul 2022 06:34:04 GMT
x-mg-request-uuid: 17e98151-a6cc-419b-b903-11f4d8763762
age: 2638095
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 74f4679add62bb35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18832
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy80NDU0NDQvOGQ1Z...
s-img.mgid.com/g/14111927/492x277/-/ 9 KB
10 KB 144ms
93ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14111927/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy80NDU0NDQvOGQ1ZGEzZGE5MzVmMmQzNTVlZDU2Y2NkZDYzOTM3NGIuanBn.webp?v=1663947897-HyiQIecAOAGgXAWR8gfEo31YdU-QRDGm6dhm7_H_uks
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5b18cec376b3175062ca56606d71fce402602cf02fa61296f2715d05aa90c80

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:58 GMT
cf-cache-status: HIT
last-modified: Tue, 20 Sep 2022 05:34:12 GMT
x-mg-request-uuid: 154a637e-94af-424d-95c4-1e6f317fb48a
age: 295590
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 74f4679add5bbb35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9584
server: cloudflare

GET
H2 200 492
img.rtbsystem.org/278/194/486/64449137-f958-49b0-b982-408e21d6a1c6.jpg/16x9/ 18 KB
18 KB 196ms
83ms Image
image/jpeg 2606:4700:3038::6815:eb8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rtbsystem.org/278/194/486/64449137-f958-49b0-b982-408e21d6a1c6.jpg/16x9/492
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7162506551e2a0d2e879c3c632bb99b6ff529cda98ed53b5e8c05fb994ead05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:58 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 10 Aug 2022 14:27:09 GMT
server: cloudflare
etag: W/"62f3c03d-b8a2"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yMOrxp3GgJyXDZF1BdK%2B0aUKnawwmxuJKnHHywrH7a2rl7yinbmMVsXXs91Q88MScQkhcr8DrUSOviF1JMoCYWkEPhpV4Zylrym43IRavDRicFPRNzfkRuEXEO0yBJ2KmjhbzFvbOCbayiZSo2a4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 74f4679b3f0c9b77-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18445
expires: Sat, 24 Sep 2022 15:44:58 GMT

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS83MTU4MTMvNjNhZ...
s-img.mgid.com/g/14026719/492x277/-/ 14 KB
15 KB 170ms
119ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14026719/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS83MTU4MTMvNjNhZjVhOTdhMDUxNDZkMGRiNjFmYmE2M2Y3OTEwYTcucG5n.webp?v=1663947897-xPW9d5zwB5RTBhAC9G3WswUEy24xxurM8ubV46QjTBY
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f4e3efc415de5dc0a548930c47fe3c3bebe654f6783140805bf9a16101a1f9b

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:58 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 11:02:51 GMT
x-mg-request-uuid: 345e6296-af26-4730-89bc-ddbb035cc760
age: 363978
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 74f4679add60bb35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14476
server: cloudflare

GET
H2 200 492
img.rtbsystem.org/246/471/170/486dae27-a75e-4bcd-8d1e-601754f1306d.jpg/3x2/ 41 KB
41 KB 158ms
76ms Image
image/jpeg 2606:4700:3038::6815:eb8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rtbsystem.org/246/471/170/486dae27-a75e-4bcd-8d1e-601754f1306d.jpg/3x2/492
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6232f56ea519d1a3d842013ce68e3dec3745304c36f0349fa47fdfdb3fb5a1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:58 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 19 Sep 2022 07:38:40 GMT
server: cloudflare
etag: W/"63281c80-10834"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0YSJV5Wc9%2BXJZ9ExPDpclWROO3T2VgZbxJFoHtfp5mP6k%2BKSEZDevG%2BExKBwQqZoRL1kV5aWb0lqBOoH%2Fwuox7MfePVf%2B5VDnb6p1hs2wV6jzCVZqhex3yhICET7KJqofWR%2Fxg7PDri0JW%2BTEvrjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 74f4679b3f089b77-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41535
expires: Sat, 24 Sep 2022 15:44:58 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
331 B 64ms
18ms XHR
application/json 141.95.98.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.95.98.70 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3216620.ip-141-95-98.eu
Software: /
Resource Hash: 9868771ea5e0a4c3144620dd358148a7a062bd5b1f9ff62afb321fc9469ab9a5

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Fri, 23 Sep 2022 15:44:57 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 74 B
252 B 66ms
18ms XHR
application/json 2001:41d0:701:1000::31d2
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e7939f8ecc9342b164288a90eaf6058f5eb40091ee89251d7b8dbbc3724a4c57

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Fri, 23 Sep 2022 15:44:58 GMT
content-length: 74
vary: Origin
content-type: application/json

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
331 B 21ms
16ms XHR
application/json 141.95.98.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.95.98.70 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3216620.ip-141-95-98.eu
Software: /
Resource Hash: d5b852070f62493e9d2dd39985da09c23f524ee551187883971b6210d1ec4d28

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Fri, 23 Sep 2022 15:44:57 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 74 B
252 B 25ms
17ms XHR
application/json 2001:41d0:701:1000::31d2
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 36a2d63e33a152f1b0cf067907d6220c4784c9005d5d8c9f78dfef6f5213ac0f

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Fri, 23 Sep 2022 15:44:58 GMT
content-length: 74
vary: Origin
content-type: application/json

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
331 B 32ms
16ms XHR
application/json 141.95.98.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.95.98.70 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3216620.ip-141-95-98.eu
Software: /
Resource Hash: 71f7188ed63a117fb478094c4388da8c26462efca5073ec258be8bce2b7ca7e2

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Fri, 23 Sep 2022 15:44:58 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 74 B
252 B 36ms
16ms XHR
application/json 2001:41d0:701:1000::31d2
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 51f0834cd576d387e13fa9d25f5fa37b1b3d35a53db3169e50ec77fc36641c4d

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Fri, 23 Sep 2022 15:44:58 GMT
content-length: 74
vary: Origin
content-type: application/json

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
627 B 64ms
17ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

b9f890550f6dbb628c0ce78d9bbb1584a6567b7768fbbe368f1332c65e1bf87e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Fri, 23 Sep 2022 15:44:57 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
627 B 51ms
18ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

2074d66e56492343117ee9e776ca08c141bf5aa721c9cb103e23150d617da3d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Fri, 23 Sep 2022 15:44:57 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H3 200 jsDynamic-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 4 KB
2 KB 71ms
70ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220517.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1666584
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:03 GMT
server: cloudflare
etag: W/"62828697-105e"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 74f4679c08a2bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 11 Sep 2022 08:10:56 GMT

GET
H3 200 responsive-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
1 KB 72ms
70ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220517.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1193117
cf-polished: origSize=1728
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:03 GMT
server: cloudflare
etag: W/"62828697-6c0"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 74f4679c08a3bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 11 Sep 2022 08:10:56 GMT

GET
H3 200 validate-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 76ms
74ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220517.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1666584
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:05 GMT
server: cloudflare
etag: W/"62828699-19fd"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 74f4679c08a7bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 11 Sep 2022 08:10:56 GMT

GET
H3 200 loadmore-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
3 KB 72ms
71ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220517.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1666584
cf-polished: origSize=14745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:03 GMT
server: cloudflare
etag: W/"62828697-3999"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 74f4679c08a8bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 11 Sep 2022 08:10:56 GMT

GET
H3 200 lazy-loading-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 124 B
592 B 68ms
67ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/lazy-loading-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220517.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1666584
cf-polished: origSize=173
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 17:15:03 GMT
server: cloudflare
etag: W/"62828697-ad"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 74f4679c08a9bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 11 Sep 2022 08:10:56 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
27 KB 76ms
31ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220517.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4c17c45725d32dab299f02c2bfe4310ab0e9567dd1ca5c5ca32913a4f98ec48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 15:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
627 B 40ms
17ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

13e97f60397a71416b66ddfba316efd32af5d82b0ce5ba6033615dd9c6ecf74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Fri, 23 Sep 2022 15:44:57 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 showing.php Show response
a1.beforeitsnews.com/dAjax/ 116 KB
11 KB 797ms
780ms XHR
text/html 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.beforeitsnews.com/dAjax/showing.php?_=1663947898278

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ae73e39c8f0c7fe25738a68c90b59f077c50e725ea4e64a6c7039ce1c1db93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
cache-control: private
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 74f4679c999d9205-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 76ms
32ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20220517.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f4679ca854916b-FRA
date: Fri, 23 Sep 2022 15:44:58 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1445
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 26 Sep 2022 15:44:58 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 55ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.SHwq1aUHbMA.O/d=1/rs=AN8SPfq8xy6K2NDY5pBdoA2Nq2K96s8zwA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 23 Sep 2022 15:56:14 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.SHwq1aUHbMA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq8xy6K2NDY5pBdoA2Nq2K96s8zwA/ 262 KB
92 KB 56ms
17ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.SHwq1aUHbMA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq8xy6K2NDY5pBdoA2Nq2K96s8zwA/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.SHwq1aUHbMA.O/d=1/rs=AN8SPfq8xy6K2NDY5pBdoA2Nq2K96s8zwA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7761301af9d3858f4e0b3036539b390a92754acc4b09f4ff8d52f43f5bb1802a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93858
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:14:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 14:56:14 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 112ms
62ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f4679d6c7dbb9e-FRA
date: Fri, 23 Sep 2022 15:44:58 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1446
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 26 Sep 2022 15:44:58 GMT

GET
DATA 200
OK truncated Show response
/ Frame 3606 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 109ms
29ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:43:41 GMT
x-content-type-options: nosniff
age: 77
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 23 Sep 2023 15:43:41 GMT

GET
H3 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 1637 18 KB
4 KB 49ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.SHwq1aUHbMA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq8xy6K2NDY5pBdoA2Nq2K96s8zwA/m=el_main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 23 Sep 2022 15:56:14 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
935 B 109ms
30ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:35 GMT
x-content-type-options: nosniff
age: 23
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 23 Sep 2023 15:44:35 GMT

GET
H3 200 cleardot.gif
www.google.com/images/ 43 B
65 B 61ms
25ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 15:44:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/ 4 KB
2 KB 40ms
31ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbd4e359e91970423c18ed3ab0bb89ec00611ab471c3271e49287e9111be1986

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:58 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 2106
cf-polished: origSize=4420
status: 200 OK
x-envoy-upstream-service-time: 36
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 953b63fc-f2da-414f-b129-f6ab914cd2c1
x-runtime: 0.034553
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b9e1f34cdb60151ec532bafe6a103aa7"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 74f4679ebcf8916b-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 23 Sep 2022 16:44:58 GMT

GET
H2 200 / Show response
rumble.com/embed/v1ilafv/ Frame 2C31 18 KB
8 KB 508ms
161ms Document
text/html 38.70.190.101
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/v1ilafv/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

38.70.190.101 Toronto, Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

d6636fccc266d64d4326f20a7bfd5f7a477e6bb932a40264dbf972dd6a61f59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 15:44:59 GMT
link: <https://rumble.com/v1l7gd3-why-will-florida-governor-ron-desantis-not-bring-justice-in-this-matter.html>; rel="canonical"
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
vary: Accept-Encoding

GET
H2 200 1VIn21bpdF0 Show response
www.youtube.com/embed/ Frame 87C8 66 KB
28 KB 85ms
70ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/1VIn21bpdF0

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d28bd682197710ea7c05b78dadf70e91b73480b45bd69a278f50d2030c7fedc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 23 Sep 2022 15:44:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 d9b456fd0c91da05ad850d93765ca50b7f0723e0.jpg
beforeitsnews.com/img/i2022/09/ 33 KB
33 KB 75ms
74ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2022/09/d9b456fd0c91da05ad850d93765ca50b7f0723e0.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2caf2de620b49e0e592622c32bc657cbd92dec7ec65509d15fad501f949672d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1942424
cf-polished: origSize=37770, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33664
last-modified: Sun, 09 May 2021 18:58:11 GMT
server: cloudflare
etag: "609830c3-938a"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 01 Sep 2023 04:00:09 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 74f467a19a60bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 080e11447b9e43711f1bacad58d3d182bf3dff3d.jpg
beforeitsnews.com/img/i2022/09/ 31 KB
32 KB 66ms
65ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2022/09/080e11447b9e43711f1bacad58d3d182bf3dff3d.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d3b433431802d018a8b322eb26e7e4afa84001f6dcc52d62b4ce661722f1660

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1937275
cf-polished: origSize=34991, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32023
last-modified: Sun, 09 May 2021 18:46:36 GMT
server: cloudflare
etag: "60982e0c-88af"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 01 Sep 2023 04:00:15 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 74f467a19a62bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 2f519c88104b329caa1e3264241ee6642d31727b.jpg
beforeitsnews.com/img/banner_contract/ 60 KB
61 KB 101ms
100ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/2f519c88104b329caa1e3264241ee6642d31727b.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83cbaab0cdcf23647f502b7401494916e5e248aac820cd629c51d0ff059d7b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1659084
cf-polished: origSize=69373, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61830
last-modified: Thu, 28 Apr 2022 17:10:32 GMT
server: cloudflare
etag: "626aca88-10efd"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 04 Sep 2023 08:09:51 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 74f467a19a65bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
beforeitsnews.com/img/banner_contract/ 36 KB
36 KB 73ms
72ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1666584
cf-polished: origSize=36512, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36504
last-modified: Sat, 22 May 2021 12:16:37 GMT
server: cloudflare
etag: "60a8f625-8ea0"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 04 Sep 2023 08:09:51 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 74f467a19a67bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg
beforeitsnews.com/img/banner_contract/ 81 KB
82 KB 80ms
79ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1666584
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83236
last-modified: Fri, 04 Mar 2022 07:11:55 GMT
server: cloudflare
etag: "6221bbbb-14524"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 04 Sep 2023 08:09:51 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 74f467a19a68bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 08d4db66d6338b846da88dbd5439d9fe9fc90a46.jpg
beforeitsnews.com/img/banner_contract/ 41 KB
42 KB 119ms
119ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/08d4db66d6338b846da88dbd5439d9fe9fc90a46.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b4933bcb30cdf20db9e838865530175324a1d22d7ddd55d23a7e3e710cd10b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 939243
cf-polished: origSize=48085, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42092
last-modified: Fri, 12 Aug 2022 18:46:07 GMT
server: cloudflare
etag: "62f69fef-bbd5"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 12 Sep 2023 18:46:28 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 74f467a19a6abb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 zujULutG9Kk Show response
www.youtube.com/embed/ Frame CDA7 65 KB
27 KB 68ms
68ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/zujULutG9Kk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af8de7c35f98dad5c4d3ca124ed9f3711c648695ba73e6be3880cba491e0fad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 23 Sep 2022 15:44:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/abfb84fe/ Frame 87C8 358 KB
49 KB 58ms
22ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1VIn21bpdF0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ef6d6383702bc06b134e946c269ece57f40b540882483d804cea173a235831c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1VIn21bpdF0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49730
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:48:45 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/ Frame 87C8 309 KB
96 KB 81ms
45ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1VIn21bpdF0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41ab731b25c3f7e4f6cc350774a28353c667e79774622a915f8b16b7897ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1VIn21bpdF0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97978
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:48:46 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/ Frame 87C8 2 MB
579 KB 83ms
48ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1VIn21bpdF0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd1e395622ba3b297d6f5b522f13c7ce1682dd5ae900513cb9abb2bebf5f2cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1VIn21bpdF0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 592503
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:48:45 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/abfb84fe/fetch-polyfill.vflset/ Frame 87C8 9 KB
3 KB 49ms
15ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1VIn21bpdF0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1VIn21bpdF0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:48:46 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 87C8 15 KB
15 KB 29ms
29ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1VIn21bpdF0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 21:19:52 GMT
x-content-type-options: nosniff
age: 66307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 21:19:52 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/abfb84fe/ Frame CDA7 358 KB
49 KB 34ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zujULutG9Kk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ef6d6383702bc06b134e946c269ece57f40b540882483d804cea173a235831c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zujULutG9Kk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49730
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:48:45 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/ Frame CDA7 309 KB
96 KB 75ms
56ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zujULutG9Kk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41ab731b25c3f7e4f6cc350774a28353c667e79774622a915f8b16b7897ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zujULutG9Kk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97978
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:48:46 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/ Frame CDA7 2 MB
579 KB 70ms
52ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zujULutG9Kk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd1e395622ba3b297d6f5b522f13c7ce1682dd5ae900513cb9abb2bebf5f2cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zujULutG9Kk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 592503
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:48:45 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/abfb84fe/fetch-polyfill.vflset/ Frame CDA7 9 KB
3 KB 74ms
56ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zujULutG9Kk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zujULutG9Kk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:48:46 GMT

GET
H3 200 c
c.mgid.com/ 43 B
213 B 117ms
116ms Image
image/gif 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=366|284|0|dHuJa8tiEagM9RFJfpu6kVhh0OtGsS85CR-TW-VU7V_mNivCouaJpuy1ePCKH1G4YhMg_DCRuEC5r9VjVkNeBQ**&fw=1&extjs=66044&cid=720413&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*&rid=ad40ced2-3b56-11ed-b62d-e43d1a2a04aa&tt=Direct&iv=11&pageImp=1&pvid=1836b05fb118e777ff4&cbuster=166394789923798574318
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3c75d6d0-e2e3-462d-8958-e8c980546951
content-type: image/gif
cf-ray: 74f467a2496a9b45-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CDA7 15 KB
15 KB 31ms
30ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zujULutG9Kk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 21:19:52 GMT
x-content-type-options: nosniff
age: 66307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 21:19:52 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 87C8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

25ms
24ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1VIn21bpdF0

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab7fb9bb73dd4ddf302f9292a1e2cd85368714a91ec369639372f972645646ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 23 Sep 2022 15:44:59 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 87C8 29 B
588 B 84ms
17ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:34:42 GMT
x-content-type-options: nosniff
age: 617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Sep 2022 15:49:42 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CDA7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

24ms
23ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zujULutG9Kk

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb391d9f4753491dcda94c3995e1e80a09e4fa7092ae2ef2c5665620a987d43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 23 Sep 2022 15:44:59 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CDA7 29 B
89 B 49ms
18ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:34:42 GMT
x-content-type-options: nosniff
age: 617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Sep 2022 15:49:42 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 144ms
49ms Preflight
text/html 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 23 Sep 2022 15:44:59 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 87C8 66 KB
30 KB 116ms
57ms XHR
application/json+protobuf 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ce4d3225a10eeba303d14fbe5f2902594d00dd1187c0739594b31cc40326c4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30832
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/ Frame 87C8 118 KB
36 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

518a60fee17316c05108a084582854df899339bb298832856af1f7f2737fb768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1VIn21bpdF0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37170
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:48:46 GMT

GET
H3 200 SsNTfMY_GtK2MUcgN-Id-kGsmj-5H1Z7oxK7ex71V1k.js Show response
www.google.com/js/th/ Frame 87C8 36 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/SsNTfMY_GtK2MUcgN-Id-kGsmj-5H1Z7oxK7ex71V1k.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ac3537cc63f1ad2b631472037e21dfa41ac9a3fb91f567ba312bb7b1ef55759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 96535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14354
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 12:56:04 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/ Frame 87C8 25 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5739c73aae8dcd2db9eeb6bcb168da14cdf299a4e9bda32165ff45ac27e931c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1VIn21bpdF0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:49:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8110
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:49:56 GMT

GET
DATA 200
OK truncated
/ Frame 87C8 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 87C8 942 B
1 KB 122ms
30ms Image
image/jpeg 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1VIn21bpdF0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:57:12 GMT
x-content-type-options: nosniff
server: fife
age: 2867
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 942
x-xss-protection: 0
expires: Sat, 24 Sep 2022 14:57:12 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/1VIn21bpdF0/ Frame 87C8 54 KB
54 KB 123ms
64ms Image
image/webp 2a00:1450:400d:804::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/1VIn21bpdF0/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1VIn21bpdF0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d998fa64aeb55db575764279dd678eca393e9c79171aa5fba28c9d241b72107d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55232
x-xss-protection: 0
server: sffe
etag: "1663820745"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Sep 2022 15:49:59 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 77ms
51ms Preflight
text/html 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 23 Sep 2022 15:44:59 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CDA7 66 KB
30 KB 118ms
60ms XHR
application/json+protobuf 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d5a535b942b7335808de51e69760c3518f7b1ce476f6e88c0ca7aa8f3ff2373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30920
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/ Frame CDA7 118 KB
36 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

518a60fee17316c05108a084582854df899339bb298832856af1f7f2737fb768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zujULutG9Kk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37170
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:48:46 GMT

GET
H3 200 SsNTfMY_GtK2MUcgN-Id-kGsmj-5H1Z7oxK7ex71V1k.js Show response
www.google.com/js/th/ Frame CDA7 36 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/SsNTfMY_GtK2MUcgN-Id-kGsmj-5H1Z7oxK7ex71V1k.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ac3537cc63f1ad2b631472037e21dfa41ac9a3fb91f567ba312bb7b1ef55759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 96535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14354
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 12:56:04 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/ Frame CDA7 25 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5739c73aae8dcd2db9eeb6bcb168da14cdf299a4e9bda32165ff45ac27e931c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zujULutG9Kk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:49:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8110
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:49:56 GMT

GET
DATA 200
OK truncated
/ Frame CDA7 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CDA7 942 B
1000 B 57ms
31ms Image
image/jpeg 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zujULutG9Kk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:57:12 GMT
x-content-type-options: nosniff
server: fife
age: 2867
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 942
x-xss-protection: 0
expires: Sat, 24 Sep 2022 14:57:12 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/zujULutG9Kk/ Frame CDA7 29 KB
29 KB 91ms
90ms Image
image/webp 2a00:1450:400d:804::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/zujULutG9Kk/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zujULutG9Kk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bfdb4b027713d9ddd6f5d8ba65fc22360952d5a51a7a403d3cb52ef01038d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29646
x-xss-protection: 0
server: sffe
etag: "1661197330"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Sep 2022 17:44:59 GMT

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame 2C31 76 KB
27 KB 161ms
160ms Script
application/javascript 38.70.190.101
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=328

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v1ilafv/?pub=hw409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

38.70.190.101 Toronto, Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

34d7e896c5be6f521d64cddde7f53601501ca33f2d2de51fe606677f440d8e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/v1ilafv/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
content-encoding: br
last-modified: Wed, 07 Sep 2022 17:13:05 GMT
server: nginx
etag: W/"6318d121-13099"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 xEIUf.OvCc-small-Why-Will-Florida-Governor-R.jpg
sp.rmbl.ws/s8/1/x/E/I/U/ Frame 2C31 41 KB
41 KB 29ms
29ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/x/E/I/U/xEIUf.OvCc-small-Why-Will-Florida-Governor-R.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/v1ilafv/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: c4cfb67d1e6e76f49acb85562df40b2e5fc02182dab519db9ba92646a9747b76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
last-modified: Fri, 23 Sep 2022 09:47:30 GMT
server: nginx
etag: "2a7ed9cea03c3b45f063ac3656900a38"
x-hw: 1663947899.cds284.lo4.hn,1663947899.cds062.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=65050
accept-ranges: bytes
content-length: 41868

GET
H2 206 xEIUf.caa.rec.mp4
sp.rmbl.ws/s8/2/x/E/I/U/ Frame 2C31 5 MB
0 30ms
29ms Media
video/mp4 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/x/E/I/U/xEIUf.caa.rec.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/v1ilafv/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://rumble.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
last-modified: Fri, 23 Sep 2022 11:24:49 GMT
server: nginx
access-control-allow-origin: *
etag: "9151c107b975305fa96815630bc38ef0-71"
x-hw: 1663947899.cds284.lo4.hn,1663947899.cds242.lo4.pc
content-type: video/mp4
Content-Range: bytes 0-367430216/367430217
cache-control: max-age=74593
accept-ranges: bytes
Content-Length: 367430217

GET
H3 204 generate_204
www.youtube.com/ Frame 87C8 0
10 B 61ms
60ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?zW6v2Q
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/1VIn21bpdF0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1VIn21bpdF0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CDA7 4 KB
2 KB 148ms
84ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 15:44:59 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame CDA7 0
10 B 26ms
26ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?_-Js-A
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/zujULutG9Kk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zujULutG9Kk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 87C8 4 KB
2 KB 103ms
103ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 15:44:59 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/105/ Frame CDA7 52 KB
15 KB 133ms
131ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/105/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:48:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 15:05:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 23 Sep 2022 16:48:55 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/105/ Frame 87C8 52 KB
15 KB 126ms
126ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/105/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:48:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 15:05:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 23 Sep 2022 16:48:55 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 87C8 90 B
134 B 52ms
52ms XHR
application/json+protobuf 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb879743969938cb8f3c2d0c3963050d5c99866fd35891f68c5be0f938cc0765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 23 Sep 2022 15:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 110
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CDA7 90 B
134 B 54ms
54ms XHR
application/json+protobuf 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22b5c3e947fff5325e1a8aae294013c96b1486d31c9569a9f2102f79f9d85602

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 23 Sep 2022 15:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 110
x-xss-protection: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 2C31 49 KB
19 KB 30ms
30ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=328

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4647
date: Fri, 23 Sep 2022 14:27:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Fri, 23 Sep 2022 16:27:33 GMT

POST
H2 200 view...1ilafv.19puw6k
rumble.com/l/ Frame 2C31 35 B
191 B 163ms
163ms Ping
image/gif 38.70.190.101
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...1ilafv.19puw6k?p=2.3&r=104223949&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

38.70.190.101 Toronto, Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/v1ilafv/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 23 Sep 2022 15:45:00 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 56ms
56ms Preflight
text/html 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 23 Sep 2022 15:44:59 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 49ms
49ms Preflight
text/html 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 23 Sep 2022 15:45:00 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 2C31 4 B
24 B 63ms
63ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1639389662&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.v1ilafv%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Murder%20%26%20Corruption%20In%20Florida%20-%20Why%20Will%20DeSantis%20Not%20Bring%20Justice%3F%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&_u=YEBAAEABAAAAAC~&jid=1452192150&gjid=1507311837&cid=1928433908.1663947900&tid=UA-44331619-1&_gid=2083836007.1663947900&_r=1&_slc=1&z=1176826514

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 15:45:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 2C31 35 B
55 B 46ms
46ms Image
image/gif 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1639389662&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.v1ilafv%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Murder%20%26%20Corruption%20In%20Florida%20-%20Why%20Will%20DeSantis%20Not%20Bring%20Justice%3F%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&ec=Embed&ea=View&el=v1ilafv&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1928433908.1663947900&tid=UA-44331619-1&_gid=2083836007.1663947900&z=1848581806

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v1ilafv/?pub=hw409

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 22:17:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62843
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 61ms
56ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f467a80a65bb9e-FRA
date: Fri, 23 Sep 2022 15:45:00 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1445
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 23 Oct 2022 15:45:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 2C31 4 B
25 B 28ms
28ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-44331619-1&cid=1928433908.1663947900&jid=1452192150&gjid=1507311837&_gid=2083836007.1663947900&_u=YEBAAEAAAAAAAC~&z=1783450313

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 23 Sep 2022 15:45:00 GMT
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/ 44 B
549 B 135ms
90ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:45:00 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 11
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a400f3e4-2a79-4108-8064-5c8bc1effcf2
x-runtime: 0.009216
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e51140cdcd044ad76335646936ec5319"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate
cf-ray: 74f467a8bc7e6922-FRA
access-control-allow-headers: SDK-Version

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 2C31 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-44331619-1&cid=1928433908.1663947900&jid=1452192150&_u=YEBAAEAAAAAAAC~&z=1767278005

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 15:45:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame 2C31 42 B
63 B 124ms
62ms Image
image/gif 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-44331619-1&cid=1928433908.1663947900&jid=1452192150&_u=YEBAAEAAAAAAAC~&z=1767278005

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 15:45:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
2 KB 67ms
66ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:45:00 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1140658
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 31 Aug 2023 21:03:16 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 74f467a94875bb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 87C8 28 B
54 B 37ms
36ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-Goog-Request-Time: 1663947902056
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/1VIn21bpdF0
X-YouTube-Client-Version: 1.20220921.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt5d0FYQl9RWmZlOCj7qLeZBg%3D%3D
X-YouTube-Ad-Signals: dt=1663947899340&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C367%2C245&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 23 Sep 2022 15:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 23 Sep 2022 15:45:02 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CDA7 28 B
54 B 32ms
30ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-Goog-Request-Time: 1663947902074
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/zujULutG9Kk
X-YouTube-Client-Version: 1.20220921.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgszTDJlSXRSeGFScyj7qLeZBg%3D%3D
X-YouTube-Ad-Signals: dt=1663947899347&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C370%2C246&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 23 Sep 2022 15:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 23 Sep 2022 15:45:02 GMT

Verdicts & Comments Add Verdict or Comment

293 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s3
beforeitsnews.com/	1970-01-20 06:12:36	Name: __cflb Value: 0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyLtjXCLvmmKm
beforeitsnews.com/	1970-01-20 15:48:27	Name: b4in-uuid Value: 03b70baf-9631-4ca8-bbad-5d6e7d6f07d9
.mgid.com/	1970-01-20 06:12:29	Name: __cf_bm Value: z_tEGsXUd2eY7AqPMOQxzfh_6LikJ8MCSYHZwEBCrhs-1663947897-0-AQj9A9/iydKVLdopLcG3YC9xrAv43XAB/lqyzEwlQY0nPhhhwIedbeI4ut44dEf/Yo9ywG1Fmtv+hKbdffHc5gQ=
.beforeitsnews.com/	1970-01-20 15:48:27	Name: _ga Value: GA1.2.1614301486.1663947897
.beforeitsnews.com/	1970-01-20 06:13:54	Name: _gid Value: GA1.2.1016702003.1663947897
.beforeitsnews.com/	1970-01-20 06:12:27	Name: _gat_UA-16055024-1 Value: 1
beforeitsnews.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C720415%22%3A%7B%22page%22%3A1%2C%22time%22%3A1663947897847%7D%2C%22C720413%22%3A%7B%22page%22%3A1%2C%22time%22%3A1663947897992%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1663947897961%7D%7D
beforeitsnews.com/	1970-01-20 06:55:39	Name: _pbjs_userid_consent_data Value: 3524755945110770
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: xlDSU_IvxIc
.youtube.com/	1970-01-20 10:31:39	Name: VISITOR_INFO1_LIVE Value: 3L2eItRxaRs
.rumble.com/	1970-01-20 15:48:27	Name: _ga Value: GA1.2.1928433908.1663947900
.rumble.com/	1970-01-20 06:13:54	Name: _gid Value: GA1.2.2083836007.1663947900
.rumble.com/	1970-01-20 06:12:27	Name: _gat_rumble Value: 1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://beforeitsnews.com/(Line 168) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20220922_064100_932.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 168) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ournewearthnews.com/wp-content/uploads/2022/09/demonscaughtoncamera.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 168) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20220922_064100_932.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 168) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ournewearthnews.com/wp-content/uploads/2022/09/demonscaughtoncamera.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 271) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ournewearthnews.com/wp-content/uploads/2022/06/benjaminfulfordgoldenrobe.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 271) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/738377/images/0AC5093F-B6AE-405C-9692-D5613FA9C710.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 371) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ournewearthnews.com/wp-content/uploads/2022/06/benjaminfulfordgoldenrobe.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 371) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/738377/images/0AC5093F-B6AE-405C-9692-D5613FA9C710.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/418130/images/220521_DrSam_Image3.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.beforeitsnews.com
ads.pubmatic.com
ajax.beforeitsnews.com
amg-news.com
beforeitsnews.com
borirait.site
c.mgid.com
cdn.id5-sync.com
cdn.mgid.com
cdn.onesignal.com
cdn2.customads.co
cm.mgid.com
customads.co
external-content.duckduckgo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgflip.com
i.ytimg.com
id5-sync.com
img.beforeitsnews.com
img.rtbsystem.org
img.youtube.com
jamesredpillsamerica.com
jnn-pa.googleapis.com
jsc.mgid.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
m.beforeitsnews.com
onesignal.com
pagead2.googlesyndication.com
rddywd.com
rumble.com
s-img.mgid.com
s.tradingview.com
s3-symbol-logo.tradingview.com
s3.tradingview.com
servicer.mgid.com
sp.rmbl.ws
static-3.bitchute.com
static.doubleclick.net
static.tradingview.com
stats.g.doubleclick.net
tapnewswire.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.hopegirlblog.com
www.ournewearthnews.com
www.youtube.com
yt3.ggpht.com
104.18.255.14
141.95.98.65
141.95.98.70
143.204.89.58
151.139.128.11
18.66.97.26
18.66.97.42
184.51.9.34
193.203.39.123
2001:41d0:701:1000::31d2
209.58.165.79
2400:52e0:1e00::865:1
2600:9000:223c:ec00:18:9413:7780:93a1
2600:9000:225e:f000:1f:2f70:3e80:93a1
2606:4700:10::6816:4a8a
2606:4700:10::6816:4b8a
2606:4700:10::ac43:266a
2606:4700:1::6813:844e
2606:4700:1::6813:884e
2606:4700:3033::6815:156e
2606:4700:3038::6815:eb8a
2606:4700::6812:e234
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:813::200a
2a00:1450:4001:830::2006
2a00:1450:400c:c06::9d
2a00:1450:400d:804::2003
2a00:1450:400d:804::2016
2a00:1450:400d:806::2001
2a00:1450:400d:806::2002
2a00:1450:400d:807::2008
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::200a
2a00:1450:400d:80a::200e
2a00:1450:400d:80d::200a
2a00:1450:400d:80e::2003
2a06:98c1:3120::3
2a06:98c1:3120::c
2a06:98c1:3121::3
35.190.30.115
38.70.190.101
52.250.30.213
65.60.38.190
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
0667e9db65341587c9d4d2633079ac4e9acca2c874086806454d1b2a3bf17ead
091085c03d5da968532dbc47ed80a0c936005deaea18bd4a4edca94d0c415a38
0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8
0d6c46418cd1aad046427d79c0fdfed5100bd6fb493885fcd7eb12d3a1305e55
10651781de7fb5b94c59037d8cfd1e3537dde917705dab62c4d94d572f70d1d5
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
11d8ab754a7bd056500e49e7f473228063c95032e33794319a5f28cfaa511cb8
12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988
1284f3e8b0bd1cba40326776843f02447eaefa32133cccbb558699477c21723f
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1
13e97f60397a71416b66ddfba316efd32af5d82b0ce5ba6033615dd9c6ecf74a
14740cf1b7fdd76519277ad288ca284bb9ab3ed8ae7c7f493b4381c4d0ecc82f
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1ab15f590ddef72972627cc14fae8a68c73eec3fda815c515bc3b6c0f84b8239
1cbab457694e9f5e2096f84323b0d46db15c5668ceebc1593b589b13f2813754
1d4ada376f87d8f6bb7a747ce86cd4c2a3b1640ae9dfec3ba42932f094dc9f61
1d5a535b942b7335808de51e69760c3518f7b1ce476f6e88c0ca7aa8f3ff2373
1de36d04b2af3c96c5b3b6c7332d11e72b1abfa396e2eda4269671623fd92655
1e79f9f643c4a7fcac342f9ba323521af03244a7c53e994f563b4d3cc273e75f
2074d66e56492343117ee9e776ca08c141bf5aa721c9cb103e23150d617da3d0
22b5c3e947fff5325e1a8aae294013c96b1486d31c9569a9f2102f79f9d85602
23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b
24a5def112a50a4851378065e3b8c8d5718ea46fb62bc32e04960803605e6b80
27e072e6296b8668403f6be12f13311ada6c282c152b0c32a55b3dcccaa09a32
293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
2f3eba1194c88bed5aea71a0e612cac14a5f13af4b072395d3327a462a050325
2f4980543b781c7568f2ae3731a19146bdb187ce2e7d52c8889359f2e1cb6ac1
2ffcadb1cc1c8da3687578b4904e51c5995e93554c80f4d107762908f443f0ab
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
34d7e896c5be6f521d64cddde7f53601501ca33f2d2de51fe606677f440d8e6a
35756cfdc99cea57d1bebba0304db1a4657bbfae0366c0bf15b1e48bdf113e9f
3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d
36a2d63e33a152f1b0cf067907d6220c4784c9005d5d8c9f78dfef6f5213ac0f
39929e93f40afe5740150352e6c4274322b12ac6aabceaa2c9752180d413f9ad
3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde
3a5baaf48425b11d6685e6dc62508c1419d7aceb5815c59f4f34a3fa10a48fca
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ee5811c76d7723bfd84473090c1a356eaaf8e383d33dfc592275a375c9197fc
3ff0b1664e2f0f0fa78dca3bcac5ffd9801d90220c7deed2153b7c06e9e05905
41a6968c98d93f7a2446f3e64cd89e2d78a7b8e2854e740947395270378f4d85
41ab731b25c3f7e4f6cc350774a28353c667e79774622a915f8b16b7897ecc4f
425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c
4ac3537cc63f1ad2b631472037e21dfa41ac9a3fb91f567ba312bb7b1ef55759
4c78c0e8094a90b756326fabb418f416dd0ac55c96cbf57f1efc57fbb3883631
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4df4b8aab4b155084d715f5e521838b02d3943f20944b595d8512b703afc40c0
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
518a60fee17316c05108a084582854df899339bb298832856af1f7f2737fb768
51f0834cd576d387e13fa9d25f5fa37b1b3d35a53db3169e50ec77fc36641c4d
526f595b24ddc41e5f1cd91119435c1b6d4a577aa488ef034b2895fa9ce3c723
55ab649996fa0a35d69681b0a6251829106efcf1178214744d942b0de69dcee0
572965daa46d5f647dc97a6daee82121100d3212e367f3f17eb5d3eb08f5e806
5739c73aae8dcd2db9eeb6bcb168da14cdf299a4e9bda32165ff45ac27e931c5
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5b6a48937ba14dc7c5bd4fe4974fe8bf2b34efdd8b30106e77347e921f8a14c0
5d539ad966796cd286951aff92363ea95781839e1368490bbf7cd344530f0dbb
5dfed9b7f887b3ba3c77c0b44f2c349b238ec2510f270f0371bd2d7f4d049797
5e7348aab6061f187a14c4f715c2a3974ef285c3c7b0d31ab825314d29b025b3
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61cbccafa74622cc5de1c66593b5dbe0d39d01763e728ae3ae696eaa99571555
6232f56ea519d1a3d842013ce68e3dec3745304c36f0349fa47fdfdb3fb5a1fc
624b432c85eff23dbd74f99c05e05e36096953c74f91454674a8ef315f4496dd
66fb4ae07e2a0dd52ce613f8a532bbe2b67546b0d50d7f3e1ffe9560e7e635d8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a194ace54f5bfe33571be8873a85b98bfa9f7e7b7e9afc9e6fd9a354b23dd17
6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf
6bbec316dcf4b7f245634e5f5ddd8b0f25d4893529ce8a7bc3cf42dbbcaf4f08
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
6bfdb4b027713d9ddd6f5d8ba65fc22360952d5a51a7a403d3cb52ef01038d81
6c1ddce8931cdef9752f261673de0833d924295dd786de6e1c8c6f7494bfd5ac
6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4
6cf7973b8ac7e40e7b62dbf3bfd94f3bd5ed135b580e35ecbb59da2e19f32b42
6d3b433431802d018a8b322eb26e7e4afa84001f6dcc52d62b4ce661722f1660
6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
6f0faa906ea50a95f0c0aa59bad510264f3cf3209561c7474d3727372071e9c8
707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1
70a8e158db2d000a332b451889e71de1224fb81779bcc3896127f17db3e0a464
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
71f7188ed63a117fb478094c4388da8c26462efca5073ec258be8bce2b7ca7e2
7761301af9d3858f4e0b3036539b390a92754acc4b09f4ff8d52f43f5bb1802a
7908c2f4b89146df43567c37fef2bfcb60e7cbad27f8e6650c5d6f94388778b0
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7ce4d3225a10eeba303d14fbe5f2902594d00dd1187c0739594b31cc40326c4d
7f18da2cbad4e0169018d9e395c0126a709442d60a90ab8e1901a95e3d96c94d
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cbaab0cdcf23647f502b7401494916e5e248aac820cd629c51d0ff059d7b3b
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
845bfa6079f8a53b5807e328c1b72bcfd431c0fbe69741491da97ba34d421edd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8534a0f3394df3153ed72903a622ddfbaf32dcfa0b474326ee9fe67c9e12b94a
85a3d8af7a1f1580c3d29069e046b0bc5cea5406a3015d7f2de17d76fdef8711
865988ba198aa6565740a50bbcb96eb95444d663b7aeff07b09af841495872c2
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8d7840852d4aa28d4fb4a64a788387345ed4caf3136c4a6e4d04106d99fc928a
8ef6d6383702bc06b134e946c269ece57f40b540882483d804cea173a235831c
8f4e3efc415de5dc0a548930c47fe3c3bebe654f6783140805bf9a16101a1f9b
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90dcaa5bda117bd3787553a7ad0c735b112538b0ae728d5dee5c175b7f63188c
912cc155f4bb11b6d6a0b37d046f87a0e0317a10a0c05bae207319e031cff8ad
91b4933bcb30cdf20db9e838865530175324a1d22d7ddd55d23a7e3e710cd10b
92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc
94cd40f993a3a51bb2c2cb869c547af8f5c3dce9b348aa1fbc2ad4a4eb272106
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
968223d9a08ecd504af62126c91de12e96fe95e2a3c00853d9b1a268dd6af653
9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f
9868771ea5e0a4c3144620dd358148a7a062bd5b1f9ff62afb321fc9469ab9a5
9cc058da8046efb3a04c5b02551f83bcff4221f0d2a65ef3a559e7d9546b674f
9d28bd682197710ea7c05b78dadf70e91b73480b45bd69a278f50d2030c7fedc
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9e60a41d7cc3c8c642a61b4707f23017f99d4ed04a5a4c91682d7b3c1cdc76b6
a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a
a2caf2de620b49e0e592622c32bc657cbd92dec7ec65509d15fad501f949672d
a3ae73e39c8f0c7fe25738a68c90b59f077c50e725ea4e64a6c7039ce1c1db93
a5068464290b2b7404e5f67f0bbbcabfc046b1e6d635430e91e77d96461c95ec
a7009f71c32e8e7edf47dacdf5412bb8b682624689768cd01ad3e1f1f77634fd
a942c14c1991ba24d8ecd3ef7b82d890cc85103aad360956770140c62116f7d2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7fb9bb73dd4ddf302f9292a1e2cd85368714a91ec369639372f972645646ba
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ac8c0a91bb4875fe462b8b99d1b4246cc46699a63e6ad201cc6e705654abff66
ace946e8f2a06dddc85cd16e81ed6a7ded3b78480917b6d2b87f150d21bd0cc3
ad9d718459a09f23762085255ea9d77865fc8158323392610b4d813c9a32c915
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8de7c35f98dad5c4d3ca124ed9f3711c648695ba73e6be3880cba491e0fad1
b034c556dd437cdd74e70deb98cd8da6fe3b513f6a76ef83adde44d47beb6883
b14bd413360e241c220633a5fcc61632b30f3a07fe710c1b2d936a1188f26842
b169d01195387778b2127793672c0a4052e3eb12a257e8d4f4b50871c957372d
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2
b7162506551e2a0d2e879c3c632bb99b6ff529cda98ed53b5e8c05fb994ead05
b80b4bfe6405fe68b42a652eb771057a01d3d5dc06c68563a11555c90f2325c7
b9f890550f6dbb628c0ce78d9bbb1584a6567b7768fbbe368f1332c65e1bf87e
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
bb51d1e5236e0daeb078e0df8e945e5a0afc06e83e0ed54281d9af4877f58df0
bbd4e359e91970423c18ed3ab0bb89ec00611ab471c3271e49287e9111be1986
bc65c6721af6fef8b02dca12cd466a18150acbe66203f45d76782f210194867e
be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c4cfb67d1e6e76f49acb85562df40b2e5fc02182dab519db9ba92646a9747b76
c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7
c7e58799078e5a29d5b03f677d5402d4c36edb7f2af33d6fad341cb998569ba2
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
c90f4a6f0a7fb37cc6ee93d6ce68a80ec8778397312bce2f729b673f2a5d6e79
c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb391d9f4753491dcda94c3995e1e80a09e4fa7092ae2ef2c5665620a987d43a
cd1817793fd6fb9a3852bb48d686ce34f24745b3230603e1181a4def76b31c6d
cd2d1f56c766b4e34d7c39585ea5e8b59f80f29425bfa4a3808db73a82373f52
ce628cae5a499a978e3786030f941b61fe70ae8bda2bc3f566186628775d58a2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d01eee8af54b3ea2049757a2f70dee96fa85fcc3e701a7ba0d4c5bd2fcd91e5d
d0488ee06f43c2b00eb16be7cf745e9ed686e79061d5dd3dea7d54b38aa98067
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d1b8a0fc8cd1e1cee4a88d59f5787fdd243f2fbf583f809d5c8d5028ea2b1162
d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d3e20841deb79b704c6aeb6200a763fefd9ef41ec0f73cea538bc2f8aa6f8b0f
d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3
d5b852070f62493e9d2dd39985da09c23f524ee551187883971b6210d1ec4d28
d622bf7a3a07d7df46cc7b61e076b908f2fc349138b71a40e60adbbdabad0494
d63bccdf3805ffff84e324ecff578b5bdbf49a867ab3c751509cff7d1bf3cb65
d6636fccc266d64d4326f20a7bfd5f7a477e6bb932a40264dbf972dd6a61f59e
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d998fa64aeb55db575764279dd678eca393e9c79171aa5fba28c9d241b72107d
d9bdf3c6f2b54eb583973ab55f1aecbadb232a09d299a7b18ec6e94959f84bee
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391
dcb9cfe0806811271a234910ea1c677417beb917eb637abdb312d9b33a19ee7e
dd1e395622ba3b297d6f5b522f13c7ce1682dd5ae900513cb9abb2bebf5f2cf6
de2223e46a7952c68666282f14bd7954b4969ab7f9d56cdfbbcd6b44f6bff36b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de45bcb98a25e03737c45b0282d1b142498e520b5749f3168761c854f2769436
df173c22699a580af5fc7e35726a17d7875d99fe824f3eefb2f4ff618537e1e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e453866cf8ed222d6f3134a0cb58fae456f9e7bfbff4ccfe7218e4186d1c4cbe
e4c17c45725d32dab299f02c2bfe4310ab0e9567dd1ca5c5ca32913a4f98ec48
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e5b18cec376b3175062ca56606d71fce402602cf02fa61296f2715d05aa90c80
e7939f8ecc9342b164288a90eaf6058f5eb40091ee89251d7b8dbbc3724a4c57
e9086c6aab4668300fa65f8a2bb6d1cb751282fdaea6a8901f3e62daa0987e49
ea96fd7ce63932fbc9213224d869baa7def0ffbd857e9e49a810f1c7c85fae6c
eb879743969938cb8f3c2d0c3963050d5c99866fd35891f68c5be0f938cc0765
ec982be0fe0cbc9c721b3aface05cd386bec46dea3f004ed49b395617b1cc594
edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee979b57f0f6e0526736f805d58e4994bc5ae9cdcf6664b6be5f56ed35d290cb
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f092cf05c597cc2653633471b0c96600e0c548ab7605fb57482d805e6a37a1ff
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531
f296ed20de9e6baea95f3c5cdcc9fb7d2c5f8790fc480cbbc355159d5206ea96
f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897
f3b8c90b0608fdf39e4a9cef5a2715a3bebe42498e4036e182dde366deae1f2d
f400f74cbbfded26019dac22318392131333ce23b77950ff1a2281d47c574a21
f60e068995c5dc8911f1005231516b055924e47a6bbf7a3efd0e71057fe08ceb
f6784ed7e640cc75abc5156ebe49d52a80c0291c8869a5333f39c9b984cfef25
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75ca0ab24d253d25934cf72cc029bf6d4d9944cfe62131c60338c43061c6aa9
f78d130165b70d4717f80919b45cf25f7fb1f51a78055970359f11688211276b
f80df881f4300620113717b24686456d7bd64ead2731d5c319ac1f1fd0fff489
f810b28de9346b9574fca0b9a15f4acc101e7f20d6863fe3ff86f3badf1f1a45
f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92
fcd78155ed45b65094ba1cee5506adf68c24172189e05765e6d9155986473e99
fd2f86b6a183bee3d16456fa035e14dfc12fe229ceae179ea1c2c26c584418a5
fe19334709cd41c6c626aa65d242a3c096e5ef4d92097fc19fc27ab73d31d50a
fedf7d86c7e52bb0f8b03d86a8cb2c83e038e3fedd5054c57f47c440043808cf

beforeitsnews.com Open in urlscan Pro 2606:4700:10::6816:4a8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

268 Requests

96 %HTTPS

70 %IPv6

32 Domains

56 Subdomains

48 IPs

11 Countries

7991 kBTransfer

20689 kBSize

14 Cookies

33 Outgoing links

Page URL History

Redirected requests

268 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4a8a Public Scan

Screenshot
Live screenshot

Full Image

268
Requests

96 %
HTTPS

70 %
IPv6

32
Domains

56
Subdomains

48
IPs

11
Countries

7991 kB
Transfer

20689 kB
Size

14
Cookies

268 HTTP transactions
4 data transactions