Submitted URL: http://mainstream.news/
Effective URL: https://mainstream.news/
Submission: On December 20 via manual from CZ — Scanned from DK

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 58 HTTP transactions. The main IP is 2606:4700:3031::ac43:8ebd, located in United States and belongs to CLOUDFLARENET, US. The main domain is mainstream.news.
TLS certificate: Issued by WE1 on November 9th 2024. Valid for: 3 months.
This is the only time mainstream.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
43 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 11 2a02:6b8::1:119 13238 (YANDEX YA...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
58 7
Apex Domain
Subdomains
Transfer
43 mainstream.news
mainstream.news
2 MB
9 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9443
4 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
130 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4577
76 KB
1 gpsites.co
gpsites.co — Cisco Umbrella Rank: 342372
9 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
58 6
Domain Requested by
43 mainstream.news mainstream.news
9 mc.yandex.com 2 redirects mainstream.news
mc.yandex.ru
2 fonts.gstatic.com fonts.googleapis.com
2 mc.yandex.ru 1 redirects mainstream.news
2 www.gstatic.com mainstream.news
1 gpsites.co mainstream.news
1 fonts.googleapis.com mainstream.news
58 7

This site contains no links.

Subject Issuer Validity Valid
mainstream.news
WE1
2024-11-09 -
2025-02-07
3 months crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.gstatic.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2024-10-20 -
2025-04-01
5 months crt.sh
gpsites.co
WE1
2024-12-16 -
2025-03-16
3 months crt.sh

This page contains 2 frames:

Primary Page: https://mainstream.news/
Frame ID: A9DED21A032DFFF0F946F0F492D92321
Requests: 56 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 58B37857F6015ABFA75B728338423669
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Home | mainstream.news

Page URL History Show full URLs

  1. http://mainstream.news/ HTTP 307
    https://mainstream.news/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

58
Requests

95 %
HTTPS

100 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

2596 kB
Transfer

3643 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mainstream.news/ HTTP 307
    https://mainstream.news/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10600.IqhjaXYrrh1pjqQ46Vg3ADerXh5LVSamqzO61iAdxKmvdWodxcYwgIdMul0y8sr8.-0Ocxjs1Icv4wZP4AIp8pS7qleo%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10600.8Giu6q57DeU3qKWPtXEH5CWtvs61FQS3_LuKFd-ovAC4mYODJnnQhSIZhkDTGiW65JBRTdId7oIUuc3s8vd7R72W8mlHfrErsQc0QMjLmlEulmRAEPmqgGVYBekqmUdBgnsxu2xtdosA-kVXYfHt6Vy71I8ESkHL1KMCXk8uPb7Ib1W-oozEYI7SaYiC66VjostzfV8nqKQwp0rOfS528bD0SthquQqPV4vVThgKjR8%2C.2hBMcisat-qVapw1lSi36UmyCvQ%2C
Request Chain 52
  • https://mc.yandex.com/watch/96709401?wmode=7&page-url=https%3A%2F%2Fmainstream.news%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersion%22%3A%226.7%22%2C%22pluginVersion%22%3A%221.2.0%22%2C%22ymCmsRip%22%3A%221597463007%22%7D%7D%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ada-DK%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A721942961300%3Ahid%3A669295383%3Az%3A60%3Ai%3A20241220144718%3Aet%3A1734702438%3Ac%3A1%3Arn%3A825567257%3Arqn%3A1%3Au%3A1734702438678507391%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A922%3Awv%3A2%3Ads%3A2%2C159%2C295%2C35%2C62%2C0%2C%2C541%2C1%2C%2C%2C%2C1098%3Aco%3A0%3Acpf%3A1%3Ans%3A1734702436791%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734702438%3At%3AHome%20%7C%20mainstream.news&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42541572)ti(1) HTTP 302
  • https://mc.yandex.com/watch/96709401/1?wmode=7&page-url=https%3A%2F%2Fmainstream.news%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersion%22%3A%226.7%22%2C%22pluginVersion%22%3A%221.2.0%22%2C%22ymCmsRip%22%3A%221597463007%22%7D%7D%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ada-DK%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A721942961300%3Ahid%3A669295383%3Az%3A60%3Ai%3A20241220144718%3Aet%3A1734702438%3Ac%3A1%3Arn%3A825567257%3Arqn%3A1%3Au%3A1734702438678507391%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A922%3Awv%3A2%3Ads%3A2%2C159%2C295%2C35%2C62%2C0%2C%2C541%2C1%2C%2C%2C%2C1098%3Aco%3A0%3Acpf%3A1%3Ans%3A1734702436791%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734702438%3At%3AHome%20%7C%20mainstream.news&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842541572%29ti%281%29

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
mainstream.news/
Redirect Chain
  • http://mainstream.news/
  • https://mainstream.news/
107 KB
23 KB
Document
General
Full URL
https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c732fbb4b6f7fcd3a3cf9eabaff6312a3a62854114fe38d219b69a998674b56

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f5015576ac4abd4-CPH
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 20 Dec 2024 13:47:17 GMT
link
<https://mainstream.news/wp-json/>; rel="https://api.w.org/" <https://mainstream.news/wp-json/wp/v2/pages/133>; rel="alternate"; title="JSON"; type="application/json" <https://mainstream.news/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HLLVcM0W0thfrgMilYUMbA7EsMQatao3XbE3DC4QYHxrnKlp6xVFj9zbtxgEoUQvrb2DtSYILNzhMbvIm9HoK1PMgATI%2BV9Sa0P7K88Hzh%2FW%2FvtnSwrrJTRbDYPCMFiPztLWudqlXhf84LjCOk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=34997&min_rtt=31129&rtt_var=12023&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4220&recv_bytes=4475&delivery_rate=501&cwnd=12000&unsent_bytes=0&cid=ce4d05751e832d18&ts=425&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-ua-compatible
IE=edge

Redirect headers

Location
https://mainstream.news/
Non-Authoritative-Reason
HttpsUpgrades
style.css
mainstream.news/wp-content/plugins/gutenberg/build/block-library/
112 KB
20 KB
Stylesheet
General
Full URL
https://mainstream.news/wp-content/plugins/gutenberg/build/block-library/style.css?ver=1734702438
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dc88e18ff7821d33a47dc62b24798ccee469938692bea68f863cfefd26679fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"671a93da-1beb1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I4EyYOZYAz%2B%2BBpkYxR4gWyG6TeWCvBLA41QAhJbTa4VektmIH1xG8YkLDOYV%2BSHEcUDLS5h2StJ69SCW3CunFRDGJa2jIptsn%2B3%2Be5HVpYqIHPSkqEq87i7o2RoCXjGTgXrB3Sj5VmFC62EYDsY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cb9abd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=60&recv=41&lost=0&retrans=0&sent_bytes=51371&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=603&x=1", cfExtPri, cfHdrFlush;dur=18
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
text/css
last-modified
Thu, 24 Oct 2024 18:37:14 GMT
vary
Accept-Encoding
priority
u=0,i=?0
login-with-phonenumber.css
mainstream.news/wp-content/plugins/login-with-phone-number/styles/
8 KB
3 KB
Stylesheet
General
Full URL
https://mainstream.news/wp-content/plugins/login-with-phone-number/styles/login-with-phonenumber.css?ver=6.7.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa1173bbd5601b44393df7df78bff0e2689a0c89ec2284d14d91a5b3d9436700

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66671fa9-1f72"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmXCY07PE60ZCDAS%2FSC5rFD3POiMsZ1rpUYGPCvBrKZJVeavNb0nqSkafrieSUUTy%2BnJUYbmvnpCbDQ5mWZDQ9UkonN7aKdTcVdssFUcVFK%2BB%2BhaLic4EgGqdrqB2ogUfyzFPlPH5739%2BWEKDWw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cbcabd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=48&recv=41&lost=0&retrans=0&sent_bytes=38409&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=600&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
text/css
last-modified
Mon, 10 Jun 2024 15:45:45 GMT
vary
Accept-Encoding
priority
u=0,i=?0
intlTelInput.min.css
mainstream.news/wp-content/plugins/login-with-phone-number/styles/
19 KB
4 KB
Stylesheet
General
Full URL
https://mainstream.news/wp-content/plugins/login-with-phone-number/styles/intlTelInput.min.css?ver=6.7.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a07f21fdb1d9756c715cf682308e306a33f054f5bcb97c50107b19ad2f087138

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66671fa9-4b13"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B4ifAtdsqs331zsfyV0Gh71iw0fw2aYplQNbZtZdJDZU0NYe7R0suGinGkK0kLceGYi7QVyT1MKa5yTAnTvyeDCO6SoI3oORKJkpnfa8B1qbx5%2BQI8EXXHZNXCPWJd45g2tKGgPwqZBSJ%2BUTkPM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cbdabd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=38&recv=41&lost=0&retrans=0&sent_bytes=28571&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=588&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
text/css
last-modified
Mon, 10 Jun 2024 15:45:45 GMT
vary
Accept-Encoding
priority
u=0,i=?0
main.css
mainstream.news/wp-content/themes/generatepress/assets/css/
29 KB
8 KB
Stylesheet
General
Full URL
https://mainstream.news/wp-content/themes/generatepress/assets/css/main.css?ver=3.4.0-alpha.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce08b1e16390cd90480841ece2bdfb1c0bd03dcf0ab7fac6b36af9ffe3349d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd73-7248"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vWe9et8S7WuZ09J%2FhS5EOrUDb3%2FYU%2Fptk8WfXAELov1Mbk5oO63%2BFI7KvUbCfoKSDz1LY%2BeG%2FOhka1rMl8uzQax1kkMqBstAeDouqxUrzJ%2B0Lxo2qggvkP4q9pYXBuZBBBG4HNxJpp2EuxQTmR8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cbfabd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=55&recv=41&lost=0&retrans=0&sent_bytes=45834&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=601&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
text/css
last-modified
Sun, 14 Apr 2024 12:34:59 GMT
vary
Accept-Encoding
priority
u=0,i=?0
style.css
mainstream.news/wp-content/themes/generatepress-child/
2 KB
2 KB
Stylesheet
General
Full URL
https://mainstream.news/wp-content/themes/generatepress-child/style.css?ver=3.4.0-alpha.1.1706141546
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eff57e5cf3dd71c6673503a660f547d16157db726b2ecbf84cdfe5022497f805

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd73-61b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y984iIGjR6bN9IDxiPHRDFr%2BghIm0iurtPRPSrKfO%2FqgIYnG%2FuYKeyNtGNBEhrhwqSh1Rp7%2F47E9w0Xz8x7jplp%2FogwtHSvbNfL8Co1DIH6XZ0P%2B8mEQgbs9duKKCQfucDdkQh8LrZD2fTTn%2FEM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cc2abd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=42&recv=41&lost=0&retrans=0&sent_bytes=32728&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=590&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
text/css
last-modified
Sun, 14 Apr 2024 12:34:59 GMT
vary
Accept-Encoding
priority
u=0,i=?0
css
fonts.googleapis.com/
73 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Serif+Pro%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic&display=auto&ver=3.4.0-alpha.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a28383babc595e301c438c9a1b2cd9cfe608e1f6a6826eff7ac86c957353a7a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 13:47:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 20 Dec 2024 13:47:17 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style.css
mainstream.news/wp-content/plugins/newsletter/
6 KB
2 KB
Stylesheet
General
Full URL
https://mainstream.news/wp-content/plugins/newsletter/style.css?ver=8.0.6
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6691a1e4560f5957547ba0bbff33c7066292c26031067beabaf01be85fae6790

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd6f-190b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OFdAsSUHSl8KmR271EH%2FAszAG0s81ckHVnfzBbkgxTeJ%2Fvah74pPOfXYEQuCwnwhNNHrAKwybr%2BAp1hraojhb4yblyfWXS2fjbotOFCFoLsWTjj%2B0zM8pA0CXCW2WHrl%2Bw1dM4727UDsHHnd0%2FM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cc4abd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=60&recv=41&lost=0&retrans=0&sent_bytes=51371&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=602&x=1", cfExtPri, cfHdrFlush;dur=19
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
text/css
last-modified
Sun, 14 Apr 2024 12:34:55 GMT
vary
Accept-Encoding
priority
u=0,i=?0
style-133.css
mainstream.news/wp-content/uploads/generateblocks/
15 KB
3 KB
Stylesheet
General
Full URL
https://mainstream.news/wp-content/uploads/generateblocks/style-133.css?ver=1713098128
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
181c3ccd121b593c47bf00f98b3b6368d347de5a6f373da3dfa8c3d0237f6945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd90-3a58"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAaHAyeMmJGExAi%2FGAwRWuQZzMHLdMBNTYxQa5MQFdfwwAs2jEP3yBmdTJ4rrN73I0dul9PnlymyDYnzamy8pEcwOpSxmGYH3cd3%2B%2BQAmzMXymmmHQ4PO5L0XJl5sQHR06K0gaiuwksxytuvPcE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599ccaabd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=60&recv=41&lost=0&retrans=0&sent_bytes=51371&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=601&x=1", cfExtPri, cfHdrFlush;dur=20
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
text/css
last-modified
Sun, 14 Apr 2024 12:35:28 GMT
vary
Accept-Encoding
priority
u=0,i=?0
offside.css
mainstream.news/wp-content/plugins/gp-premium/menu-plus/functions/css/
8 KB
3 KB
Stylesheet
General
Full URL
https://mainstream.news/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.css?ver=2.4.0-rc.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c580c2964ebb98e4fae7ad978eb2fd62e0d823de3211abde508266bff75a622b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd6d-1e34"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARPinwffuF6zHNkCT%2FunqeiNihTQH0HiNSeWoWo08fz%2FAsfSDB4gUzSE3s9FeG3lmnSoP%2BuIJWuf7HQQqVeAvqzqNDtOBJpCDM6Fx7qGj90nL625WVwENaaH8G%2FRBjlJSQQ%2Fmat%2BCK2nqZ41hno%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cccabd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=44&recv=41&lost=0&retrans=0&sent_bytes=34345&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=592&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
text/css
last-modified
Sun, 14 Apr 2024 12:34:53 GMT
vary
Accept-Encoding
priority
u=0,i=?0
navigation-branding-flex.css
mainstream.news/wp-content/plugins/gp-premium/menu-plus/functions/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://mainstream.news/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding-flex.css?ver=2.4.0-rc.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de5a2f1d66500d41cbfd54ca67339e23d69dc15c65a83655d3e16b4e566de89f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd6d-b0f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpJULtRmTuGMfup2KFVcj9epEduGGNtwLEHkjS63Puw2%2BnKt9educKpwZs1e%2BYojcnq13GIg1DY6NuEJhEMQily6ilgPkrxCLFbJ1Qp0n7NGUghlfpP6OWz6eFJEFNinUG8rLAPPbGiDQlEwEa8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cd0abd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=60&recv=41&lost=0&retrans=0&sent_bytes=51371&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=604&x=1", cfExtPri, cfHdrFlush;dur=17
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
text/css
last-modified
Sun, 14 Apr 2024 12:34:53 GMT
vary
Accept-Encoding
priority
u=0,i=?0
jquery.js
mainstream.news/wp-includes/js/jquery/
279 KB
101 KB
Script
General
Full URL
https://mainstream.news/wp-includes/js/jquery/jquery.js?ver=3.7.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e7f83052e1e3442c4397ced9555033cd1d3f08444d85960683bcf91c8433cdb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd93-45a96"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lcyu6mNgBbp9jwF10%2BoPskPKLoA0D8375xVMso5v7ZCbywzEFak5wEfjY3L2Puon6iSOMC86vCg%2FJt2NB4vg6q86alS9IsbDMs40YCKdIBmLwPsaF%2FzBHhmKXqF5sCJC3w9OwGvXgTGMyXfbI6Y%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cd3abd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=60&recv=41&lost=0&retrans=0&sent_bytes=51371&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=616&x=1", cfExtPri, cfHdrFlush;dur=6
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Apr 2024 12:35:31 GMT
vary
Accept-Encoding
priority
u=1,i=?0
YmEc.min.js
mainstream.news/wp-content/plugins/wp-yandex-metrika/assets/
4 KB
2 KB
Script
General
Full URL
https://mainstream.news/wp-content/plugins/wp-yandex-metrika/assets/YmEc.min.js?ver=1.2.0
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56a58b2a7d081644adf703dce04831d310de1c8971be34eb26c257866ab806a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd72-e46"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hi9LPfPR5cFe8u12lLUqwF9q9EjkbUU8Aq%2Fs%2FvzoLXxRhmzhCSmiHKPmWomucI9ey3c6SlrN79F10CDG2hnFCTU0w1ZeXaJ14Q5lOaM26%2Bq8B7Ghaxr7kfbwfciL5j3VObqPZkElBZWdjSazj9A%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cd4abd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=60&recv=41&lost=0&retrans=0&sent_bytes=51371&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=601&x=1", cfExtPri, cfHdrFlush;dur=21
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Apr 2024 12:34:58 GMT
vary
Accept-Encoding
priority
u=1,i=?0
jquery-migrate.js
mainstream.news/wp-includes/js/jquery/
31 KB
12 KB
Script
General
Full URL
https://mainstream.news/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f417c2e643b736c19e96b99e166681af1002e9b192b84e4e85b0794e764f7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd93-7cea"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aIsJP9trEfCuLytQp5PDUKmY6aPPpG%2F1VW4qEvy%2FtlokHMEZkSKfB617KlqNsF20BcYHMM14gXHtEPBgfvczEBJYj9mS0qRRi%2BLqacK8LopXON0xKacDYk7bxyPaDDd%2FxIjG%2F4TaVuRAvQ%2FCGFI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cd5abd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=60&recv=41&lost=0&retrans=0&sent_bytes=51371&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=602&x=1", cfExtPri, cfHdrFlush;dur=20
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Apr 2024 12:35:31 GMT
vary
Accept-Encoding
priority
u=1,i=?0
frontend.min.js
mainstream.news/wp-content/plugins/wp-yandex-metrika/assets/
388 B
938 B
Script
General
Full URL
https://mainstream.news/wp-content/plugins/wp-yandex-metrika/assets/frontend.min.js?ver=1.2.0
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d96d5c7dd4e5d51d3ba167d24d4260d10a62ef1546b213883ecb4066fbd46c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd72-184"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I8uYrh46cQZ9B7ncSxz5m5nHpRXbFWFMzZ0LP%2BKv6CpZdWgaQSC5ytd0mWBnOqcTg7T3MYZYirY1%2BdRcOAA0LiMSyjrAseSwUQFBlnGI34nAbylhvoBYIwGrmjlISJW7eJMlUOd1Ot7Q9sI1AgA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cd7abd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=47&recv=41&lost=0&retrans=0&sent_bytes=37448&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=594&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Apr 2024 12:34:58 GMT
vary
Accept-Encoding
priority
u=1,i=?0
jquery.validate.js
mainstream.news/wp-content/plugins/login-with-phone-number/scripts/
39 KB
13 KB
Script
General
Full URL
https://mainstream.news/wp-content/plugins/login-with-phone-number/scripts/jquery.validate.js?ver=6.7.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
700c028b541d5fac50bf4f5f5111351cd34b09d814051e12de5fc852e0a46d3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66671fa9-9b07"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B9HNkmPmFs3tvzoEB001g%2FD1ygvVuSPVYficMMvGS5tvkBnv%2Bkia2bF38IbwMDQm8xm25CY29Mb84Ta5PfxgzzZitgRmjAydPNBomvPvGbthyie%2B7ivAP34JK1P%2BhwZrROLEaNiGnTv%2FA9Cwkiw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cd8abd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=60&recv=41&lost=0&retrans=0&sent_bytes=51371&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=603&x=1", cfExtPri, cfHdrFlush;dur=21
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 10 Jun 2024 15:45:45 GMT
vary
accept-encoding
priority
u=1,i=?0
login-with-phonenumber.js
mainstream.news/wp-content/plugins/login-with-phone-number/scripts/
23 KB
5 KB
Script
General
Full URL
https://mainstream.news/wp-content/plugins/login-with-phone-number/scripts/login-with-phonenumber.js?ver=6.7.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
701c19a3db55e04e5bc57bb18ea450d9302de61bec6ea80a64f9309d113a97d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66671fa9-5ca9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ePNhAeE991RpwFFXURlHQooE4%2BH6plRlcaLdfYJ%2BkO5DDcxhF6dmuBHCf0DOkOUGBQcb9BxQS9ElrcpwmfybqJAtIijaJv0t4AS60YzrIdpiAGxDg98XancFHxj%2Fe57YJMfVkqELkfV9412lRI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cdbabd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=60&recv=41&lost=0&retrans=0&sent_bytes=51371&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=607&x=1", cfExtPri, cfHdrFlush;dur=25
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 10 Jun 2024 15:45:45 GMT
vary
Accept-Encoding
priority
u=1,i=?0
firebase-sender.js
mainstream.news/wp-content/plugins/login-with-phone-number/scripts/
12 KB
4 KB
Script
General
Full URL
https://mainstream.news/wp-content/plugins/login-with-phone-number/scripts/firebase-sender.js?ver=6.7.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8466554cb1518087185dd042c92a2a443aa04eb699358281fd0bd391ed094734

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66671fa9-3131"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EDablC%2Fzao%2Fer76EIKag8%2FuQAHSOcq8d%2Fc%2BxK%2BJI0P4ZZusP9VMLX51hGJOaJW1Df7rmYU5X2AAqgw4W7%2B5Dcn5J5bY%2BtN0pFiFBm38bZfoCt1mrpd6%2FfAgul5%2FVGh5caRCCuBCiZ2oJ4bwB5go%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5015599cddabd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=51&recv=41&lost=0&retrans=0&sent_bytes=41645&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=600&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 10 Jun 2024 15:45:45 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cropped-cropped-mainstream-news-letters-1.png
mainstream.news/wp-content/uploads/2024/01/
61 KB
62 KB
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/01/cropped-cropped-mainstream-news-letters-1.png
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a2fa6e93c01304d161a9e37652a5196a537d5419b9078756976ff64fad11ae0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"661bcd74-f51c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hp9X2oJxaSqxx%2FaPwH%2B1WvzY9F6AQN6i6nIEs%2BUGA%2FnUn80Tc1BtiqqBqm1OcqTwro4efU%2FI%2Fz0DEsw2JgUOphbDD2vXdn3QXdzNBFfGZ1CRL1heg3Rq1N4mTio%2BGfmCCdwucBZ1jTaKj5bLAtg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39166&min_rtt=30589&rtt_var=6282&sent=95&recv=52&lost=0&retrans=0&sent_bytes=86171&recv_bytes=12019&delivery_rate=196905&cwnd=34800&unsent_bytes=0&cid=ce4d05751e832d18&ts=637&x=1", cfExtPri, cfHdrFlush;dur=19
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/png
last-modified
Sun, 14 Apr 2024 12:35:00 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5015599ce0abd4-CPH
accept-ranges
bytes
content-length
62748
server
cloudflare
cropped-mainstream-news-round.png
mainstream.news/wp-content/uploads/2024/01/
150 KB
150 KB
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/01/cropped-mainstream-news-round.png
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57fbae88a6d22ad9ec2743a107803b5c8255c4049f0d07f6074f6abc3bfcaa7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"661bcd74-256b7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JP8kj%2BH19WlO84Gjz7Td7xZg00W4jHOCKLwIM8WFG43NMWEvrn8BwoBoCgJiw39B8lwB0ht6TH4mGbxzDpR1cUnjOTl2j0vcwl6k7%2FTQlGTMRJXyU30C7f%2FBzSOhwS6xiH6JNV20rzq3%2BTzdQAY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39166&min_rtt=30589&rtt_var=6282&sent=95&recv=52&lost=0&retrans=0&sent_bytes=86171&recv_bytes=12019&delivery_rate=196905&cwnd=34800&unsent_bytes=0&cid=ce4d05751e832d18&ts=637&x=1", cfExtPri, cfHdrFlush;dur=19
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/png
last-modified
Sun, 14 Apr 2024 12:35:00 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5015599ce2abd4-CPH
accept-ranges
bytes
content-length
153271
server
cloudflare
67655b86b480cc461d68ae14.jpg
mainstream.news/wp-content/uploads/2024/12/
27 KB
27 KB
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/12/67655b86b480cc461d68ae14.jpg
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43d85e70367ed256d4ff6345c8e56d28215f92815b2ba3ca4c55829f01fd12d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"676566d0-6a3a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mHGSethu%2BadYHIW3XVF8ioSHhuZ0n9qvqF%2FcywreJ9JSCRi4P2WdQdt266LyHldFAY5RrCq3oXMvxPWkDpvw6csI6gEBM57U7%2FWRBjKLXxbL%2BG%2FaT8LCWxdGmhhuUnbaV3Rx50PTDBgchS6wT24%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32230&min_rtt=30589&rtt_var=1247&sent=60&recv=41&lost=0&retrans=0&sent_bytes=51371&recv_bytes=11546&delivery_rate=415713&cwnd=22800&unsent_bytes=0&cid=ce4d05751e832d18&ts=617&x=1", cfExtPri, cfHdrFlush;dur=15
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/jpeg
last-modified
Fri, 20 Dec 2024 12:45:04 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5015599ce5abd4-CPH
accept-ranges
bytes
content-length
27194
server
cloudflare
676549f048fbef5e017647c1.jpg
mainstream.news/wp-content/uploads/2024/12/
25 KB
26 KB
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/12/676549f048fbef5e017647c1.jpg
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b17d69a86ec40437a9da7f8f04f455462876385ceb7ecd63ef33f0c18d63d3ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"676551b8-638c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9CHaJTxTifXLnMq7xj8ZQho4o91XAqtw5jEOvx0pn2dXabYqQzrjInwN%2Fp5Jjip23tv3zT6IpHQ2iek7Dj01BpzMb3YCXiynAVYL%2F0d8gdT96WJfAw7iPK4nyuTcUzaePQbmouRsiyKX%2FCYjIM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31850&min_rtt=30589&rtt_var=519&sent=462&recv=127&lost=0&retrans=0&sent_bytes=501109&recv_bytes=21001&delivery_rate=6353461&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=852&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/jpeg
last-modified
Fri, 20 Dec 2024 11:15:04 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f50155b2e68abd4-CPH
accept-ranges
bytes
content-length
25484
server
cloudflare
6765246148fbef56c8053d37.jpg
mainstream.news/wp-content/uploads/2024/12/
21 KB
22 KB
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/12/6765246148fbef56c8053d37.jpg
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec77cb64bef44bf250dd841189a6481eae1a5150555afca6a2e52f511bd5a22f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"67652c39-5382"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YwmOv%2FEOPTob2V4LeYbdEpjQ9JtASAfiooPRccq4qjVfMxQQoEbtRdwFYj3ZoF3eqNhmgr3IhNf03V4McKCMU2LaK2%2BY7bQ4gsJJSS3PAUpIIP7BgFbAmoEyQXPX4%2B%2Bk2%2F2Ml3ehaYfeKYz4Mlw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31850&min_rtt=30589&rtt_var=519&sent=498&recv=127&lost=0&retrans=0&sent_bytes=542413&recv_bytes=21001&delivery_rate=6353461&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=861&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/jpeg
last-modified
Fri, 20 Dec 2024 08:35:05 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f50155b2e7eabd4-CPH
accept-ranges
bytes
content-length
21378
server
cloudflare
sticky.js
mainstream.news/wp-content/plugins/gp-premium/menu-plus/functions/js/
18 KB
6 KB
Script
General
Full URL
https://mainstream.news/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.js?ver=2.4.0-rc.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
346277e73efa44820d57a31fd8fb53f6a8121f4ff95da799d54f3160e2a3ec81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd6e-48c3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W0OuPwsWIJ0Q8lKwMKdSxkrHSY9Tk4AlmJTWq2kOI49fPFiaGVLLB9b4HX8PKFXhGfJ3KP%2BYs3xrmTuiTVWA6ZppcHXG9r8Qx4CDTD1yzrKoioTOHkQLc%2Fo6xE3wqD3wm%2FJQcEMA9a%2BDMy41mmQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f50155b2e6eabd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31850&min_rtt=30589&rtt_var=519&sent=455&recv=127&lost=0&retrans=0&sent_bytes=494772&recv_bytes=21001&delivery_rate=6353461&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=851&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Apr 2024 12:34:54 GMT
vary
Accept-Encoding
priority
u=2,i=?0
offside.js
mainstream.news/wp-content/plugins/gp-premium/menu-plus/functions/js/
24 KB
7 KB
Script
General
Full URL
https://mainstream.news/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.js?ver=2.4.0-rc.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12a9b579880d74956057d3aaf9bd1fc0c66572cf75d272ab7fe262a6abb92d41

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd6e-61dd"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CIxOenouuQG%2BzOzq8ULuJIdnwrN50QEeH9Y8eB0Zxm2xZa33s7Bw5exf4ZJ%2FWKm93W4HKPQFnuIznJEdXwTu4V43E7eyZVvHqTaoahUjR6%2B%2FSTab6VIKEK%2FXbltBNr7DW8bFP9l%2Ft4I58aX%2Bx3g%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f50155b2e73abd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31850&min_rtt=30589&rtt_var=519&sent=485&recv=127&lost=0&retrans=0&sent_bytes=527873&recv_bytes=21001&delivery_rate=6353461&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=854&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Apr 2024 12:34:54 GMT
vary
Accept-Encoding
priority
u=2,i=?0
newsletter.min.js
mainstream.news/wp-content/plugins/wp-yandex-metrika/assets/
285 B
921 B
Script
General
Full URL
https://mainstream.news/wp-content/plugins/wp-yandex-metrika/assets/newsletter.min.js?ver=1.2.0
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21940b9b29305e3cb787048e72192007ee02a592cefcd7244354c6ae9c048aca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd72-11d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FpDINO2NzxHNs3U4DBbhJwBJDQSXapi3ZX0YCnDAcjsQDtBw3LI8V%2FTOiYqglvzAF8st305ch8Z2yeAiFVUaWZlgFnNSkfMvNfbobaickF38adrB6r%2FaiChq%2B3PXzdic9GXjzxkgd6xF5Lxt2Y%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f50155b2e76abd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31850&min_rtt=30589&rtt_var=519&sent=439&recv=127&lost=0&retrans=0&sent_bytes=476434&recv_bytes=21001&delivery_rate=6353461&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=848&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Apr 2024 12:34:58 GMT
vary
Accept-Encoding
priority
u=2,i=?0
firebase-app.js
www.gstatic.com/firebasejs/7.21.0/
20 KB
7 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/7.21.0/firebase-app.js?ver=6.7.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ca9a620008d3be7b876a4eabc9576c19d8912011cc2d68e6c433f964787687d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

content-encoding
gzip
age
71347
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 17:58:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 17:58:10 GMT
last-modified
Thu, 17 Sep 2020 21:07:41 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
6665
x-xss-protection
0
server
sffe
firebase-auth.js
www.gstatic.com/firebasejs/7.21.0/
170 KB
55 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/7.21.0/firebase-auth.js?ver=6.7.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b91a35bb0802dd81da6f485effa935d900bb61725f8ce61382759e7369724d7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

content-encoding
gzip
age
71347
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 17:58:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 17:58:10 GMT
last-modified
Thu, 17 Sep 2020 21:07:37 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
55449
x-xss-protection
0
server
sffe
intlTelInput.min.js
mainstream.news/wp-content/plugins/login-with-phone-number/scripts/
29 KB
13 KB
Script
General
Full URL
https://mainstream.news/wp-content/plugins/login-with-phone-number/scripts/intlTelInput.min.js?ver=6.7.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
079f6d8357d02c94dfd5bffb32fce255a093f0098439fb683407c126ab00c015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66671fa9-734f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s0ThCYbsZefRJe1%2FlUNS2GP%2FbWamUqrpXW24IW78cOG1RROHXPyD%2FtpgqumR9pRKvoUfxPMpP6HPwoJt9XZvdMxA9eYTVYUL3Cc0ciCOy9SzE6K%2FPapcTlGdRjfkVuCwbp9KgcF3j5umyIBMPsQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f50155b2e78abd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31850&min_rtt=30589&rtt_var=519&sent=444&recv=127&lost=0&retrans=0&sent_bytes=481597&recv_bytes=21001&delivery_rate=6353461&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=850&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 10 Jun 2024 15:45:45 GMT
vary
Accept-Encoding
priority
u=2,i=?0
menu.js
mainstream.news/wp-content/themes/generatepress/assets/js/
13 KB
4 KB
Script
General
Full URL
https://mainstream.news/wp-content/themes/generatepress/assets/js/menu.js?ver=3.4.0-alpha.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18d279432876f48e6fc5db9c28517314ded7a34d29f8626b1efed5b1e2e351ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd73-34f9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d8rrzCRD9r2QPnlvzlRYyWgDH%2BcCliA%2BQczPpSKTlTqgaQyn%2BNnKPBG49LypH5zgXeY%2By97v4H9P2xtJ1scit1ZQ1Kd5SyNg2Xfue%2FehUlQWYeCFPBrekHp3kQD%2FHnRQBfeMT7Opl4iIw4tEnJ4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f50155b2e7aabd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31850&min_rtt=30589&rtt_var=519&sent=440&recv=127&lost=0&retrans=0&sent_bytes=477379&recv_bytes=21001&delivery_rate=6353461&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=850&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Apr 2024 12:34:59 GMT
vary
accept-encoding
priority
u=2,i=?0
modal.js
mainstream.news/wp-content/themes/generatepress/assets/dist/
3 KB
2 KB
Script
General
Full URL
https://mainstream.news/wp-content/themes/generatepress/assets/dist/modal.js?ver=3.4.0-alpha.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91b2dc9cd7ac64ecf6e58b3a6929024bb30b9af8de18de40d63e10ec4fbb35ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd73-d65"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5JSOkkgRGg2hMkgfFbM6LQ2gyIIK8ee3YU%2Fvp2%2Fh219T50tZtMub%2FOeTSPvTqNhvj7ZZBuO6iUWhhtctwKLmz4umDpygCa19YrOIi0w6zGK9X0hoBSXVvg9ol7pXbWsKjNLA2A6Ea0LWhb3yOJA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f50155b2e7cabd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31850&min_rtt=30589&rtt_var=519&sent=435&recv=127&lost=0&retrans=0&sent_bytes=472624&recv_bytes=21001&delivery_rate=6353461&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=837&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Apr 2024 12:34:59 GMT
vary
Accept-Encoding
priority
u=2,i=?0
back-to-top.js
mainstream.news/wp-content/themes/generatepress/assets/js/
2 KB
1 KB
Script
General
Full URL
https://mainstream.news/wp-content/themes/generatepress/assets/js/back-to-top.js?ver=3.4.0-alpha.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e817f5e37c3b19c9a55956933705e8e28a84f82e5481bce25fb4ec005e2b27e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd73-73d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sq7D00rLJi29stOA6j1wgNWMcA06lPy%2FbOGPMY53FuEFcweKmeV26TOL%2FJYljuu8FuwqXrsv4A5Y73GKBJOuLX960vq%2FzzIjBaAyE1qKvber5llO7bqx0pVE3byFS238MlPfSLxOcG%2BQCM0C8sE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f50155b2e7dabd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31850&min_rtt=30589&rtt_var=519&sent=437&recv=127&lost=0&retrans=0&sent_bytes=474864&recv_bytes=21001&delivery_rate=6353461&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=846&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Apr 2024 12:34:59 GMT
vary
Accept-Encoding
priority
u=2,i=?0
aed06768-c994-4439-bffa-071119843a9b
https://mainstream.news/ Frame
0
0

tag.js
mc.yandex.ru/metrika/
222 KB
76 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
ab6f545892f640da445a4695190e0e9eab30b2119cbbb2a0e40b2d96462eb039
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
etag
"67655eba-12b7d"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Fri, 20 Dec 2024 14:47:17 GMT
access-control-allow-origin
*
content-length
76669
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
cropped-cropped-mainstream-news-letters-1.png
mainstream.news/wp-content/uploads/2024/01/
61 KB
0
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/01/cropped-cropped-mainstream-news-letters-1.png
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a2fa6e93c01304d161a9e37652a5196a537d5419b9078756976ff64fad11ae0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"661bcd74-f51c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hp9X2oJxaSqxx%2FaPwH%2B1WvzY9F6AQN6i6nIEs%2BUGA%2FnUn80Tc1BtiqqBqm1OcqTwro4efU%2FI%2Fz0DEsw2JgUOphbDD2vXdn3QXdzNBFfGZ1CRL1heg3Rq1N4mTio%2BGfmCCdwucBZ1jTaKj5bLAtg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39166&min_rtt=30589&rtt_var=6282&sent=95&recv=52&lost=0&retrans=0&sent_bytes=86171&recv_bytes=12019&delivery_rate=196905&cwnd=34800&unsent_bytes=0&cid=ce4d05751e832d18&ts=637&x=1", cfExtPri, cfHdrFlush;dur=19
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/png
last-modified
Sun, 14 Apr 2024 12:35:00 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5015599ce0abd4-CPH
accept-ranges
bytes
content-length
62748
server
cloudflare
education.svg
gpsites.co/newsroom/wp-content/uploads/sites/126/2021/04/
31 KB
9 KB
Image
General
Full URL
https://gpsites.co/newsroom/wp-content/uploads/sites/126/2021/04/education.svg
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f7f758bfb47048bb6134f35e7f9df09d4d4a6a8df815ae999bd683d9b2c3d70

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"7d34-5ededabd5d246"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTnPiLOKafEEPiS8W7%2BXpGEv%2Be%2FLUjkZFIJy3EchixgrLrIzWvE74m1LrpDYj4Y0mfgNsCxhNu0q%2BP5%2B3zYBtaomxgqludycfzTndJUAL4LsQlRukUNL94oERMUAgySYls%2BbdZpkDIjH"}],"group":"cf-nel","max_age":604800}
cf-ray
8f50155b8b4febcd-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30685&min_rtt=30540&rtt_var=4904&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4151&recv_bytes=4415&delivery_rate=502&cwnd=12000&unsent_bytes=0&cid=796a971ebc420c53&ts=164&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
last-modified
Sun, 20 Nov 2022 21:32:09 GMT
priority
u=1,i
2024-01-05_19-04-49.png
mainstream.news/wp-content/uploads/2024/01/
162 KB
163 KB
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/01/2024-01-05_19-04-49.png
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3be2395110ca17dfa2ddbdfb9ea49ba04a8af65e93a9755ac500378c050d229a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"661bcd74-2887b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FLDJI%2FadLWPYq3eY46aghWl9tJbolyAwKLr2njXRy8HeXj%2Fz6P8YopkoJkQHIISKKaBCNRWiwEnfU1Q9%2Ff30l%2BLAegbTRSlyA6NtX19Oc7tuxlh7LkIFa%2BZQJ0wihqHA340YIt17CO4TOv14qb0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32631&min_rtt=30589&rtt_var=1951&sent=540&recv=128&lost=0&retrans=0&sent_bytes=590297&recv_bytes=21046&delivery_rate=19547&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=881&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/png
last-modified
Sun, 14 Apr 2024 12:35:00 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f50155b3e82abd4-CPH
accept-ranges
bytes
content-length
166011
server
cloudflare
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Serif+Pro%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic&display=auto&ver=3.4.0-alpha.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://mainstream.news
Referer
https://fonts.googleapis.com/

Response headers

age
307902
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 00:15:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 00:15:35 GMT
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
32796
x-xss-protection
0
server
sffe
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/
37 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Serif+Pro%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic&display=auto&ver=3.4.0-alpha.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://mainstream.news
Referer
https://fonts.googleapis.com/

Response headers

age
255944
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 14:41:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 14:41:33 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
6765543448fbef5e017647cb.jpg
mainstream.news/wp-content/uploads/2024/12/
35 KB
36 KB
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/12/6765543448fbef5e017647cb.jpg
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84299aff1913260f854f169d15c68e7005788ce89014f44d1d5288ade5e02688

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"6765715c-8ca4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BlzIOy6I37czZ6EpTp8SsTNRA3yjh4p%2FXEjXqu%2B1P2kHMd2HysAwCGUbBb4AYt1TmKcRBqROsl80JE40qlTMI6W0yIw1ci7oohcWRMLsMHj5dsHbKvIknIRB%2BOdzpYKskmav0U%2BwmKUmAvRRjss%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32018&min_rtt=30504&rtt_var=1469&sent=596&recv=132&lost=0&retrans=0&sent_bytes=655980&recv_bytes=21222&delivery_rate=405664&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=884&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/jpeg
last-modified
Fri, 20 Dec 2024 13:30:04 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f50155b4e95abd4-CPH
accept-ranges
bytes
content-length
36004
server
cloudflare
67655b86b480cc461d68ae14-150x150.jpg
mainstream.news/wp-content/uploads/2024/12/
6 KB
6 KB
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/12/67655b86b480cc461d68ae14-150x150.jpg
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e87c32c1e1c3b7e0bef9e45ce6646286cb25d3b24efc8e622f54145432b6c07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"676566d2-167a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buhawXgfDDX6tNXnMI94g6pZhSeZUIeHE6O6lSrJXnKVG%2BeK4YmkZ%2Bb1mzLXChuE%2FOym4FsMiKcwNhkwkz3klh5tNxwMC3Qa5%2FNmB5t7L7Ch27TDBnuYE%2FzGuEeyQ8K%2FX83Tw3%2F0fqReQBag6CM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31850&min_rtt=30589&rtt_var=519&sent=518&recv=127&lost=0&retrans=0&sent_bytes=566413&recv_bytes=21001&delivery_rate=6353461&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=862&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/jpeg
last-modified
Fri, 20 Dec 2024 12:45:06 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f50155b4e99abd4-CPH
accept-ranges
bytes
content-length
5754
server
cloudflare
67653a20b480cc632d79c60c-150x150.jpg
mainstream.news/wp-content/uploads/2024/12/
5 KB
5 KB
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/12/67653a20b480cc632d79c60c-150x150.jpg
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ad4c273bf82db710e3c113a6a758f19ffd1bfd391dce7bc4fc0b102cffa177b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"676558c2-1317"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4s%2FvnkRXXI0%2FW6JGa7S1YwNUXlA6f42GqHFe617a4CH0xdYq5P5uueKWBnPivUkOcqo1kNyhikMSLhp2FU1bqEy1LLnF2COuY2zN5QfVZqitIC1LG9iOk6Zzy1ue7seuuoQrRzEW7DmmnP5pth0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31850&min_rtt=30589&rtt_var=519&sent=529&recv=127&lost=0&retrans=0&sent_bytes=577764&recv_bytes=21001&delivery_rate=6353461&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=865&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/jpeg
last-modified
Fri, 20 Dec 2024 11:45:06 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f50155b4e9cabd4-CPH
accept-ranges
bytes
content-length
4887
server
cloudflare
676549f048fbef5e017647c1-150x150.jpg
mainstream.news/wp-content/uploads/2024/12/
6 KB
6 KB
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/12/676549f048fbef5e017647c1-150x150.jpg
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
528a5cc7b06016ad3014eccf2424cd8e0879c37452c806860e5f9438ebe215f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"676551ba-1744"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aoP2Uu2Ar1F6YfFIOR8e%2BwraveA2R9COShSNa6qoEES560htGn4PPaOAhGhTt0JXU3BYaFTDc8llh1hPXNaCWarP3bnsqtFPcFRQo0zgqRfpSEMZmgybGrVt2SIkjrKYQ%2F9gjLcQE2RpL4tr7Ns%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31850&min_rtt=30589&rtt_var=519&sent=492&recv=127&lost=0&retrans=0&sent_bytes=535625&recv_bytes=21001&delivery_rate=6353461&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=860&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/jpeg
last-modified
Fri, 20 Dec 2024 11:15:06 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f50155b4e9dabd4-CPH
accept-ranges
bytes
content-length
5956
server
cloudflare
6765268bb480cc46b968e2be-150x150.jpg
mainstream.news/wp-content/uploads/2024/12/
5 KB
6 KB
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/12/6765268bb480cc46b968e2be-150x150.jpg
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
177a2189d3db025aea363f4c9fae6f9dc1facce11e850627307ed54398e2ac0c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"67653f03-14f2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8KB14TTyfCFss1JDWy6LTS9TU8lBORVKUD5Zwc1ZJzGiok%2F%2B%2Faoyi4%2B1mdUQzh4l37aG4UjrU4CwGNOhqxISKCCWbcA6pNT73yQI4WGLjvaWLpjmsqDNkIk%2FVuYa7vc1dKFVAvSLe8QPAPRDqjM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31850&min_rtt=30589&rtt_var=519&sent=508&recv=127&lost=0&retrans=0&sent_bytes=554413&recv_bytes=21001&delivery_rate=6353461&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=862&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/jpeg
last-modified
Fri, 20 Dec 2024 09:55:15 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f50155b4e9eabd4-CPH
accept-ranges
bytes
content-length
5362
server
cloudflare
podcast2-titel-768x768.png
mainstream.news/wp-content/uploads/2024/03/
834 KB
835 KB
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/03/podcast2-titel-768x768.png
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f226730dc507b07c488cef95b89b4a033b528fdb5ac37be46ed60aa19d31ee8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"661bcd86-d09b8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FKSyr7Gjc0bK4I4Nz17JZGF0%2FtNkUdhQMLrBqLyxoAqFAAqZ6wFo4sBGnbBnZht9B91F0sicGGW2yLmsVxwMOfFAj%2BfqpDmjtbJIo%2FvCym9ItSqbSLmWrzFe5PtybRZMA433Qc%2FbRkfSRitXSss%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31932&min_rtt=30504&rtt_var=595&sent=656&recv=137&lost=0&retrans=0&sent_bytes=727042&recv_bytes=21446&delivery_rate=901860&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=899&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/png
last-modified
Sun, 14 Apr 2024 12:35:18 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f50155b4ea0abd4-CPH
accept-ranges
bytes
content-length
854456
server
cloudflare
odcast-1-titel-768x768.png
mainstream.news/wp-content/uploads/2024/03/
766 KB
767 KB
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/03/odcast-1-titel-768x768.png
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f52e363a239ae00e6428c50833ceefec2b9551a88e573e874736d725188e324f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"661bcd86-bf802"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xRHQUS%2FZuuAf6uB0W37CDJSiK5JG6rDutyH%2F3CXj66RHQ%2FDVVfsGRMGVjR3ve%2FvvqJrpSZtWj8reu3j5IY6ROKhv9tTzhQGTBTDqyJt8ecdSxkdtTz82q7ZqzL1UbeXhxZfAWXSMLmuNZsKmD0A%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32131&min_rtt=30504&rtt_var=845&sent=711&recv=138&lost=0&retrans=0&sent_bytes=792699&recv_bytes=21491&delivery_rate=998649&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=903&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/png
last-modified
Sun, 14 Apr 2024 12:35:18 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f50155b4ea1abd4-CPH
accept-ranges
bytes
content-length
784386
server
cloudflare
mainstream-news-round-150x150.png
mainstream.news/wp-content/uploads/2024/01/
6 KB
7 KB
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/01/mainstream-news-round-150x150.png
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24bdf0db7bf7e5111205ac617060eb7cb05e49bd4c7d74c4ac7ec94a5240e8c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"661bcd74-1776"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qgRFlAc0a1C84fMWxWtxkFPRtjaHd1M1QaBgPkaH3tA4nm%2FNze3W12cil9xaJ091DImAzvakOeDSExyON85WXNLkC2%2F0ndyHoUtMaHsLbOdjZXrubVmVrscJ77rcSjOXTBWfVqo5qZpu3wjMuaQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31850&min_rtt=30589&rtt_var=519&sent=534&recv=127&lost=0&retrans=0&sent_bytes=583459&recv_bytes=21001&delivery_rate=6353461&cwnd=233700&unsent_bytes=0&cid=ce4d05751e832d18&ts=868&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/png
last-modified
Sun, 14 Apr 2024 12:35:00 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f50155b4ea2abd4-CPH
accept-ranges
bytes
content-length
6006
server
cloudflare
twemoji.js
mainstream.news/wp-includes/js/
32 KB
10 KB
Script
General
Full URL
https://mainstream.news/wp-includes/js/twemoji.js?ver=6.7.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b75fdcb9cb724ed0e6a3c091e5ea96250e16643c5b9c6427a6240fff3c026e22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd93-80a6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1kcjJuYPrxsc7WjiCY6h1zD363ybxmDu1A%2BtWv%2Bf4WxPiEWu2YlzMvFSfCeQDQAgXX86HF0YSCHseE%2Fk0%2BVLb3aQRgZbz%2BJ1X6xM62LIUIQG25LE%2FVX9HLfpt7q2tq%2Fj8rgZ80pUEhwF7n6MHo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f50155cdff3abd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31005&min_rtt=30287&rtt_var=416&sent=2142&recv=305&lost=1&retrans=1&sent_bytes=2479576&recv_bytes=29823&delivery_rate=12533652&cwnd=622230&unsent_bytes=0&cid=ce4d05751e832d18&ts=1112&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Apr 2024 12:35:31 GMT
vary
Accept-Encoding
priority
u=3,i=?0
wp-emoji.js
mainstream.news/wp-includes/js/
9 KB
4 KB
Script
General
Full URL
https://mainstream.news/wp-includes/js/wp-emoji.js?ver=6.7.1
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9d54383a1ae1cc16b30c0a748ff78cebfffede0e53dd7821dfcb6328ccef47e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661bcd93-2309"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oXyB4BgERzkc1jimSRkt0H3tUb9mkO%2BORedwKTUo7HhLyShvcoDH3recTgppHVPuW8O0DJ9vi2VkOYvqv6ugvOFiod0e1woZdCNy99psm%2BikOdNSR0t%2BjTZ%2B8gMdY32LSIwIpW6lWCt18LnNipc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f50155cdff4abd4-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31005&min_rtt=30287&rtt_var=416&sent=2152&recv=305&lost=1&retrans=1&sent_bytes=2490546&recv_bytes=29823&delivery_rate=12533652&cwnd=622230&unsent_bytes=0&cid=ce4d05751e832d18&ts=1113&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Apr 2024 12:35:31 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cropped-cropped-mainstream-news-letters-1.png
mainstream.news/wp-content/uploads/2024/01/
61 KB
0
Image
General
Full URL
https://mainstream.news/wp-content/uploads/2024/01/cropped-cropped-mainstream-news-letters-1.png
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a2fa6e93c01304d161a9e37652a5196a537d5419b9078756976ff64fad11ae0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"661bcd74-f51c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hp9X2oJxaSqxx%2FaPwH%2B1WvzY9F6AQN6i6nIEs%2BUGA%2FnUn80Tc1BtiqqBqm1OcqTwro4efU%2FI%2Fz0DEsw2JgUOphbDD2vXdn3QXdzNBFfGZ1CRL1heg3Rq1N4mTio%2BGfmCCdwucBZ1jTaKj5bLAtg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39166&min_rtt=30589&rtt_var=6282&sent=95&recv=52&lost=0&retrans=0&sent_bytes=86171&recv_bytes=12019&delivery_rate=196905&cwnd=34800&unsent_bytes=0&cid=ce4d05751e832d18&ts=637&x=1", cfExtPri, cfHdrFlush;dur=19
date
Fri, 20 Dec 2024 13:47:17 GMT
content-type
image/png
last-modified
Sun, 14 Apr 2024 12:35:00 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5015599ce0abd4-CPH
accept-ranges
bytes
content-length
62748
server
cloudflare
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10600.IqhjaXYrrh1pjqQ46Vg3ADerXh5LVSamqzO61iAdxKmvdWodxcYwgIdMul0y8sr8.-0Ocxjs1Icv4wZP4AIp8pS7qleo%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10600.8Giu6q57DeU3qKWPtXEH5CWtvs61FQS3_LuKFd-ovAC4mYODJnnQhSIZhkDTGiW65JBRTdId7oIUuc3s8vd7R72W8mlHfrErsQc0QMjLmlEulmRAEPmqgGVYBekqmUdBgnsxu2xtdo...
43 B
674 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10600.8Giu6q57DeU3qKWPtXEH5CWtvs61FQS3_LuKFd-ovAC4mYODJnnQhSIZhkDTGiW65JBRTdId7oIUuc3s8vd7R72W8mlHfrErsQc0QMjLmlEulmRAEPmqgGVYBekqmUdBgnsxu2xtdosA-kVXYfHt6Vy71I8ESkHL1KMCXk8uPb7Ib1W-oozEYI7SaYiC66VjostzfV8nqKQwp0rOfS528bD0SthquQqPV4vVThgKjR8%2C.2hBMcisat-qVapw1lSi36UmyCvQ%2C
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 13:47:18 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.com/sync_cookie_image_decide?token=10600.8Giu6q57DeU3qKWPtXEH5CWtvs61FQS3_LuKFd-ovAC4mYODJnnQhSIZhkDTGiW65JBRTdId7oIUuc3s8vd7R72W8mlHfrErsQc0QMjLmlEulmRAEPmqgGVYBekqmUdBgnsxu2xtdosA-kVXYfHt6Vy71I8ESkHL1KMCXk8uPb7Ib1W-oozEYI7SaYiC66VjostzfV8nqKQwp0rOfS528bD0SthquQqPV4vVThgKjR8%2C.2hBMcisat-qVapw1lSi36UmyCvQ%2C
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 13:47:18 GMT
advert.gif
mc.yandex.com/metrika/
43 B
596 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"67655eba-2b"
expires
Fri, 20 Dec 2024 14:47:18 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Fri, 20 Dec 2024 13:47:18 GMT
content-type
image/gif
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 58B3
0
0
Document
General
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://mainstream.news/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
2080
content-type
text/html
date
Fri, 20 Dec 2024 13:47:19 GMT
etag
"67655eba-820"
expires
Fri, 20 Dec 2024 14:47:19 GMT
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/96709401/
Redirect Chain
  • https://mc.yandex.com/watch/96709401?wmode=7&page-url=https%3A%2F%2Fmainstream.news%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersion%...
  • https://mc.yandex.com/watch/96709401/1?wmode=7&page-url=https%3A%2F%2Fmainstream.news%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersio...
636 B
841 B
Fetch
General
Full URL
https://mc.yandex.com/watch/96709401/1?wmode=7&page-url=https%3A%2F%2Fmainstream.news%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersion%22%3A%226.7%22%2C%22pluginVersion%22%3A%221.2.0%22%2C%22ymCmsRip%22%3A%221597463007%22%7D%7D%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ada-DK%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A721942961300%3Ahid%3A669295383%3Az%3A60%3Ai%3A20241220144718%3Aet%3A1734702438%3Ac%3A1%3Arn%3A825567257%3Arqn%3A1%3Au%3A1734702438678507391%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A922%3Awv%3A2%3Ads%3A2%2C159%2C295%2C35%2C62%2C0%2C%2C541%2C1%2C%2C%2C%2C1098%3Aco%3A0%3Acpf%3A1%3Ans%3A1734702436791%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734702438%3At%3AHome%20%7C%20mainstream.news&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842541572%29ti%281%29
Requested by
Host: mainstream.news
URL: https://mainstream.news/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
37b43aadf56489ed69d57b822b3d2d0184d08ef1b7f9ed66ec224842802caa5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 20-Dec-2024 13:47:18 GMT
access-control-allow-origin
https://mainstream.news
content-length
636
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 13:47:18 GMT
content-type
application/json; charset=utf-8
last-modified
Fri, 20-Dec-2024 13:47:18 GMT

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/96709401/1?wmode=7&page-url=https%3A%2F%2Fmainstream.news%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersion%22%3A%226.7%22%2C%22pluginVersion%22%3A%221.2.0%22%2C%22ymCmsRip%22%3A%221597463007%22%7D%7D%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ada-DK%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A721942961300%3Ahid%3A669295383%3Az%3A60%3Ai%3A20241220144718%3Aet%3A1734702438%3Ac%3A1%3Arn%3A825567257%3Arqn%3A1%3Au%3A1734702438678507391%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A922%3Awv%3A2%3Ads%3A2%2C159%2C295%2C35%2C62%2C0%2C%2C541%2C1%2C%2C%2C%2C1098%3Aco%3A0%3Acpf%3A1%3Ans%3A1734702436791%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734702438%3At%3AHome%20%7C%20mainstream.news&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842541572%29ti%281%29
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
expires
Fri, 20-Dec-2024 13:47:18 GMT
access-control-allow-origin
https://mainstream.news
date
Fri, 20 Dec 2024 13:47:18 GMT
x-xss-protection
1; mode=block
last-modified
Fri, 20-Dec-2024 13:47:18 GMT
cropped-cropped-mainstream-news-round-32x32.png
mainstream.news/wp-content/uploads/2024/01/
983 B
2 KB
Other
General
Full URL
https://mainstream.news/wp-content/uploads/2024/01/cropped-cropped-mainstream-news-round-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ebd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec85824ffda7dc0f713d6591b3f8284a051b905692f59384d1f169cccefe5290

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mainstream.news/

Response headers

cf-cache-status
MISS
etag
"661bcd74-3d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPXTIgAYDizeMzgVNJ2dEKjFcceIEshluDC2QlBAgxwd255f%2BLMPgByfZ%2Fr7JPeSIlnts86DdBUoBtcue8yfdQNCG%2F06tcIWIS0bHb04cPQFWq4H7VqGayfrtdP6nhwUZkAMvFVQUNQTQPiKOWE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31015&min_rtt=30287&rtt_var=254&sent=2157&recv=308&lost=1&retrans=1&sent_bytes=2495153&recv_bytes=30359&delivery_rate=501348&cwnd=622230&unsent_bytes=0&cid=ce4d05751e832d18&ts=2986&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 13:47:19 GMT
content-type
image/png
last-modified
Sun, 14 Apr 2024 12:35:00 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5015689a7cabd4-CPH
accept-ranges
bytes
content-length
983
server
cloudflare
96709401
mc.yandex.com/webvisor/
43 B
0
Fetch
General
Full URL
https://mc.yandex.com/webvisor/96709401?wv-part=1&wv-type=7&wmode=0&wv-hit=669295383&page-url=https%3A%2F%2Fmainstream.news%2F&rn=557707022&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1734702441%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20241220144721%3Au%3A1734702438678507391%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1734702441&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mainstream.news/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
access-control-allow-credentials
true
expires
Fri, 20-Dec-2024 13:47:21 GMT
access-control-allow-origin
https://mainstream.news
content-length
43
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 13:47:21 GMT
last-modified
Fri, 20-Dec-2024 13:47:21 GMT
content-type
image/gif
96709401
mc.yandex.com/webvisor/
43 B
0
Fetch
General
Full URL
https://mc.yandex.com/webvisor/96709401?wv-part=1&wv-type=7&wmode=0&wv-hit=669295383&page-url=https%3A%2F%2Fmainstream.news%2F&rn=378556507&browser-info=we%3A1%3Aet%3A1734702442%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20241220144721%3Au%3A1734702438678507391%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1734702442&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mainstream.news/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
access-control-allow-credentials
true
expires
Fri, 20-Dec-2024 13:47:21 GMT
access-control-allow-origin
https://mainstream.news
content-length
43
date
Fri, 20 Dec 2024 13:47:21 GMT
x-xss-protection
1; mode=block
last-modified
Fri, 20-Dec-2024 13:47:21 GMT
content-type
image/gif
96709401
mc.yandex.com/webvisor/
43 B
0
Fetch
General
Full URL
https://mc.yandex.com/webvisor/96709401?wv-type=9&wmode=0&wv-hit=669295383&page-url=https%3A%2F%2Fmainstream.news%2F&browser-info=et%3A1734702442%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20241220144721%3Au%3A1734702438678507391%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1734702442&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mainstream.news/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
access-control-allow-credentials
true
expires
Fri, 20-Dec-2024 13:47:21 GMT
access-control-allow-origin
https://mainstream.news
content-length
43
date
Fri, 20 Dec 2024 13:47:21 GMT
x-xss-protection
1; mode=block
last-modified
Fri, 20-Dec-2024 13:47:21 GMT
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mainstream.news
URL
blob:https://mainstream.news/aed06768-c994-4439-bffa-071119843a9b

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings function| jQuery function| YmEc object| tmpwpym object| dataLayer object| wpym object| idehweb_lwp function| ym function| generateStickyDebounce object| offSide object| generateOffside object| closeElements object| slideoutLinks function| closeOffsideOnAction object| toggles function| offside object| firebase object| intlTelInputGlobals function| intlTelInput object| generatepressMenu object| generatepressBackToTop function| lwp_runTimer object| wp object| twemoji object| Ya object| yaCounter96709401

19 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: dNvo7c3JfWRu7/8OBNqWCqh6dEqYWpcs9HFaaSDUjmBhwYv+ZR9KxSjtcd7hkJ/caFfUEMhLdqo4WEdFSRE6fxTs9Lk=
.yandex.ru/ Name: yandexuid
Value: 3148628341734702437
.yandex.ru/ Name: yashr
Value: 494449461734702437
.mainstream.news/ Name: _ym_uid
Value: 1734702438678507391
.mainstream.news/ Name: _ym_d
Value: 1734702438
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 833381243fake
.yandex.com/ Name: yashr
Value: 2618813071734702438
.mainstream.news/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2035779341fake
.yandex.com/ Name: yandexuid
Value: 3148628341734702437
.yandex.com/ Name: yuidss
Value: 3148628341734702437
.yandex.com/ Name: i
Value: dNvo7c3JfWRu7/8OBNqWCqh6dEqYWpcs9HFaaSDUjmBhwYv+ZR9KxSjtcd7hkJ/caFfUEMhLdqo4WEdFSRE6fxTs9Lk=
.yandex.com/ Name: yp
Value: 1734788838.yu.7211402591734702438
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 2023984311734702438
.yandex.com/ Name: ymex
Value: 1737294438.oyu.7211402591734702438#1766238438.yrts.1734702438
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGDm6pW7Bg==
.mainstream.news/ Name: _ym_visorc
Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gpsites.co
mainstream.news
mc.yandex.com
mc.yandex.ru
www.gstatic.com
mainstream.news
2606:4700:3031::ac43:8ebd
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a02:6b8::1:119
2a06:98c1:3121::3
079f6d8357d02c94dfd5bffb32fce255a093f0098439fb683407c126ab00c015
09f417c2e643b736c19e96b99e166681af1002e9b192b84e4e85b0794e764f7f
0d96d5c7dd4e5d51d3ba167d24d4260d10a62ef1546b213883ecb4066fbd46c6
12a9b579880d74956057d3aaf9bd1fc0c66572cf75d272ab7fe262a6abb92d41
177a2189d3db025aea363f4c9fae6f9dc1facce11e850627307ed54398e2ac0c
181c3ccd121b593c47bf00f98b3b6368d347de5a6f373da3dfa8c3d0237f6945
18d279432876f48e6fc5db9c28517314ded7a34d29f8626b1efed5b1e2e351ec
1e7f83052e1e3442c4397ced9555033cd1d3f08444d85960683bcf91c8433cdb
21940b9b29305e3cb787048e72192007ee02a592cefcd7244354c6ae9c048aca
24bdf0db7bf7e5111205ac617060eb7cb05e49bd4c7d74c4ac7ec94a5240e8c2
2f7f758bfb47048bb6134f35e7f9df09d4d4a6a8df815ae999bd683d9b2c3d70
346277e73efa44820d57a31fd8fb53f6a8121f4ff95da799d54f3160e2a3ec81
37b43aadf56489ed69d57b822b3d2d0184d08ef1b7f9ed66ec224842802caa5f
3be2395110ca17dfa2ddbdfb9ea49ba04a8af65e93a9755ac500378c050d229a
3f226730dc507b07c488cef95b89b4a033b528fdb5ac37be46ed60aa19d31ee8
43d85e70367ed256d4ff6345c8e56d28215f92815b2ba3ca4c55829f01fd12d9
528a5cc7b06016ad3014eccf2424cd8e0879c37452c806860e5f9438ebe215f6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56a58b2a7d081644adf703dce04831d310de1c8971be34eb26c257866ab806a5
57fbae88a6d22ad9ec2743a107803b5c8255c4049f0d07f6074f6abc3bfcaa7b
6691a1e4560f5957547ba0bbff33c7066292c26031067beabaf01be85fae6790
6ad4c273bf82db710e3c113a6a758f19ffd1bfd391dce7bc4fc0b102cffa177b
700c028b541d5fac50bf4f5f5111351cd34b09d814051e12de5fc852e0a46d3a
701c19a3db55e04e5bc57bb18ea450d9302de61bec6ea80a64f9309d113a97d5
84299aff1913260f854f169d15c68e7005788ce89014f44d1d5288ade5e02688
8466554cb1518087185dd042c92a2a443aa04eb699358281fd0bd391ed094734
8a2fa6e93c01304d161a9e37652a5196a537d5419b9078756976ff64fad11ae0
8c732fbb4b6f7fcd3a3cf9eabaff6312a3a62854114fe38d219b69a998674b56
8ca9a620008d3be7b876a4eabc9576c19d8912011cc2d68e6c433f964787687d
8dc88e18ff7821d33a47dc62b24798ccee469938692bea68f863cfefd26679fd
91b2dc9cd7ac64ecf6e58b3a6929024bb30b9af8de18de40d63e10ec4fbb35ea
97ce08b1e16390cd90480841ece2bdfb1c0bd03dcf0ab7fac6b36af9ffe3349d
9e87c32c1e1c3b7e0bef9e45ce6646286cb25d3b24efc8e622f54145432b6c07
a07f21fdb1d9756c715cf682308e306a33f054f5bcb97c50107b19ad2f087138
a28383babc595e301c438c9a1b2cd9cfe608e1f6a6826eff7ac86c957353a7a4
aa1173bbd5601b44393df7df78bff0e2689a0c89ec2284d14d91a5b3d9436700
ab6f545892f640da445a4695190e0e9eab30b2119cbbb2a0e40b2d96462eb039
b17d69a86ec40437a9da7f8f04f455462876385ceb7ecd63ef33f0c18d63d3ec
b75fdcb9cb724ed0e6a3c091e5ea96250e16643c5b9c6427a6240fff3c026e22
b91a35bb0802dd81da6f485effa935d900bb61725f8ce61382759e7369724d7d
c580c2964ebb98e4fae7ad978eb2fd62e0d823de3211abde508266bff75a622b
de5a2f1d66500d41cbfd54ca67339e23d69dc15c65a83655d3e16b4e566de89f
e817f5e37c3b19c9a55956933705e8e28a84f82e5481bce25fb4ec005e2b27e3
e9d54383a1ae1cc16b30c0a748ff78cebfffede0e53dd7821dfcb6328ccef47e
ec77cb64bef44bf250dd841189a6481eae1a5150555afca6a2e52f511bd5a22f
ec85824ffda7dc0f713d6591b3f8284a051b905692f59384d1f169cccefe5290
eff57e5cf3dd71c6673503a660f547d16157db726b2ecbf84cdfe5022497f805
f52e363a239ae00e6428c50833ceefec2b9551a88e573e874736d725188e324f
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1