beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://beforeitsnews.com/
Submission: On April 06 via manual (April 6th 2022, 8:09:23 pm UTC) from US — Scanned from DE

Summary HTTP 244 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 48 IPs in 8 countries across 30 domains to perform 244 HTTP transactions. The main IP is 2606:4700:10::6816:4b8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com. The Cisco Umbrella rank of the primary domain is 166516.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2021. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
47	2606:4700:10:... 2606:4700:10::6816:4b8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	52.85.47.96 52.85.47.96	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
18	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
11	104.18.64.15 104.18.64.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
8	89.187.169.3 89.187.169.3	60068 (CDN77 ^_^) (CDN77 ^_^)
1	77.81.165.130 77.81.165.130	59854 (TLH-AS Pa...) (TLH-AS Pasaj SCARILOR Nr 2)
2	209.58.165.79 209.58.165.79	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2	51.210.32.132 51.210.32.132	16276 (OVH) (OVH)
1	40.114.178.124 40.114.178.124	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.91.125 18.66.91.125	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:cc00:18:9413:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:4a8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	18.66.2.79 18.66.2.79	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	35.190.30.115 35.190.30.115	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
21	2600:9000:225... 2600:9000:225e:3c00:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	169.55.146.12 169.55.146.12	36351 (SOFTLAYER) (SOFTLAYER)
27	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
6	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.224.142.165 35.224.142.165	15169 (GOOGLE) (GOOGLE)
2	35.209.67.224 35.209.67.224	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	35.244.172.227 35.244.172.227	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
2	34.117.147.45 34.117.147.45	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
244	48

47 2606:4700:10::6816:4b8a (United States)

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.47.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-47-96.hel50.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

sctewbeans.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.64.15 (None, )

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 89.187.169.3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-3.cdn77.com

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.81.165.130 (Bucharest, Romania)

ASN59854 (TLH-AS Pasaj SCARILOR Nr 2, RO)
PTR: c3130.tlh.ro

amg-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.58.165.79 (United Kingdom)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: opal2.opalstack.com

tapnewswire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.210.32.132 (France)

ASN16276 (OVH, FR)
PTR: ns3172604.ip-51-210-32.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.114.178.124 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

external-content.duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.91.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-91-125.fra56.r.cloudfront.net

img.ifunny.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:cc00:18:9413:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4a8a (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.66.2.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-79.txl50.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.30.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.30.190.35.bc.googleusercontent.com

customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:225e:3c00:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 169.55.146.12 (United States)

ASN36351 (SOFTLAYER, US)
PTR: c.92.37a9.ip4.static.sl-reverse.com

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

w3.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
h107833-ecdn.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.224.142.165 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 165.142.224.35.bc.googleusercontent.com

access.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.209.67.224 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 224.67.209.35.bc.googleusercontent.com

tkx.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.172.227 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 227.172.244.35.bc.googleusercontent.com

dcs-vod.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.147.45 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 45.147.117.34.bc.googleusercontent.com

m107833-mcdn.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:ef::5c7b:c2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.foxtv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	beforeitsnews.com beforeitsnews.com — Cisco Umbrella Rank: 166516 img.beforeitsnews.com — Cisco Umbrella Rank: 324556 ajax.beforeitsnews.com — Cisco Umbrella Rank: 208384 a1.beforeitsnews.com — Cisco Umbrella Rank: 314833	921 KB
38	tradingview.com s3.tradingview.com — Cisco Umbrella Rank: 18487 s.tradingview.com — Cisco Umbrella Rank: 23272 s3-symbol-logo.tradingview.com — Cisco Umbrella Rank: 20185	290 KB
33	lura.live w3.mp.lura.live — Cisco Umbrella Rank: 12599 access.mp.lura.live — Cisco Umbrella Rank: 15701 tkx.mp.lura.live — Cisco Umbrella Rank: 14570 dcs-vod.mp.lura.live — Cisco Umbrella Rank: 14766 m107833-mcdn.mp.lura.live — Cisco Umbrella Rank: 46880 h107833-ecdn.mp.lura.live — Cisco Umbrella Rank: 56539	3 MB
24	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8057 c.mgid.com — Cisco Umbrella Rank: 5828 cdn.mgid.com — Cisco Umbrella Rank: 10440 servicer.mgid.com — Cisco Umbrella Rank: 8257 s-img.mgid.com — Cisco Umbrella Rank: 7239 cm.mgid.com — Cisco Umbrella Rank: 1117	348 KB
11	rmbl.ws sp.rmbl.ws — Cisco Umbrella Rank: 28243	345 KB
11	imgflip.com i.imgflip.com — Cisco Umbrella Rank: 28520	823 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	79 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 www.googleapis.com — Cisco Umbrella Rank: 28 translate.googleapis.com — Cisco Umbrella Rank: 1011 translate-pa.googleapis.com — Cisco Umbrella Rank: 1648 imasdk.googleapis.com — Cisco Umbrella Rank: 405	419 KB
8	bitchute.com static-3.bitchute.com — Cisco Umbrella Rank: 82074	221 KB
6	rumble.com rumble.com — Cisco Umbrella Rank: 21659	65 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3048 onesignal.com — Cisco Umbrella Rank: 1156	83 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	39 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	45 KB
4	google.com www.google.com — Cisco Umbrella Rank: 7 translate.google.com — Cisco Umbrella Rank: 1183	27 KB
3	foxtv.com static.foxtv.com — Cisco Umbrella Rank: 34723	57 KB
3	customads.co cdn2.customads.co — Cisco Umbrella Rank: 84099 customads.co — Cisco Umbrella Rank: 67909	6 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5640	564 B
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 121898	1 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98	66 KB
2	youtube.com img.youtube.com — Cisco Umbrella Rank: 3154	35 KB
2	ibb.co i.ibb.co — Cisco Umbrella Rank: 13587	119 KB
2	tapnewswire.com tapnewswire.com — Cisco Umbrella Rank: 421323	34 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	75 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 257	17 KB
1	ifunny.co img.ifunny.co — Cisco Umbrella Rank: 24343	111 KB
1	duckduckgo.com external-content.duckduckgo.com — Cisco Umbrella Rank: 5376	9 KB
1	amg-news.com amg-news.com — Cisco Umbrella Rank: 544102	175 KB
1	wp.com i2.wp.com — Cisco Umbrella Rank: 6027	39 KB
1	sctewbeans.xyz sctewbeans.xyz — Cisco Umbrella Rank: 314635	41 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 106	13 KB
244	30

	Domain	Requested by
30	beforeitsnews.com	beforeitsnews.com
23	h107833-ecdn.mp.lura.live
21	s3-symbol-logo.tradingview.com
17	img.beforeitsnews.com	beforeitsnews.com
16	s.tradingview.com	s3.tradingview.com s.tradingview.com
11	sp.rmbl.ws	beforeitsnews.com rumble.com
11	i.imgflip.com	beforeitsnews.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com rumble.com
8	static-3.bitchute.com	beforeitsnews.com
6	s-img.mgid.com
6	rumble.com	beforeitsnews.com rumble.com
6	cdn.mgid.com	jsc.mgid.com
6	jsc.mgid.com	beforeitsnews.com jsc.mgid.com
4	w3.mp.lura.live	w3.mp.lura.live
4	translate.googleapis.com	translate.googleapis.com
4	stats.g.doubleclick.net	www.google-analytics.com customads.co
3	static.foxtv.com	w3.mp.lura.live
3	servicer.mgid.com	jsc.mgid.com
3	onesignal.com	cdn.onesignal.com
3	www.google.com	beforeitsnews.com
3	fonts.gstatic.com	fonts.googleapis.com
2	m107833-mcdn.mp.lura.live
2	imasdk.googleapis.com	w3.mp.lura.live imasdk.googleapis.com
2	tkx.mp.lura.live	w3.mp.lura.live
2	cm.mgid.com	jsc.mgid.com
2	www.gstatic.com	translate.googleapis.com
2	cdn.onesignal.com	beforeitsnews.com cdn.onesignal.com
2	www.google.de	beforeitsnews.com
2	customads.co	cdn2.customads.co
2	rddywd.com	beforeitsnews.com
2	pagead2.googlesyndication.com	beforeitsnews.com srcdoc
2	img.youtube.com	beforeitsnews.com
2	i.ibb.co	beforeitsnews.com
2	tapnewswire.com	beforeitsnews.com
2	www.googletagmanager.com	beforeitsnews.com s.tradingview.com
1	s0.2mdn.net	imasdk.googleapis.com
1	dcs-vod.mp.lura.live	w3.mp.lura.live
1	access.mp.lura.live	w3.mp.lura.live
1	c.mgid.com	jsc.mgid.com
1	translate-pa.googleapis.com	srcdoc
1	a1.beforeitsnews.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	ajax.beforeitsnews.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	cdn2.customads.co	beforeitsnews.com
1	img.ifunny.co	beforeitsnews.com
1	external-content.duckduckgo.com	beforeitsnews.com
1	amg-news.com	beforeitsnews.com
1	i2.wp.com	beforeitsnews.com
1	sctewbeans.xyz	beforeitsnews.com
1	i.ytimg.com	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
244	54

This site contains links to these domains. Also see Links.

Domain
www.herbanomics.com
www.tradingview.com
69b3d4-ogey4faauklimid7y6d.hop.clickbank.net
907c1z5lio12r744vktbunzmtr.hop.clickbank.net
tinyurl.com
www.braintuner.com
8c1d6w6hnexzj1664hvsu9az12.hop.clickbank.net
ec085q5dfiz0ib0dis3ar12sae.hop.clickbank.net
forum.beforeitsnews.com
www.youtube.com
0d1bc30khn8aj8baofa0ob1zic.hop.clickbank.net
widgets.mgid.com
www.mgid.com
herbeauty.co
8216126iklx2n488hihvlxt-u2.hop.clickbank.net
www.fincabayano.net
telegram.org
brainberries.co
t.me
1de02uyopq5-pe2irli8r4zm5v.hop.clickbank.net
5startech.bioptimize.hop.clickbank.net
hop.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-14` - `2022-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.tradingview.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
sp.rmbl.ws R3	`2022-04-02` - `2022-07-01`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
static-3.bitchute.com R3	`2022-04-05` - `2022-07-04`	3 months	crt.sh
amg-news.com cPanel, Inc. Certification Authority	`2022-03-07` - `2022-06-05`	3 months	crt.sh
tapnewswire.com R3	`2022-01-21` - `2022-04-21`	3 months	crt.sh
ibb.co R3	`2022-02-05` - `2022-05-06`	3 months	crt.sh
*.duckduckgo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-11-26`	a year	crt.sh
*.ifunny.co Go Daddy Secure Certificate Authority - G2	`2021-08-23` - `2022-09-24`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.customads.co Amazon	`2021-10-29` - `2022-11-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
customads.co GTS CA 1D4	`2022-02-26` - `2022-05-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.rumble.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-11` - `2022-12-07`	a year	crt.sh
*.mp.lura.live Sectigo RSA Domain Validation Secure Server CA	`2021-10-18` - `2022-11-18`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
foxtv.com DigiCert SHA2 Secure Server CA	`2021-08-24` - `2022-08-24`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 0F32172DCBB2AE7C9D7A73579C000D26
Requests: 137 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20223620
Frame ID: D341A1BF209E2E33274E36E761A98F8C
Requests: 2 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: 276AF086B5C99D5B383C1975717B8B61
Requests: 39 HTTP requests in this frame

Frame: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 7AAEE572A85EB24C0ECE2836872A1FFF
Requests: 2 HTTP requests in this frame

Frame: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: F0F78F22217A2E71C15B45C50FEDF721
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220405/r20190131/zrt_lookup.html
Frame ID: 6323ECF18694A5657288D72A08128915
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 7F59BFB6BAE707BC74D63048800DB143
Requests: 1 HTTP requests in this frame

Frame: https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
Frame ID: D91E5C86CE185984D9D3FBBE3276E01C
Requests: 1 HTTP requests in this frame

Frame: https://rumble.com/embed/vxdl17/?pub=hw409
Frame ID: F12E12D30B8AD2CBC431E661B55CEA9F
Requests: 11 HTTP requests in this frame

Frame: https://rumble.com/embed/vxb5i3/?pub=hw409
Frame ID: C5333DCE8A82F73084E5398818C360FE
Requests: 8 HTTP requests in this frame

Frame: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiMTA1MzI3NCIsImFudmFjayI6Imw1UXczZHczZG1Vam9rTVVsVTdXNllHVEJHSzJsUTlSIiwic2hhcmVMaW5rIjoiaHR0cHM6Ly93d3cuZm94MmRldHJvaXQuY29tL25ld3Mvd2F0Y2gtbGl2ZS10cnVtcC1yYWxseS1pbi13YXNoaW5ndG9uLXRvd25zaGlwIiwicGx1Z2lucyI6eyJjdXN0b21Db21zY29yZVBsdWdpbiI6eyJjMyI6IkZPWCAyIERldHJvaXQiLCJjNiI6ImZ0cyIsInNjcmlwdCI6Imh0dHBzOi8vc3RhdGljLmZveHR2LmNvbS9zdGF0aWMvb3Jpb24vc2NyaXB0cy9jb3JlL3V0aWxzL2NvbXNjb3JlL0N1c3RvbUNvbXNjb3JlUGx1Z2luLmpzIiwic2RrIjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvY29tc2NvcmUuanMiLCJjbGllbnRJZCI6IjYwNDI5MDEiLCJuc19zdF9zdCI6IldKQksiLCJ0aXRsZSI6IlRydW1wIHJhbGx5IGluIFdhc2hpbmd0b24gVG93bnNoaXAiLCJuc19zdF9jaSI6IjEwNTMyNzQifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJ3amJrIiwiYXBwX25hbWUiOiJmb3gyZGV0cm9pdC5jb20iLCJhcHBfcGxhdGZvcm0iOiJ3ZWIiLCJhcHBfdmVyc2lvbiI6IjEuMC4wIiwic2VnbWVudElkIjoidW8yWW02RVUxNmpWVXlBNUx3WlpGVW81bTllRmJmMmciLCJwbGF5ZXJVbmlxdWVJZCI6InBsYXllci1hYWYyMDYxYy04MzJlLTQ2YzQtODIxOC03MzQxZDFlZDFlMzEifSwiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS82Mzc5MDU2NC93amJrX2ZveDImZGVzY3JpcHRpb25fdXJsPVtwbGFjZWhvbGRlcl0mZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPSZ0ZmNkPTAmbnBhPTAmZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZzej0xMDAxeDEwMDEmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZjbXNpZD0yNTQxMDM3JnZpZD0xMDUzMjc0Iiwia2V5VmFsdWVzIjp7InN0eXBlIjpbIm5ld3MiXSwicHR5cGUiOiJ2aWRlby1jbGlwIiwiYyI6WyJuZXdzIiwibWkiLCJ1cyJdLCJkIjoid2ViIiwidXNfcHJpdmFjeSI6IjEtLS0ifX19fSwiaHRtbDUiOnRydWUsImZvcm1hdCI6Im0zdTgiLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUoyYVdRaU9pSXhNRFV6TWpjMElpd2lhWE56SWpvaWJEVlJkek5rZHpOa2JWVnFiMnROVld4Vk4xYzJXVWRVUWtkTE1teFJPVklpTENKbGVIQWlPakUyTkRrd09USTRNRFlzSW1saGRDSTZNVFkwT1RBNE9USXdObjAuSEdhUGh0S2Y1RlJ0aGhjN2Y3MURuN3JQU0ZiQjRjZXJzSjJKUHdQWUVKOCJ9
Frame ID: B5C73F33C8CC5285D47DF8469067B6B7
Requests: 40 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1649275757033952181900
Frame ID: 51814061B8F0BA5CC31D40FC3A9A49C7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Frame ID: EFB62D0F53BC2EDB294D24A619AFF068
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7336BCAB2EDA8C090D37EF5819292AD1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before It's News | People Powered News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

244
Requests

100 %
HTTPS

57 %
IPv6

30
Domains

54
Subdomains

48
IPs

8
Countries

7698 kB
Transfer

26092 kB
Size

11
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Ticker Tape

Search URL Search Domain Scan URL

URL: https://69b3d4-ogey4faauklimid7y6d.hop.clickbank.net/?tid=WATERFS_BIN_EMAIL
Title: Try This New Invention and You'll Never Run Out of Clean Drinking Water Again! (VIDEO)

Search URL Search Domain Scan URL

URL: https://907c1z5lio12r744vktbunzmtr.hop.clickbank.net/?tid=BINRTL82621
Title: Watch This Short Video To Learn How To Lose Weight Fast, Without Giving Up Any Of Your Favorite Foods

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxc93bzg

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxwvh36c

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/
Title: BCX UltraDeluxe Rife Provides Versatile Frequency Therapy to Your Body Through Low Electromagnetic Energy Waves

Search URL Search Domain Scan URL

URL: https://8c1d6w6hnexzj1664hvsu9az12.hop.clickbank.net/?tid=BINRTL12822
Title: Scientists Discover The Real Root Cause of Your Belly Fat - Hint! Not Diet or Exercise

Search URL Search Domain Scan URL

URL: https://ec085q5dfiz0ib0dis3ar12sae.hop.clickbank.net/?tid=BINRTL7821
Title: Ancient Japanese Tonic Melts 54 LBS Of Fat. Hint: Drink Daily Before 10:00 AM

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://0d1bc30khn8aj8baofa0ob1zic.hop.clickbank.net/?tid=BINPBL101021

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720413

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://herbeauty.co/beauty/9-classic-makeup-looks-to-rock/

Search URL Search Domain Scan URL

URL: https://8216126iklx2n488hihvlxt-u2.hop.clickbank.net/?tid=BINRTL92321
Title: Discover the Simple 3 DIGIT MANIFESTATION CODE for Unlocking the Door to Outrageous Wealth And Abundance in the Next 24 Hours…

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/products/humic-fulvic-liquid-trace-mineral-complex

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: BEFORE IT'S NEWS ON TELEGRAM * GET THE TELEGRAM APP - https://telegram.org

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/why-no-one-wants-to-work-with-jennifer-aniston/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/greatest-countries-in-the-history-of-mankind/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/10-fun-facts-about-squid-game-you-didnt-know-about/

Search URL Search Domain Scan URL

URL: https://brainberries.co/gadgets-and-science/8-most-amazing-advanced-robots-that-will-change-our-world/

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: ALERT! Protect Yourself NOW - They'll Never See It Coming Until They Are On The Ground and Can't Move!

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://1de02uyopq5-pe2irli8r4zm5v.hop.clickbank.net/?tid=BINRTL3922
Title: Things Are Getting Crazy Out There. New Self Defense Tool Adds Another Level of Protection For You and Your Family

Search URL Search Domain Scan URL

URL: https://t.me/herbonomics
Title: The Last Place You Want to Go, in This Age of Pandemics, Is the Hospital/Medical Clinic/Doctors Office - Follow Us on TELEGRAM

Search URL Search Domain Scan URL

URL: http://5startech.bioptimize.hop.clickbank.net/?w=mag
Title: 80% Of Americans Are Deficient In This Very Vital Nutrient. Click Here To Find Out What It Is

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720415

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/fashion/8-iconic-dresses-that-shaped-pop-culture-for-years-to-come/

Search URL Search Domain Scan URL

URL: https://hop.clickbank.net/?affiliate=5startech&vendor=revisionus&cbpage=1&tid=BINRTL4221
Title: New Breakthrough Formula Helps To Restore Your Vision Naturally - Must See

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

244 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
beforeitsnews.com/ 120 KB
25 KB 905ms
873ms Document
text/html 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3582d70374e7c6f69d252bbff66c01930e0d18b47b8b29ad8537796dca8157c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-allow-origin: *
access-control-max-age: 3628800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 6f7d28f08ac79b86-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 06 Apr 2022 20:09:13 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 _KRSshvvWcFjj8eVhUL7TTu75W0.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 22ms
19ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3210355
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CJXBNKSNJHQ5T9XQ
x-amz-id-2: +v2S8fu0FheygFJcv7kHg1fTEGsgqAiMfx9d9iqryRyV2QmObGsQTMHl3ZEIb369wnwfcHeniEk=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7f176f4cc71059e93db3ae6263ce5c62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: iruw_GjpCNwc.7p7jDS427AkLHWsll2i
cf-ray: 6f7d28f62fe99b86-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 71ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ba0ec89a08dac2b188edb29fdd61033e516049fef6709cfb7c9839794f98f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 20:09:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 20:09:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 20:09:14 GMT

GET
H2 200 global-bin-rev-20220327.css
beforeitsnews.com/static/css-v3/ 15 KB
4 KB 45ms
43ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d20f67113d1757b2a95a627d8124216e1a65ae5cd53bcb3f0a8365ae07ff2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 864698
cf-polished: origSize=15824
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:39 GMT
server: cloudflare
etag: W/"6240c13b-3dd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6f7d28f62fee9b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:22 GMT

GET
H2 200 fancybox-bin-rev-20220327.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 49ms
47ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20220327.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 864698
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:39 GMT
server: cloudflare
etag: W/"6240c13b-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6f7d28f62ff19b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:22 GMT

GET
H2 200 home-bin-rev-20220327.css
beforeitsnews.com/static/css-v3/ 29 KB
7 KB 36ms
34ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20220327.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 864202
cf-polished: origSize=29354
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:39 GMT
server: cloudflare
etag: W/"6240c13b-72aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6f7d28f62ff59b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:23 GMT

GET
H2 200 responsive-bin-rev-20220327.css
beforeitsnews.com/static/css-v3/ 20 KB
4 KB 40ms
39ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20220327.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

708e15f646a4a88e3398f55ae92a59a527aeeff35f3a801ba5e575aa1a2ea038

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 864698
cf-polished: origSize=20565
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:39 GMT
server: cloudflare
etag: W/"6240c13b-5055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6f7d28f62ff99b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:22 GMT

GET
H2 200 web-responsive-bin-rev-20220327.css
beforeitsnews.com/static/css-v3/ 371 B
315 B 35ms
34ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/web-responsive-bin-rev-20220327.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 864698
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:39 GMT
server: cloudflare
etag: W/"6240c13b-173"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6f7d28f62ffb9b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:22 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
57 KB 41ms
40ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 822961
cf-polished: origSize=149701
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6f7d28f62ffc9b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 25 Mar 2022 12:49:41 GMT

GET
H2 200 global-bin-rev-20220327.js Show response
beforeitsnews.com/static/js-v3/ 12 KB
4 KB 44ms
44ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20220327.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 864698
cf-polished: origSize=12613
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:00 GMT
server: cloudflare
etag: W/"6240c114-3145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6f7d28f62ffe9b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:22 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 41ms
30ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 3218457
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 25 Feb 2023 20:33:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f6b9659b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 145ms
36ms Script
text/javascript 52.85.47.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.47.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-47-96.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c7f143de591c58b364772f049c84ef152a561c25ab903d061b8547716174e83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 10:36:07 GMT
via: 1.1 3fcabc15a7f22952dcacfedd3d2b6a14.cloudfront.net (CloudFront)
last-modified: Wed, 06 Apr 2022 10:35:59 GMT
server: AmazonS3
age: 34388
etag: "fa277d49a0a0522f194325eb481f9bc4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
content-length: 10758
x-amz-cf-id: iTF1XraK8A4xujC-Pk1oJ9NcpYDnVdfdASUklEuP6-qcWV_250zv_g==

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 47ms
37ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 3207744
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 24 Feb 2023 21:31:39 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f6b96a9b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
198 B 56ms
46ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 3218457
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 23 Feb 2023 16:40:53 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f6b9689b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/w3Ecm6rfvSM/ 13 KB
13 KB 39ms
7ms Image
image/jpeg 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/w3Ecm6rfvSM/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19b75019c6e3386c59d1d7e461cc4c6b5005a50fafb3e0e5ccb4d88e73b70bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 18:56:52 GMT
x-content-type-options: nosniff
age: 4342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Apr 2022 20:56:52 GMT

GET
H2 200 beforeitsnews.com.720413.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 52ms
21ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da69f6ccfa05256e6a49dd676b486cc9cd36756d773b663fc49e4c26cdbf71e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 54
last-modified: Thu, 31 Mar 2022 14:51:38 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AKM2NDBK4Y5Z4QS3
x-amz-id-2: OCMHivZS48Iu3R6O9pHoyzLWHkvkiGNvqVae5tcngQ/JByj45lCNoSl67moYT7F+KcLVkPUPZS8=
cf-bgj: minify
server: cloudflare
etag: W/"9932803714537c80952a83460a513f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6f7d28f6da2d694f-FRA
expires: Wed, 06 Apr 2022 23:09:14 GMT

GET
H2 200 beforeitsnews.com.720415.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 59ms
28ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d989b550c40f16ec4c592bf96b8787f43bdc88dbce9e25ee54ea3ab5538680e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 1148
last-modified: Thu, 31 Mar 2022 14:45:33 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QF9VV9RJE395PMT2
x-amz-id-2: X9VtUbC0lceJd1yHDeg1C0JSQszYEIMUYlxcsXeE3msVqCS8DjbbHhC9pjMhjXPx6aTrvJZY2Zs=
cf-bgj: minify
server: cloudflare
etag: W/"d717fa382927044fa71f8099a7ec2d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6f7d28f6da2f694f-FRA
expires: Wed, 06 Apr 2022 23:09:14 GMT

GET
H3 200 tabs-bin-rev-20220327.js Show response
beforeitsnews.com/static/js-v3/ 148 B
694 B 36ms
36ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20220327.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 864301
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:04 GMT
server: cloudflare
etag: W/"6240c118-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6f7d28f67b578fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:22 GMT

GET
H2 200 12098 Show response
sctewbeans.xyz/easylist/ 204 KB
41 KB 175ms
91ms Script
text/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sctewbeans.xyz/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ad21eeba5edf636cd14bd80042ff43954a54f06cefb68d82ac2e4d5ceafba27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 20:09:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"f22244480ec076cd99fc9f44aebbf72002d277bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FLtzD62FHn8qt%2FMdYGhGWc8qkSiQft1dYshHekJPKHSb0gNH8G473UkMb7FX1TGTXVzYAvwizSUIT%2BbzyJFQccBnUhQWAjq6HE1b9rKtwdH0UTrdxX9%2BcA8sWewRnQTM1bZgdcnRVqlDmKwAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 6f7d28f72e8d9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 41ms
13ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9eca4e49045cd53a1b9ba95c3ab68ed361d1b406c3b884de14e5e65283abfe55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38074
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Apr 2022 20:09:14 GMT

GET
H3 200 jsDeferParsing-bin-rev-20220327.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 37ms
37ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220327.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff04d6b84bf181bc57b1af04902e28cf7f395ac25a87303d017aaf15f8c3046a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 411
cf-polished: origSize=6231
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:03 GMT
server: cloudflare
etag: W/"6240c117-1857"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6f7d28f69b868fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:22 GMT

GET
H3 200 DN2ljmq1lJUOI91HMatC4Qo4fdo.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 25ms
25ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/DN2ljmq1lJUOI91HMatC4Qo4fdo.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6180035
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: W91H8SM1GN9R12GQ
x-amz-id-2: oCOH0RUC/86vs+/ecdM2ES6C2noyVz5RhgTE7XagRUMjXC19YXTiUmb/KqZ2TDRXm8mfbt8Q04M=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7a6e84d6417ab337f05fd7000f282762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: aBVNeaiVU3H7gys1mI2xPATDTQBfk7Cv
cf-ray: 6f7d28f6aba98fe3-FRA

GET
H3 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
695 B 30ms
29ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 411
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 Apr 2023 23:25:56 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6f7d28f6abad8fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 search.png
beforeitsnews.com/img/b4in/ 686 B
1 KB 36ms
35ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1731225
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 14 Mar 2023 20:59:48 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6f7d28f6abb48fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v47/ 10 KB
11 KB 38ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v47/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9133ce4738bf2d0d12282d16afe84b60f83a270af9750330b287429b360782a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:32:38 GMT
x-content-type-options: nosniff
age: 506196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10152
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:04:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Mar 2023 23:32:38 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v12/ 15 KB
15 KB 39ms
14ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v12/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 06:05:44 GMT
x-content-type-options: nosniff
age: 569010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15104
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 21:57:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 31 Mar 2023 06:05:44 GMT

GET
H2 200 6bkglq.jpg
i.imgflip.com/ 105 KB
105 KB 84ms
50ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6bkglq.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6eb39975c99803522d3b2fe171480294ca7125366f34565e773ea7e34a1b45a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cf-cache-status: HIT
age: 44768
cf-polished: origSize=107246
cf-ray: 6f7d28f72ffa8fd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107009
x-amz-id-2: 9bjP/ItdjdWFqohMDr03W7Fzu0fEB4fH7lxAM0cdBJBPlSd1GOFUfeUF9iXTTOvUQawJGM2BII4=
last-modified: Wed, 06 Apr 2022 07:38:54 GMT
server: cloudflare
etag: "1d960441db96f09e4b6939dd33724c21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: CZ8JRA35STR1D5KX
access-control-allow-origin: *
expires: Sat, 03 Apr 2032 20:09:14 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 husMd.oq1b.2-small-4.6.22-Largest-OP-in-the-WO.jpg
sp.rmbl.ws/s8/1/h/u/s/M/ 49 KB
49 KB 64ms
18ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/h/u/s/M/husMd.oq1b.2-small-4.6.22-Largest-OP-in-the-WO.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 68acab0092db4bc9e90df7a7c9845997c35e8baf3f35950d48944afe37eb0dd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
last-modified: Wed, 06 Apr 2022 12:34:45 GMT
server: nginx
etag: "718b316b7cf829258e282b25a71f2cab"
x-hw: 1649275754.cds131.am5.hn,1649275754.cds238.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=60657
accept-ranges: bytes
x-foo: app-1-yyz 172.16.4.12:80
content-length: 50334

GET
H2 200 Trump-babies-Cabal.png
i2.wp.com/operationdisclosureofficial.com/wp-content/uploads/2021/01/ 38 KB
39 KB 31ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/operationdisclosureofficial.com/wp-content/uploads/2021/01/Trump-babies-Cabal.png?w=640&ssl=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6c5472b311cc5cb731d6d9ded2dc1ef1143e97e79a444dd85e58cbb199f1fe62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 06 Apr 2022 20:09:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 16:06:15 GMT
server: nginx
etag: "faf3481fc6687853"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://operationdisclosureofficial.com/wp-content/uploads/2021/01/Trump-babies-Cabal.png>; rel="canonical"
content-length: 39300
expires: Sun, 26 Feb 2023 04:06:15 GMT

GET
H2 200 6bkj1l.jpg
i.imgflip.com/ 66 KB
67 KB 61ms
29ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6bkj1l.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07c651501ab571c3930f2d08841ac236962055b28c2dad45b479b72b2d64be96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cf-cache-status: HIT
age: 42620
cf-polished: origSize=68082
cf-ray: 6f7d28f72ffc8fd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67692
x-amz-id-2: BZZJIDzp3udhBP+2Pc2DVPa+7J4lS9ZVSPEaz+tsMbxPisqJK/pLAWHXFCBaNXl3D+H1MGEY/7I=
last-modified: Wed, 06 Apr 2022 08:06:38 GMT
server: cloudflare
etag: "a2be33435c40baf8481a30348f36c582"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 31B1GPDD4N6WH5GY
access-control-allow-origin: *
expires: Sat, 03 Apr 2032 20:09:14 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 CgQU9lZcKyaF_320x180.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 19 KB
20 KB 39ms
9ms Image
image/jpeg 89.187.169.3
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/CgQU9lZcKyaF_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-3.cdn77.com

Software

BunnyCDN-DE1-752 /

Resource Hash

ce8bf667e6f4e40095ea8c5ff0e951f1cb9113628ae49d770eb8e422238f0ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 04/06/2022 15:29:36
cdn-pullzone: 89010
content-length: 19918
x-amz-request-id: tx00000000000000015b0c0-00624db1e0-17ac40a8-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-752
last-modified: Wed, 06 Apr 2022 14:22:24 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 06fece10964098b36dd24128ab791e57
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK download-1-1.jpg
amg-news.com/wp-content/uploads/2019/05/ 174 KB
175 KB 559ms
78ms Image
image/jpeg 77.81.165.130
TLH-AS Pasaj SCAR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2019/05/download-1-1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 77.81.165.130 Bucharest, Romania, ASN59854 (TLH-AS Pasaj SCARILOR Nr 2, RO),
Reverse DNS: c3130.tlh.ro
Software: nginx /
Resource Hash: c17370eabc62330fee9493927b6179288f22c8e2ecba3620a1a961b2cb123833

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 20:09:17 GMT
Last-Modified: Mon, 04 Apr 2022 19:32:06 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 178647
Content-Type: image/jpeg

GET
H2 200 6bkb4g.jpg
i.imgflip.com/ 95 KB
95 KB 61ms
42ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6bkb4g.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4530611c3f1cae634c1faf7522163f51381ba334e9ce108f9bdb62bc28930dca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cf-cache-status: HIT
age: 48295
cf-polished: origSize=97390
cf-ray: 6f7d28f72fff8fd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96915
x-amz-id-2: Degov3fNRjRr58aHg3oW+5Y//FK8fUH4KAed4XVmkzekhvzTK9thO/B106dJdHOamdt9k5LMDcI=
last-modified: Wed, 06 Apr 2022 06:34:30 GMT
server: cloudflare
etag: "276f556c9f30d43eea6c7992a47764cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: HMVWXK8CRB6WT30S
access-control-allow-origin: *
expires: Sat, 03 Apr 2032 20:09:14 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 download(15).jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 22 KB
23 KB 34ms
31ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/download(15).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300ae53f048c5c8da7aaa8e441599784b56d0cfaec6d45ef200d9496489fd93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 35655
cf-polished: origSize=24028, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22862
last-modified: Wed, 06 Apr 2022 09:51:53 GMT
server: cloudflare
etag: "624d62b9-5ddc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 Apr 2023 10:01:29 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f6fc558fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 RjYLd.oq1b-small-SITUATION-UPDATE-4522.jpg
sp.rmbl.ws/s8/1/R/j/Y/L/ 24 KB
24 KB 64ms
36ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/R/j/Y/L/RjYLd.oq1b-small-SITUATION-UPDATE-4522.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 10dd194b8069ad30799a98fb2128e5e6accc3e56165ec8d11903bbf392a2243b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
last-modified: Tue, 05 Apr 2022 21:30:34 GMT
server: nginx
etag: "23b76a6670f0b92583362fabf1fbf200"
x-hw: 1649275754.cds131.am5.hn,1649275754.cds153.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=8801
accept-ranges: bytes
content-length: 24863

GET
H2 200 2y1Ld.oq1b.2-small-All-The-Bad-Apples-Are-Risi.jpg
sp.rmbl.ws/s8/1/2/y/1/L/ 60 KB
60 KB 67ms
66ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/2/y/1/L/2y1Ld.oq1b.2-small-All-The-Bad-Apples-Are-Risi.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d55d444c4c2e7953c426971b5518a0a219334e6d3bc140b5564bbec80da7e64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
last-modified: Tue, 05 Apr 2022 22:57:47 GMT
server: nginx
etag: "1f279ec03dac003ed8b775661c2f59a9"
x-hw: 1649275754.cds131.am5.hn,1649275754.cds215.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=84754
accept-ranges: bytes
x-foo: app-1-yyz 172.16.4.13:80
content-length: 61681

GET
H2 200 iU62uQ4FfXQ_320x180.jpg
static-3.bitchute.com/live/cover_images/D7jTmDC4y779/ 18 KB
18 KB 12ms
11ms Image
image/jpeg 89.187.169.3
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/D7jTmDC4y779/iU62uQ4FfXQ_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-3.cdn77.com

Software

BunnyCDN-DE1-752 /

Resource Hash

ae9eeaa98bc6e80794e06c878bd1f52c521ce7585fdd12bfe35ebc47caae56d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 04/06/2022 17:14:19
cdn-pullzone: 89010
content-length: 18013
x-amz-request-id: tx0000000000000001758b0-00624dca6b-17ac40a8-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-752
last-modified: Wed, 06 Apr 2022 17:13:42 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 3d2e99c43b07600aedb6d8797d2026a3
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 OIP%20(1)(90).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
13 KB 50ms
48ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(90).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a5def112a50a4851378065e3b8c8d5718ea46fb62bc32e04960803605e6b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1648906
cf-polished: origSize=13542, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12521
last-modified: Mon, 13 Sep 2021 00:31:55 GMT
server: cloudflare
etag: "613e9bfb-34e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 24 Feb 2023 22:37:35 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f6fc568fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 Dvaid-Wilcock-Predicts-Some-Very-Big-Events-2-1024x575(2).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 20 KB
21 KB 50ms
48ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Dvaid-Wilcock-Predicts-Some-Very-Big-Events-2-1024x575(2).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f10933a55ea376c3ae57000f6a7c410d52a2b45e0e8d404a0a7d1faa01ebe2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 277706
cf-polished: origSize=22017, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20949
last-modified: Mon, 23 Mar 2020 00:21:04 GMT
server: cloudflare
etag: "5e7800f0-5601"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 02 Apr 2023 20:44:50 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f72c9e8fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 virus_cell_coronavirus_covid19_1200x630-300x158.jpg
tapnewswire.com/wp-content/uploads/2022/04/ 14 KB
14 KB 1248ms
168ms Image
image/jpeg 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/uploads/2022/04/virus_cell_coronavirus_covid19_1200x630-300x158.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 , United Kingdom, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: 41db5ed8b5612ed992ddae898fdb02c713ef224276c6e6151ccdb79ae8797a05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
last-modified: Wed, 06 Apr 2022 11:13:33 GMT
server: nginx
accept-ranges: bytes
etag: "624d75dd-36bd"
content-length: 14013
content-type: image/jpeg

GET
H2 200 3MDctazf83qd_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 45 KB
45 KB 20ms
12ms Image
image/jpeg 89.187.169.3
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/3MDctazf83qd_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-3.cdn77.com

Software

BunnyCDN-DE1-752 /

Resource Hash

b5c6bdb4960d118fcc93d038a215f3bbf1178e17835ee5bff78d74fdba622db0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cdn-edgestorageid: 723
age: 0
cdn-cachedat: 04/05/2022 22:52:21
cdn-pullzone: 89010
content-length: 45580
x-amz-request-id: tx0000000000000000698d4-00624cc825-17af8ca8-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-752
last-modified: Tue, 05 Apr 2022 22:28:45 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: cc2df016705b262b4c099917179574e1
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 A_Syringe0.jpg
img.beforeitsnews.com/contributor/upload/461640/images/ 21 KB
21 KB 49ms
46ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/461640/images/A_Syringe0.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2481371bfa0f684fdae04ff5e731b5eca020219ad3553e64c18eb919746d3ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 443794
cf-polished: origSize=22710, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21297
last-modified: Mon, 13 Sep 2021 21:47:57 GMT
server: cloudflare
etag: "613fc70d-58b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 01 Apr 2023 16:51:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f72caf8fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 HaYKd.oq1b-small-LIVE-Dr.-David-Martin-Biden.jpg
sp.rmbl.ws/s8/1/H/a/Y/K/ 22 KB
22 KB 51ms
42ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/H/a/Y/K/HaYKd.oq1b-small-LIVE-Dr.-David-Martin-Biden.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a3cadfbcb7a00b44d9749e2f3cc615572b9ee7ffb403817733e73b5dd6674b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
last-modified: Mon, 04 Apr 2022 21:21:12 GMT
server: nginx
etag: "49f268285d32eaa2c9d25e178a3ca341"
x-hw: 1649275754.cds131.am5.hn,1649275754.cds233.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=4701
accept-ranges: bytes
x-foo: app-1-yyz 172.16.4.12:80
content-length: 22717

GET
H2 200 hv6EcJ6nfxVv_320x180.jpg
static-3.bitchute.com/live/cover_images/zWqrqKTLkhqW/ 15 KB
16 KB 12ms
5ms Image
image/jpeg 89.187.169.3
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/zWqrqKTLkhqW/hv6EcJ6nfxVv_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-3.cdn77.com

Software

BunnyCDN-DE1-752 /

Resource Hash

d4b612a2e22b46805d3a445acb4830c06549c89d878a8d9f979a7fd51111a4b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx00000000000000038cd95-00624cf4dd-17c3fd61-nyc3a
cdn-cachedat: 04/06/2022 02:03:10
cdn-pullzone: 89010
content-length: 15425
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-752
last-modified: Wed, 06 Apr 2022 01:30:30 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: b6eee4f220e3fc4a72d47c77cb74871b
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 epic%20new%20q%20(4).jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 16 KB
16 KB 56ms
52ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/epic%20new%20q%20(4).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc82346fd0b1807d7bc777203f7206ef117cec0f256c710ed99baa3051b8c0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 68838
cf-polished: origSize=43316, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16240
last-modified: Tue, 05 Apr 2022 23:52:10 GMT
server: cloudflare
etag: "624cd62a-a934"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 Apr 2023 00:00:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f72cb38fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 JORDAN%20MAXWELL%20FALLEN%20ANGELS.JPG
img.beforeitsnews.com/contributor/upload/819011/images/ 29 KB
30 KB 56ms
53ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/819011/images/JORDAN%20MAXWELL%20FALLEN%20ANGELS.JPG

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f9ae58daa0032a9d677be29e94efe949f9b99e3f643fbe8a715f61f6a1f2739

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 213514
cf-polished: origSize=31345, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29693
last-modified: Mon, 04 Apr 2022 08:13:51 GMT
server: cloudflare
etag: "624aa8bf-7a71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 04 Apr 2023 08:16:47 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f72cb48fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 lCYygitZNLqs_640x360.jpg
static-3.bitchute.com/live/cover_images/oACWZBJypqWf/ 47 KB
48 KB 14ms
7ms Image
image/jpeg 89.187.169.3
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/oACWZBJypqWf/lCYygitZNLqs_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-3.cdn77.com

Software

BunnyCDN-DE1-752 /

Resource Hash

a3d6e14b6dcaecc24454e5eb10ed24b1470be51daf9d9cc8cc5dd5c1440f614f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx00000000000000e3ebf61-00624389b5-14cfc12b-nyc3a
cdn-cachedat: 03/29/2022 22:35:33
cdn-pullzone: 89010
content-length: 48329
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-752
last-modified: Tue, 29 Mar 2022 22:33:32 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 4f2b61c620d25ac0a2b6a5c2c1bf5699
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 eatNXXxdQCQV_640x360.jpg
static-3.bitchute.com/live/cover_images/9c7qJvwx7YQT/ 41 KB
41 KB 19ms
12ms Image
image/jpeg 89.187.169.3
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9c7qJvwx7YQT/eatNXXxdQCQV_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-3.cdn77.com

Software

BunnyCDN-DE1-752 /

Resource Hash

cc0ebbc5fca4ee4d348380f1d5d9466ddbf6e5dfa4dab01be22ad8dd06cfca18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx0000000000000100500de-006248846b-14cfc12b-nyc3a
cdn-cachedat: 04/02/2022 17:14:19
cdn-pullzone: 89010
content-length: 41920
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-752
last-modified: Sat, 02 Apr 2022 16:53:14 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 11c889e29f24ef63f678cd39be0426e3
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 LOST%20SECRETS%20FREEMASONS.jpg
img.beforeitsnews.com/contributor/upload/819011/images/ 39 KB
39 KB 62ms
59ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/819011/images/LOST%20SECRETS%20FREEMASONS.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ecfa786819c30473660f6d9312fc7040a02543e2e6d7e2d2d4afac2a39e3604

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 35597
cf-polished: origSize=42485, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39767
last-modified: Wed, 06 Apr 2022 09:58:02 GMT
server: cloudflare
etag: "624d642a-a5f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 Apr 2023 10:03:07 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f72cba8fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 OIP%20(1)(217).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 23 KB
23 KB 120ms
117ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(217).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90796b5c39aeb5c4c5f04c136aeeef2bcc1b7dcde611a8e448c14c9d507e68de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4849
cf-polished: origSize=24842, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23479
last-modified: Wed, 06 Apr 2022 18:34:50 GMT
server: cloudflare
etag: "624ddd4a-610a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 Apr 2023 18:35:18 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f72cbd8fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 OIP(227).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 41 KB
42 KB 63ms
59ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP(227).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d11e2588cd35b0b405dff819622a235f57ae37e195e54f65ea6e2b058a62b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 176620
cf-polished: origSize=44708, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42028
last-modified: Mon, 04 Apr 2022 18:46:32 GMT
server: cloudflare
etag: "624b3d08-aea4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 04 Apr 2023 18:46:52 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f72cc08fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 photo-2022-04-05-10-37-07.jpg
i.ibb.co/8MrN88z/ 50 KB
50 KB 68ms
19ms Image
image/jpeg 51.210.32.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/8MrN88z/photo-2022-04-05-10-37-07.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.32.132 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3172604.ip-51-210-32.eu
Software: nginx /
Resource Hash: a6a3a6b92cf304d5865647465ca4a75ebd5519c31afef90a98d3fb34df172636

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
last-modified: Tue, 05 Apr 2022 14:38:02 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 51318
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Happy-Sunday.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 45 KB
45 KB 69ms
66ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Happy-Sunday.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f80df881f4300620113717b24686456d7bd64ead2731d5c319ac1f1fd0fff489

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 91237
cf-polished: origSize=46170, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45655
last-modified: Thu, 21 Jan 2021 16:49:28 GMT
server: cloudflare
etag: "6009b098-b45a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 05 Apr 2023 01:13:03 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f72cc18fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 OIP%20(1)(215).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 10 KB
11 KB 76ms
72ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(215).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43740fdd7e2b1f8884a067f22045f4ce1e296fffcbc5a9c2e3f25b0e32058d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 348998
cf-polished: origSize=11480, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10571
last-modified: Sat, 02 Apr 2022 18:45:23 GMT
server: cloudflare
etag: "624899c3-2cd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 02 Apr 2023 18:46:25 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f72cc28fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Iz0Ld.oq1b-small-Ep.-2743a-It-Has-Already-Be.jpg
sp.rmbl.ws/s8/1/I/z/0/L/ 38 KB
38 KB 68ms
67ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/I/z/0/L/Iz0Ld.oq1b-small-Ep.-2743a-It-Has-Already-Be.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: e67454d67b52ee7514361ce8a2a3d6617a01338d6909eddc7ccb86da8d451e0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
last-modified: Tue, 05 Apr 2022 22:35:40 GMT
server: nginx
etag: "ec8dde9c2e9f896ca8bef204288b2c6f"
x-hw: 1649275754.cds131.am5.hn,1649275754.cds321.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=9493
accept-ranges: bytes
x-foo: app-1-yyz unix:/run/nginx-wasabi.sock
content-length: 38425

GET
H2 200 G2YQZohpB0v1tn3NsMxUKkPC_320x180.jpg
static-3.bitchute.com/live/cover_images/ZMv79MtHJ9al/ 18 KB
19 KB 19ms
13ms Image
image/jpeg 89.187.169.3
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/ZMv79MtHJ9al/G2YQZohpB0v1tn3NsMxUKkPC_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-3.cdn77.com

Software

BunnyCDN-DE1-752 /

Resource Hash

29a416ef332f8ec20d928f937dc0308282d5ce6fa0f1b93cb9eca87f63dbdd08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cdn-edgestorageid: 755
x-amz-request-id: tx000000000000010ac80c2-00624a7b4b-14cff4ac-nyc3a
cdn-cachedat: 04/04/2022 04:59:55
cdn-pullzone: 89010
content-length: 18865
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-752
last-modified: Mon, 04 Apr 2022 04:59:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 86e98ba22419f5ce3f552697fcc6cbae
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 6atgbi.jpg
i.imgflip.com/ 62 KB
62 KB 43ms
37ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6atgbi.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68a8fe1f631beef2ff44126e6a4ca9c5b0df5332c1d9feeb46822263ae485529

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cf-cache-status: HIT
age: 550234
cf-polished: origSize=63843
cf-ray: 6f7d28f7381e8fd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63626
x-amz-id-2: 4nkqPfogbtw2NIELrIyfdI4CQGfIaenpb4yTJD5JUr9YblQdRvyOUaElk0QFKrKa0MERzoltrX0=
last-modified: Thu, 31 Mar 2022 07:00:11 GMT
server: cloudflare
etag: "87b6ceb894c014ebabe84d15f6965eef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 0GQN8YQYJ1NQ50JB
access-control-allow-origin: *
expires: Sat, 03 Apr 2032 20:09:14 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 SKTBG7T6suZN_320x180.jpg
static-3.bitchute.com/live/cover_images/Bqs1l3aetpYq/ 14 KB
14 KB 16ms
11ms Image
image/jpeg 89.187.169.3
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/Bqs1l3aetpYq/SKTBG7T6suZN_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-3.cdn77.com

Software

BunnyCDN-DE1-752 /

Resource Hash

1e1110f1eca7186750a7953411ee412c78f38ce861db58e8bc668c0dfdb98cc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx00000000000000074b20b-00624d8f4e-17c3d99e-nyc3a
cdn-cachedat: 04/06/2022 13:02:07
cdn-pullzone: 89010
content-length: 14125
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-752
last-modified: Wed, 06 Apr 2022 11:15:05 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 13eb2bc170176bac7d7b0d82dfd78f12
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 DeagleWorldPopulationReductionMap_large-300x200.jpg
tapnewswire.com/wp-content/uploads/2022/04/ 20 KB
20 KB 1403ms
335ms Image
image/jpeg 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/uploads/2022/04/DeagleWorldPopulationReductionMap_large-300x200.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 , United Kingdom, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: 9722e5d135f2d857788589b7cda5fe2dcfc1fff75cd1d7663a43d87bbb6ca563

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
last-modified: Wed, 06 Apr 2022 09:37:14 GMT
server: nginx
accept-ranges: bytes
etag: "624d5f4a-505b"
content-length: 20571
content-type: image/jpeg

GET
H2 200 /
external-content.duckduckgo.com/iu/ 8 KB
9 KB 417ms
19ms Image
image/jpeg 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Ftse4.mm.bing.net%2Fth%3Fid%3DOVP.63J6BAN-0ZIqZqtN4g5BKwEsCo%26pid%3DApi&f=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

f09c10e1655b77957585fbdba97724eb8cc87805a4ad8c6924c1bc83e476e1d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-duckduckgo-locale: de_DE
strict-transport-security: max-age=31536000
referrer-policy: origin
server: nginx
date: Wed, 06 Apr 2022 20:09:14 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1;mode=block
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
x-content-type-options: nosniff
expires: Thu, 06 Apr 2023 20:09:14 GMT

GET
H2 200 6aarpp.jpg
i.imgflip.com/ 61 KB
62 KB 40ms
37ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6aarpp.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c1a37f1e93e2b09bf1f78414e8d36cf043ac6baf9e75b5ad16898f4aafd6cc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cf-cache-status: HIT
age: 816198
cf-polished: origSize=63177
cf-ray: 6f7d28f738208fd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62927
x-amz-id-2: fu1AeiqmRJaA1Kyf+fekDi1E6L+JgTYeck9zEf3OOC8iZlZksNK192cPALltduC5LRqlVGKWrHE=
last-modified: Mon, 28 Mar 2022 09:22:38 GMT
server: cloudflare
etag: "a8fa73f3839e39c952206c323579d2a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: AQY7HC89DHGBKGNG
access-control-allow-origin: *
expires: Sat, 03 Apr 2032 20:09:14 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 qOzLd.oq1b-small-BOMBSHELL-Obama-TRAPPED-in-.jpg
sp.rmbl.ws/s8/1/q/O/z/L/ 37 KB
38 KB 46ms
42ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/q/O/z/L/qOzLd.oq1b-small-BOMBSHELL-Obama-TRAPPED-in-.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e8fae34b1264a1e5793588e078296752d193ec75a6349eacf35ed094c8fe39c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
last-modified: Tue, 05 Apr 2022 14:46:07 GMT
server: nginx
etag: "cf1b2173491edad92884b333abaa5c0b"
x-hw: 1649275754.cds131.am5.hn,1649275754.cds057.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=67626
accept-ranges: bytes
x-foo: app-1-yyz 172.16.4.12:80
content-length: 38355

GET
H2 200 1189016500955f1732401ddbae934593b7f9a98b825806d50224941f324fac03_1.jpg
img.ifunny.co/images/ 111 KB
111 KB 46ms
7ms Image
image/jpeg 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ifunny.co/images/1189016500955f1732401ddbae934593b7f9a98b825806d50224941f324fac03_1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-91-125.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1189016500955f1732401ddbae934593b7f9a98b825806d50224941f324fac03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:46:13 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Fri, 03 Sep 2021 03:51:11 GMT
server: AmazonS3
age: 458582
etag: "6d91c6731cc9832275032a318f99f83d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 113308
x-amz-cf-id: RYVNPkVEitOIOfjgsldzjBBvNYt8psbPEpOV6I14uD0XM467KO_c-A==

GET
H2 200 679f96.jpg
i.imgflip.com/ 83 KB
83 KB 60ms
57ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/679f96.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeda1f19ef221f80fa47f884948c4cc56c932768ee79ace609e7545852bf2987

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cf-cache-status: HIT
age: 149654
cf-polished: origSize=85434
cf-ray: 6f7d28f738238fd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84886
x-amz-id-2: VsDXR9uHOKFv6nrSWeTbz4NJstJBfKVKynXunMWFtR877bvuFIyHDtFUK2cjxxPVxOPVgXrCt8w=
last-modified: Thu, 03 Mar 2022 10:57:22 GMT
server: cloudflare
etag: "b3f155c001e9fbbab4e03cbdc60e02d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: P4AW3N6CXGSH1M9C
access-control-allow-origin: *
expires: Sat, 03 Apr 2032 20:09:14 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 6bb0dl.jpg
i.imgflip.com/ 64 KB
65 KB 40ms
37ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6bb0dl.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f83faa9b7f37b833d3d80dbe2b5163f0d4ecf859d1cc0fac21b55a72270896d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cf-cache-status: HIT
age: 214086
cf-polished: origSize=66297
cf-ray: 6f7d28f738268fd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65801
x-amz-id-2: iWRedE2+Ej6s2l1bvX2AQzGpxLyn6ZciWhES9HXX6CSNogI+NC5AHRw0ez5yaRT97faZxO6XCBs=
last-modified: Mon, 04 Apr 2022 08:34:45 GMT
server: cloudflare
etag: "9fa6cae577482ce16c56a46d0790d6c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 04ADZM9EKJZ5W4RF
access-control-allow-origin: *
expires: Sat, 03 Apr 2032 20:09:14 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 69ocv8.jpg
i.imgflip.com/ 88 KB
88 KB 217ms
214ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/69ocv8.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40fde384a385fd449c75e093bb8132f380cdf36ec2399dcd3c021a30b0e8ad68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cf-cache-status: HIT
x-amz-request-id: PA447AGQW63F87HE
cf-polished: origSize=90236
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 89984
x-amz-id-2: fVc8bbIgP08SLu17FrM1rjfIP1Zl63fdoz/Fw+/zW9CqKWgWv6XRXnjZZGMm+e6nXtq/GP+zsLI=
last-modified: Wed, 23 Mar 2022 05:46:17 GMT
server: cloudflare
etag: "0beda84a7eaf1bf5f93ba748390a1247"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 03 Apr 2032 20:09:14 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6f7d28f738278fd7-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 yWWCd.oq1b-small-MARCH-24-2022-THE-FIRST-ARR.jpg
sp.rmbl.ws/s8/1/y/W/W/C/ 36 KB
37 KB 69ms
65ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/y/W/W/C/yWWCd.oq1b-small-MARCH-24-2022-THE-FIRST-ARR.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7018574f4f80ba558b5ea0275a30ebb8cc647e44927b7fb7b091c3e2ad4fe7f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
last-modified: Fri, 25 Mar 2022 17:50:43 GMT
server: nginx
etag: "5ace0046e3322350c0b9081ca6925547"
x-hw: 1649275754.cds131.am5.hn,1649275754.cds204.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=29135
accept-ranges: bytes
content-length: 37268

GET
H2 200 photo-2021-06-17-17-00-28.jpg
i.ibb.co/vcKpmZm/ 69 KB
69 KB 48ms
45ms Image
image/jpeg 51.210.32.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/vcKpmZm/photo-2021-06-17-17-00-28.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.32.132 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3172604.ip-51-210-32.eu
Software: nginx /
Resource Hash: 558e06787bc415a02f65b4befd26ee993b8c130e797662eb172655dfeaf9ec81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
last-modified: Mon, 04 Apr 2022 15:46:49 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 70365
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 OIP%20(1)(139).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 30 KB
31 KB 65ms
63ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(139).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bb5463f066c121d2824b51f568b1783fd93f0b020e3db518366d6454a8e76c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6048
cf-polished: origSize=33182, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31092
last-modified: Fri, 29 Oct 2021 17:20:09 GMT
server: cloudflare
etag: "617c2d49-819e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 Apr 2023 17:54:03 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f72cc48fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 clif-high(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 26 KB
27 KB 67ms
65ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/clif-high(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0cc46fd307661ddfe1c8a4f05af453ce3c5c7641b22c4ce3e06ab690c99348b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 549278
cf-polished: origSize=27625, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26980
last-modified: Sun, 28 Mar 2021 16:38:12 GMT
server: cloudflare
etag: "6060b0f4-6be9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 29 Mar 2023 20:25:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f72cc58fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 6b41fj.jpg
i.imgflip.com/ 56 KB
57 KB 39ms
36ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6b41fj.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3d26f3941c668c57d648fbd4675065c6f9b274ebf4d0611c16b2436d583ab83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cf-cache-status: HIT
age: 389841
cf-polished: origSize=58050
cf-ray: 6f7d28f738298fd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57732
x-amz-id-2: wojinpHPUnM9+sA9hyuHbmJqVL3Jhq0TIkDVKs2hKN1jywVA0HLb5mTF6dK++g1CDfHkvnFdEWs=
last-modified: Sat, 02 Apr 2022 07:28:05 GMT
server: cloudflare
etag: "60f0fafd9425283ac90a837a2e29c586"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: JR7BJRJGXR0A844B
access-control-allow-origin: *
expires: Sat, 03 Apr 2032 20:09:14 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 OIP(69).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 61 KB
61 KB 67ms
66ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP(69).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

221c1305addb99a4f472eb0f4ee514f5c48e44ce80fd25266832afa6ef5892d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 150637
cf-polished: origSize=67507, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61985
last-modified: Sun, 07 Feb 2021 15:41:17 GMT
server: cloudflare
etag: "60200a1d-107b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 04 Apr 2023 23:25:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d28f72cc68fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 69tngh.jpg
i.imgflip.com/ 95 KB
95 KB 45ms
43ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/69tngh.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f3e583f8e154035fdb6a5019d8e3fdd75cf11fcd6030d96a3640bc6b8858004

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cf-cache-status: HIT
age: 1163392
cf-polished: origSize=98911
cf-ray: 6f7d28f7382a8fd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 97038
x-amz-id-2: Uk6anwL1BNg6GqMW+tpXRxzBY3mn9AsOsE3RkRf+YO9uQTvAnms3oOZAV35BlGFsdXoybUhRuR4=
last-modified: Thu, 24 Mar 2022 08:44:48 GMT
server: cloudflare
etag: "396b53fe1217c5a3e511efdb9fc5cebf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: RDF6GCWVCBQ52H4N
access-control-allow-origin: *
expires: Sat, 03 Apr 2032 20:09:14 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/j58Bx0Ebppw/ 22 KB
23 KB 406ms
9ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/j58Bx0Ebppw/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c80da2da9dfa9463f27ded5cd4ea366a443c038ec9e43609e9446cb4c71eba9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:08:24 GMT
x-content-type-options: nosniff
age: 50
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22683
x-xss-protection: 0
server: sffe
etag: "1649205358"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Apr 2022 20:13:24 GMT

GET
H3 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
16 KB 69ms
68ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 821383
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 18 Mar 2023 13:09:52 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6f7d28f74cfb8fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame D341 2 KB
1 KB 57ms
44ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20223620
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dfab4d0c5aaa10f4efb087ee57f2591d2e29c38ab7ad210415bd1862fa050ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 1695
last-modified: Thu, 31 Mar 2022 15:11:15 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6ZPJF6NC3HMT2CWE
x-amz-id-2: rZIrCIc2525mBUcduQIusrVWEsPeB2k/sw3DmYxV5+7yv3tEEmW/JVZcYHiSaUjF/z/UT6yKi/c=
cf-bgj: minify
server: cloudflare
etag: W/"447f51a288b318d44154dda1ec6d2914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6f7d28f7891e90a3-FRA
expires: Wed, 06 Apr 2022 23:09:14 GMT

GET
H2 200 ajs.js Show response
cdn2.customads.co/_js/ 5 KB
3 KB 411ms
7ms Script
application/javascript 2600:9000:223c:cc00:18:9413:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.customads.co/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:cc00:18:9413:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 00:04:26 GMT
via: 1.1 google, 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Mon, 04 Apr 2022 22:47:42 GMT
age: 72288
etag: W/"14de-17ff6c33559"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-encoding: gzip
x-amz-cf-id: xo4lXsAhLATWwLrpGLl4O_Q4F7h0Rxmlw-UHseTrJyFL8RlW7fnK2g==

GET
H3 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
43 KB 42ms
41ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 821383
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 05 Mar 2023 06:35:11 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6f7d28f77d788fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 370ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd590da4543adceb76d881da1f96544411963582feaadc488ab9fe56befb958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53961
x-xss-protection: 0
server: cafe
etag: 12364005014989820016
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 20:09:14 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
604 B 367ms
30ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36074
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9
last-modified: Wed, 06 Apr 2022 10:08:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3IIubkNqE%2FT9RUxwDgsqK9nlL6kOGXWDAnA0L6K0%2F5WesfDBduvL%2FPdq5cHQT%2BTR4PMp%2F3PpFaFakde32BOQX6Tnd%2BzeWzTZtQXacETjbyDOUn0VO32t5QG05VYVr43iSg%2FVhThE7zj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6f7d28f9ff828ffe-FRA

GET
H2 200 adcode.png
rddywd.com/ 43 B
628 B 367ms
31ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15932
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqhBpY8N0a6XVkVoZFQAwesOCN6gNPToedK0l%2F%2Bs1bKSSppnVT0v%2BxJJI7LcQ3KPB%2F5xLuyTA7A73v3BJaaEL76JwXpYiAV1uJOnyiFYp2Wq8fX%2BBb8O8BEAkHVL0KNSAoTh9%2Fl83tjd"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6f7d28f9faec92c9-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
178 B 346ms
7ms Image
text/plain 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 25ms
25ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 821382
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 23 Mar 2023 19:41:08 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6f7d28f7fe958fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/u5BUN0B9CCw/ 13 KB
13 KB 275ms
15ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/u5BUN0B9CCw/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a5b08449ed71972cd12c3cea431776e3f4bf6629599ce4c3795045ad3fbdb37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:08:41 GMT
x-content-type-options: nosniff
age: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12941
x-xss-protection: 0
server: sffe
etag: "1649269536"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Apr 2022 20:13:41 GMT

GET
H2 200 6bkaqm.jpg
i.imgflip.com/ 44 KB
44 KB 341ms
40ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6bkaqm.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42526dd47f1aaa69c3de82e81c5892fb31494dc005b6eae41abd9dd24dbd85d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
cf-cache-status: HIT
age: 48454
cf-polished: origSize=45689
cf-ray: 6f7d28f9ec8a8fd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45178
x-amz-id-2: pxdVesoVEy+R+gIf+la0RqafDiwv4EgIWDgIMBYPlhIZ0+8CGJFPDy1tKxYoSifESHWz0MMmkls=
last-modified: Wed, 06 Apr 2022 06:29:13 GMT
server: cloudflare
etag: "3adcb1b2ae6f25b05d50ee5be62a8c02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: SJZ8XA5GS4Y2CQ9J
access-control-allow-origin: *
expires: Sat, 03 Apr 2032 20:09:14 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
558 B 901ms
637ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6110b17f97d16006713d1ce5464539d555b8265b8376af939950585b6dc40a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6f7d28f9fa5b9131-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16

GET
H3 200 beforeitsnews.com.720413.es6.js Show response
jsc.mgid.com/b/e/ 239 KB
71 KB 29ms
29ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64bd547501d02ecc8284478d8e0b3e9a726a95a7aa4fc8781f3d4fda759f3d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 5440
last-modified: Wed, 06 Apr 2022 13:31:54 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 5YS0N3ZGW0VCFN5T
x-amz-id-2: 7z0+DhfWJu3IOk7mZ13+KdNQrcMlvE3WEEuvD14GZyQ04i1QjxP1sQ9QW4Gack/qkjwI1Fbpdos=
cf-bgj: minify
server: cloudflare
etag: W/"eaec1f89362550292117697dbbb38573"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6f7d28f85a8b90a3-FRA
expires: Wed, 06 Apr 2022 23:09:14 GMT

GET
H3 200 beforeitsnews.com.720415.es6.js Show response
jsc.mgid.com/b/e/ 239 KB
71 KB 311ms
311ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c04a1d67e4819ba554cba5b79a86ad261fa2de0b0eae3bbe0cc5523d87b14130

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: C2ZCPWADGCREK6X6
last-modified: Wed, 06 Apr 2022 13:33:08 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 3dw6BJnChvltzyYNX94a7KzMqsNTw6sRliTb/0KxHMO/o7vrisgnC0ZO2yJVqELTHN1If9tp98o=
cf-bgj: minify
server: cloudflare
etag: W/"82c293b4d86e9b72d350b7db462acb78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6f7d28f85a8c90a3-FRA
expires: Wed, 06 Apr 2022 23:09:14 GMT

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame 276A 19 KB
7 KB 77ms
16ms Document
text/html 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

45ec09ef9e2d0e3f3903afd28ecbb6a99cd963f6ccd6dcaf0cfdb101bcdaf23d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'; script-src 'self' 'unsafe-eval' blob: https://.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://.doubleclick.net/ https://.googleadservices.com/ https://adservice.google.com/ https://.googlesyndication.com/ https://.ampproject.org/ https://.paypal.com/ https://platform.twitter.com 'nonce-GXdRBagR4+e74R9UD358rA=='; report-uri /csp-report/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 114
cache-control: max-age=120
content-encoding: gzip
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'; script-src 'self' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com 'nonce-GXdRBagR4+e74R9UD358rA=='; report-uri /csp-report/
content-type: text/html; charset=utf-8
date: Wed, 06 Apr 2022 20:07:20 GMT
expires: Wed, 06 Apr 2022 20:09:20 GMT
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
x-amz-cf-id: POtNwKppmPNqX77gXM80FfvqwU9OcTjxXwSR_abntLY0rql9eLnR8w==
x-amz-cf-pop: TXL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 beforeitsnews.com.351459.es6.js Show response
jsc.mgid.com/b/e/ Frame D341 238 KB
71 KB 36ms
36ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20223620
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad564c166f59b7f11fb1321424020fb0aeace18310447e7e4d3b577d57df7a40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 1029
last-modified: Wed, 06 Apr 2022 13:42:04 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2C63TG32F7QDZ3SD
x-amz-id-2: XCqq0H8c2MMy77lIFTZyTzARC8kCh6a9kWQYMuRBA54PBJctOlY95Bvt22BobKEC7hcgj+V3xKk=
cf-bgj: minify
server: cloudflare
etag: W/"b596905169a0919345db96d36af2fee9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6f7d28f87ab690a3-FRA
expires: Wed, 06 Apr 2022 23:09:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 268
date: Wed, 06 Apr 2022 20:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 06 Apr 2022 22:04:46 GMT

GET
H2 200 8301289771671655 Show response
customads.co/lad/ Frame 7AAE 1 KB
1 KB 168ms
126ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Wed, 06 Apr 2022 20:09:14 GMT
via: 1.1 google

GET
H2 200 10864438442185062 Show response
customads.co/lad/ Frame F0F7 1 KB
2 KB 163ms
123ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Wed, 06 Apr 2022 20:09:14 GMT
via: 1.1 google

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=938706033&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1496996655&gjid=808629694&cid=1934947354.1649275756&tid=UA-16055024-1&_gid=2081419660.1649275756&_r=1&gtm=2ou3u0&z=1014194015

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 20:09:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220405/r20190131/ Frame 6323 10 KB
5 KB 41ms
7ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220405/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 8339
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 17:50:15 GMT
etag: 14837630671339829333
expires: Wed, 20 Apr 2022 17:50:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 63ms
26ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16055024-1&cid=1934947354.1649275756&jid=1496996655&gjid=808629694&_gid=2081419660.1649275756&_u=YEBAAUAAAAAAAC~&z=1629727760

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Apr 2022 20:09:14 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.dbeee59ee721b592.js Show response
s.tradingview.com/static/localization/translations/ Frame 276A 515 KB
80 KB 18ms
17ms Script
application/javascript 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/localization/translations/en.dbeee59ee721b592.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

9fc321a58bf498a1a43fa8474df28cb4ad4f139f4b6aeea9e88d44bf7c07bfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 10:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34329
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 06 Apr 2022 08:44:47 GMT
server: tv
etag: W/"624d52ff-13b63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: vf9GxfEzY95sn22lhDk7Dr4lNdzzAUQjKTYxc7ob889Wwno9kWjs1w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.7b41d09fc83c402df89b.js Show response
s.tradingview.com/static/bundles/embed/ Frame 276A 47 KB
25 KB 46ms
45ms Script
application/javascript 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/runtime.7b41d09fc83c402df89b.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

2908bf5bf5fc38351a909fcf5d7dedb9dcf61a3bc10ff9af79d66a83f1d1c607

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 10:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34329
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 06 Apr 2022 08:45:03 GMT
server: tv
etag: W/"624d530f-62d0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: odf17va3JxyAiKnO69BxjWLsp2uwvSkGfwhOT-k8-6rLfHv3ErUnnA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors_embed.e5a87639edf322b79a0c.js Show response
s.tradingview.com/static/bundles/embed/ Frame 276A 147 KB
48 KB 17ms
17ms Script
application/javascript 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/vendors_embed.e5a87639edf322b79a0c.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

79292ca05a41222666bcef29f05c6a015e62907013534ca87dd2b2c82b15dbf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639070
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:46 GMT
server: tv
etag: W/"624415ae-bea8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: TLHd3A3y3bAXXE-RV5zl0NkdOFKW2km1GAJ1xwo_ZnlDddrlpTkriA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.825a3a0bed63423f8004.js Show response
s.tradingview.com/static/bundles/embed/ Frame 276A 293 KB
83 KB 19ms
19ms Script
application/javascript 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.825a3a0bed63423f8004.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

c40a76d5b2a499d72ae9cf56f048c1a79f55909ecf1d81550b2aa4269ac0442f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 10:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34329
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 06 Apr 2022 08:45:04 GMT
server: tv
etag: W/"624d5310-1486d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: mmhDNh9X8845gmQ1w8pWYKFRAOCOLiHlEm5SSmjr_KDM3LVC7u-bDQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3730.9257f8f29fa821be740b.css
s.tradingview.com/static/bundles/embed/ Frame 276A 2 KB
1 KB 47ms
45ms Stylesheet
text/css 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/3730.9257f8f29fa821be740b.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

a84a8744a41ecc1f71092aa59cf2ba573713c61179e9ecad6e3a5da4aac7bde9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639068
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:46 GMT
server: tv
etag: W/"624415ae-2e1"
vary: Accept-Encoding
content-type: text/css
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: dMd55JwUllUtuXFhsjRbN-ilKc4cBe_3FIWD0a_y4GHLAAfL7iycCA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 63975.0d1fcc5f4fdd633672c7.css
s.tradingview.com/static/bundles/embed/ Frame 276A 948 B
855 B 47ms
45ms Stylesheet
text/css 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/63975.0d1fcc5f4fdd633672c7.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

c7e58799078e5a29d5b03f677d5402d4c36edb7f2af33d6fad341cb998569ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639069
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:45 GMT
server: tv
etag: W/"624415ad-164"
vary: Accept-Encoding
content-type: text/css
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: RI43A5sOr_9nb8KluHmoaF-pbAsRyxQ7ojo1rjXuxJltd1DbDZUcng==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 50656.e7c578968176a2f9d12f.css
s.tradingview.com/static/bundles/embed/ Frame 276A 9 KB
2 KB 47ms
45ms Stylesheet
text/css 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/50656.e7c578968176a2f9d12f.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

d79fee025b93dac74df8a60e0c1676b78b99f614e6f37fe2b1bb0de2bea3b3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639069
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:45 GMT
server: tv
etag: W/"624415ad-58d"
vary: Accept-Encoding
content-type: text/css
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: dlTc4NEeBjxlHphuZL_V3tyLbHwHTxHApRBmkQ9wFsbzqwqFloaLEw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 49879.5fd8d33870aaa306e3ff.css
s.tradingview.com/static/bundles/embed/ Frame 276A 2 KB
1 KB 47ms
46ms Stylesheet
text/css 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/49879.5fd8d33870aaa306e3ff.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

00b32e46f9cc4c02ccaf4aabe945b62c38b7b0f77a76ed653947e17b98cfab25

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639069
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:45 GMT
server: tv
etag: W/"624415ad-230"
vary: Accept-Encoding
content-type: text/css
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: w3bbXk-wt1nV17E52Xa75V4C-iNcs6ep7rpktO7V8KqPLv1d9Yd-bg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2795.f6f223995b3c8b7ca58d.css
s.tradingview.com/static/bundles/embed/ Frame 276A 4 KB
1 KB 48ms
46ms Stylesheet
text/css 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/2795.f6f223995b3c8b7ca58d.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

5ecf9f2f22901cca86d63ffe4ac76ac9f9ac40c7887ebdedc1c52fa77e4bf905

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639069
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:44 GMT
server: tv
etag: W/"624415ac-2d5"
vary: Accept-Encoding
content-type: text/css
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: Z5Favz53xY2B6ttTQHdgONMjiaOOuQF0t_VEyX1TY6byi0Brc2Wh7A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 96908.92f65bb7f1a45f95dd70.css
s.tradingview.com/static/bundles/embed/ Frame 276A 1 KB
995 B 59ms
57ms Stylesheet
text/css 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/96908.92f65bb7f1a45f95dd70.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

49464ff796f9ad0ae71733bb09ca97b7a830625d69788b2fb82d389b7297a45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639069
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:46 GMT
server: tv
etag: W/"624415ae-1ed"
vary: Accept-Encoding
content-type: text/css
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: QvALVSL5w3CtDY4uGnEBFwaIPArw_U4Nn3a-Ic21sKZXfL_zMAnv2w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 63562.f1aaa4b56bfc5daefd58.css
s.tradingview.com/static/bundles/embed/ Frame 276A 1 KB
847 B 59ms
58ms Stylesheet
text/css 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/63562.f1aaa4b56bfc5daefd58.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

85a3d8af7a1f1580c3d29069e046b0bc5cea5406a3015d7f2de17d76fdef8711

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639068
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:45 GMT
server: tv
etag: W/"624415ad-157"
vary: Accept-Encoding
content-type: text/css
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: pb5SYzC334tSe4sYgd2jvTYTa-PqrvhqLz0d_C0C3SJJTiW02uXUeQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 27614.57ed1f0e14de0ce7dcbb.css
s.tradingview.com/static/bundles/embed/ Frame 276A 868 B
854 B 59ms
59ms Stylesheet
text/css 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/27614.57ed1f0e14de0ce7dcbb.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639068
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:46 GMT
server: tv
etag: W/"624415ae-161"
vary: Accept-Encoding
content-type: text/css
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: LGXJ7kF-hcXd5B44iXC4tHFzcRE_FZuH6ghufuPJBFf40H4RqJSuQQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 51803.be15964df34177eb183b.css
s.tradingview.com/static/bundles/embed/ Frame 276A 7 KB
2 KB 60ms
59ms Stylesheet
text/css 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/51803.be15964df34177eb183b.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

358a77653047ad7c05b75d09bd99ac299045ff2721d5811ec2f4ab87437c98f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639064
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:46 GMT
server: tv
etag: W/"624415ae-4f8"
vary: Accept-Encoding
content-type: text/css
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: p7FM4QPW0leT_Udr1oxdgP5c5hWVBp61L6L9oXpKeoXdHw3_o6jOjA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 63ms
31ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16055024-1&cid=1934947354.1649275756&jid=1496996655&_u=YEBAAUAAAAAAAC~&z=1833328760

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 20:09:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 61ms
32ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16055024-1&cid=1934947354.1649275756&jid=1496996655&_u=YEBAAUAAAAAAAC~&z=1833328760

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 20:09:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc.js Show response
stats.g.doubleclick.net/ Frame F0F7 45 KB
17 KB 45ms
22ms Script
text/javascript 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1486
date: Wed, 06 Apr 2022 19:44:28 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Wed, 06 Apr 2022 21:44:28 GMT

GET
H3 200 dc.js Show response
stats.g.doubleclick.net/ Frame 7AAE 45 KB
17 KB 32ms
18ms Script
text/javascript 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1486
date: Wed, 06 Apr 2022 19:44:28 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Wed, 06 Apr 2022 21:44:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 276A 96 KB
37 KB 36ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.825a3a0bed63423f8004.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b76ba6069e94791fea86ac3425ae824aff87339fb4ac3dfeeb0c46246dfe85b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38122
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Apr 2022 20:09:14 GMT

GET
H2 200 85281.63e7bf3850e5300c30c6.css
s.tradingview.com/static/bundles/embed/ Frame 276A 801 B
762 B 15ms
15ms Stylesheet
text/css 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/85281.63e7bf3850e5300c30c6.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.7b41d09fc83c402df89b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

21b6f7e53806831b90878a1db8cc8f9f30be536b98d75b388925c28374cbed22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639067
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:46 GMT
server: tv
etag: W/"624415ae-107"
vary: Accept-Encoding
content-type: text/css
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: L-UAbdblomJa9NXcROrGfDicac5nb1TQkHykJNDQTaulRa8Ki_yi1w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tradingview-copyright-data-impl.daf16313a49c23e46009.js Show response
s.tradingview.com/static/bundles/embed/ Frame 276A 4 KB
3 KB 15ms
15ms Script
application/javascript 18.66.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.daf16313a49c23e46009.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.7b41d09fc83c402df89b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-79.txl50.r.cloudfront.net

Software

tv /

Resource Hash

a0f893cdd27ad638374e84f2d6a4700d51817bfbad8c15885a40a976c201c119

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639068
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:46 GMT
server: tv
etag: W/"624415ae-8b1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: b_U9cpWasxbGRpL_C0W4wNMYobduhbpj6pt3qIWrbdnvan035z95-g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jsDynamic-bin-rev-20220304.js Show response
beforeitsnews.com/static/js-v3/ 4 KB
2 KB 33ms
33ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20220304.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220327.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 409
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:03 GMT
server: cloudflare
etag: W/"6240c117-105e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6f7d28fc98af8fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 11 Apr 2022 07:19:57 GMT

GET
H3 200 responsive-bin-rev-20220304.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
1 KB 34ms
34ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20220304.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220327.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 216720
cf-polished: origSize=1728
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:03 GMT
server: cloudflare
etag: W/"6240c117-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6f7d28fc98b68fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 11 Apr 2022 07:19:57 GMT

GET
H3 200 validate-bin-rev-20220304.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 36ms
36ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20220304.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220327.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 216720
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:04 GMT
server: cloudflare
etag: W/"6240c118-19fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6f7d28fc98b88fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 11 Apr 2022 07:19:57 GMT

GET
H3 200 loadmore-bin-rev-20220304.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
3 KB 33ms
32ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20220304.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220327.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 216720
cf-polished: origSize=14745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:03 GMT
server: cloudflare
etag: W/"6240c117-3999"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6f7d28fc98ba8fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 11 Apr 2022 07:19:57 GMT

GET
H3 200 lazy-loading-bin-rev-20220304.js Show response
beforeitsnews.com/static/js-v3/ 124 B
656 B 43ms
42ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/lazy-loading-bin-rev-20220304.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220327.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 216721
cf-polished: origSize=173
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:03 GMT
server: cloudflare
etag: W/"6240c117-ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6f7d28fc98bb8fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 11 Apr 2022 07:19:57 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 77 KB
27 KB 58ms
23ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220327.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc35289c9c1db23e19069f7829065dbf6bb81dee08abff40c051c57a24ee144c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 276A 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 268
date: Wed, 06 Apr 2022 20:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 06 Apr 2022 22:04:46 GMT

GET
H2 200 showing.php Show response
a1.beforeitsnews.com/dAjax/ 124 KB
14 KB 705ms
694ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.beforeitsnews.com/dAjax/showing.php?_=1649275756182

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c298467ce4ae0bbec5dc5dad890d53b2e5aae3609030199b47e792e70991c8d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private
cf-ray: 6f7d28fd1b909131-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 74ms
46ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20220327.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 299
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6f7d28fd5f959bd1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 09 Apr 2022 20:09:15 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 45ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.F6LGA7iG4FY.O/d=1/rs=AN8SPfoW6CKxTY2keQVmU9ibQZ16sxfslQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:38:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 06 Apr 2022 20:38:50 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.F6LGA7iG4FY.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpihpM0_op4PIemvL_VsiG6Rg_ukA/ 226 KB
77 KB 46ms
9ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.F6LGA7iG4FY.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpihpM0_op4PIemvL_VsiG6Rg_ukA/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.F6LGA7iG4FY.O/d=1/rs=AN8SPfoW6CKxTY2keQVmU9ibQZ16sxfslQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11c5625979269f539f0d6997bbef39ccb4f58713f1d080f9c08800a3f03a39a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 10:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79015
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 21:12:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 10:46:54 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 31ms
7ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:00:31 GMT
x-content-type-options: nosniff
age: 524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 06 Apr 2023 20:00:31 GMT

GET
H3 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 7F59 18 KB
3 KB 25ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.F6LGA7iG4FY.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpihpM0_op4PIemvL_VsiG6Rg_ukA/m=el_main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:38:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 06 Apr 2022 20:38:50 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
936 B 30ms
8ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:03:29 GMT
x-content-type-options: nosniff
age: 346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 06 Apr 2023 20:03:29 GMT

GET
H3 200 cleardot.gif
www.google.com/images/ 43 B
65 B 58ms
27ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 20:09:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 37ms
25ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2356
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6f7d28fe0dc59b5b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 09 Apr 2022 20:09:15 GMT

GET
H2 200 supportedLanguages Show response
translate-pa.googleapis.com/v1/ Frame D91E 14 KB
2 KB 66ms
28ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-length: 1213
x-xss-protection: 0
expires: Wed, 06 Apr 2022 20:09:15 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/ 4 KB
2 KB 42ms
17ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2d5082c838c08e75129535e625ad20eced3811758e0013e8c36412c4e96bb2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 3080
cf-polished: origSize=4420
status: 200 OK
x-envoy-upstream-service-time: 28
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 54117054-6eb5-4723-8cfe-55d3d02ab6ae
x-runtime: 0.026336
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6cdda8f42289332c791b3a983ab7af0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6f7d28febc5b9bd1-FRA
access-control-allow-headers: SDK-Version
expires: Wed, 06 Apr 2022 21:09:15 GMT

GET
H3 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 8ms
7ms Image
image/gif 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:00:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 180555
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Apr 2023 18:00:00 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
44 B 132ms
119ms Script
text/plain 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1649275756687459693843&lct=1649203200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=624df36d-15e2f&pageView=1&pvid=180007ee08f94321f4d&site=310742&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6f7d29004e86694f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 200 ebay.svg
s3-symbol-logo.tradingview.com/ Frame 276A 1 KB
1 KB 71ms
11ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/ebay.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:44:47 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:07 GMT
server: AmazonS3
age: 1469
etag: W/"10fc27643c8debeb225d244f546f3641"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 10fc27643c8debeb225d244f546f3641
x-amz-cf-id: WciGhgexfHqKQEGr30ViPJA88lWA-CZPXFAzZl1ro5RKSkixpDp2lQ==

GET
H2 200 paypal.svg
s3-symbol-logo.tradingview.com/ Frame 276A 1 KB
1 KB 71ms
11ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/paypal.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:33:01 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:02:09 GMT
server: AmazonS3
age: 2178
etag: W/"65eea60fcee5ecdfdbb1acd1ba7cc66b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 65eea60fcee5ecdfdbb1acd1ba7cc66b
x-amz-cf-id: Jg2Pld5q6TzgwJiF8LCR0ZSFG0QwcrWSAjzzDP2YvbJKp-UC-ak4SQ==

GET
H2 200 gamestop.svg
s3-symbol-logo.tradingview.com/ Frame 276A 1 KB
1 KB 77ms
18ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/gamestop.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:54:19 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:53:53 GMT
server: AmazonS3
age: 897
etag: W/"bbf56edc1acae4673f8e03ab9e3e2290"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: bbf56edc1acae4673f8e03ab9e3e2290
x-amz-cf-id: X4s6e9P0rydSUMN6THNdsZR5fednZY6aE8H9eXEOQ3wAWRY1McS4Pw==

GET
H2 200 united-parcel.svg
s3-symbol-logo.tradingview.com/ Frame 276A 1 KB
1 KB 75ms
15ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/united-parcel.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:14:48 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:56:05 GMT
server: AmazonS3
age: 3268
etag: W/"ffadcdfb231eca2a6bddb9ca0efde5be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: ffadcdfb231eca2a6bddb9ca0efde5be
x-amz-cf-id: iDOzhsTHdVBD_nvkHFdhmRbM5QgK85_c7ZAf-w0L75KUEAPmhHl2fQ==

GET
H2 200 fedex.svg
s3-symbol-logo.tradingview.com/ Frame 276A 182 B
582 B 72ms
12ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/fedex.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:37:31 GMT
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:21 GMT
server: AmazonS3
age: 1935
etag: "a4fcbd383e2f657b6528f4aa95844de5"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: a4fcbd383e2f657b6528f4aa95844de5
content-length: 182
x-amz-cf-id: EetLeCHAFJZFdMugBpJ6qR_EHtAv7F0S7pqfPjZ9u4CTOEgNG5wCZw==

GET
H2 200 tesla.svg
s3-symbol-logo.tradingview.com/ Frame 276A 508 B
899 B 71ms
12ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/tesla.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:31:48 GMT
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:16 GMT
server: AmazonS3
age: 2248
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
content-length: 508
x-amz-cf-id: UP31N89TWpLbwH5ffQwezFJ2ZkZHY-TGIuH3vNImejH5-h-czLwk3Q==

GET
H2 200 dillards.svg
s3-symbol-logo.tradingview.com/ Frame 276A 522 B
921 B 23ms
15ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/dillards.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:19:32 GMT
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:49 GMT
server: AmazonS3
age: 2984
etag: "fe0a346dd65be84d3e810b04e0ec4c77"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: fe0a346dd65be84d3e810b04e0ec4c77
content-length: 522
x-amz-cf-id: yvOT1rPRysUz0vAaPHxpgzP3FCmXz6hvTDDG_NLAGcW8BRdwEf-K9w==

GET
H2 200 amazon.svg
s3-symbol-logo.tradingview.com/ Frame 276A 1 KB
1 KB 15ms
8ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/amazon.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:25:59 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:49 GMT
server: AmazonS3
age: 2596
etag: W/"839d24db4574bb8543cec9624d3e1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
x-amz-cf-id: y_akZSA3cm1TW6a0H_rddnr5ghcTg2k9dq-xfi3Ukg8PVcBVcqOBGg==

GET
H2 200 crispr-therapeutics-ag.svg
s3-symbol-logo.tradingview.com/ Frame 276A 1 KB
1 KB 16ms
9ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crispr-therapeutics-ag.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:46:51 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:03:06 GMT
server: AmazonS3
age: 1382
etag: W/"16a44c1a6154b68c7aa2fa206e59c817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 16a44c1a6154b68c7aa2fa206e59c817
x-amz-cf-id: ZxTb_ETH76qhQq03Dpvo6oRiqt4OFgcSjr_kFAYVqaL3fB651jkxBg==

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 276A 523 B
913 B 17ms
9ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:43:48 GMT
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:05:18 GMT
server: AmazonS3
age: 1528
etag: "4542d4ecd73f04c73affa787a4522596"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
content-length: 523
x-amz-cf-id: r-hu3lUMF1Ml0Ar5rMXNza9JdBETLhQ_2N76g-bcFRHl5KGxV2YuHA==

GET
H2 200 meta-platforms.svg
s3-symbol-logo.tradingview.com/ Frame 276A 786 B
1 KB 18ms
10ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/meta-platforms.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:32:44 GMT
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Fri, 05 Nov 2021 11:07:13 GMT
server: AmazonS3
age: 2192
etag: "cafd1d7d717ad67e5dbe45b88fa3d47b"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: cafd1d7d717ad67e5dbe45b88fa3d47b
content-length: 786
x-amz-cf-id: z1Kh4Zv52WSV-Z-OTVMRO-PDDBWRzE7pbu-p8LLeopukTQmIHFuCMg==

GET
H2 200 twitter.svg
s3-symbol-logo.tradingview.com/ Frame 276A 635 B
1023 B 18ms
11ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/twitter.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:15:22 GMT
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:54:59 GMT
server: AmazonS3
age: 3234
etag: "4c66a5172a9c77ab75e140f5079218ec"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 4c66a5172a9c77ab75e140f5079218ec
content-length: 635
x-amz-cf-id: pkmw9dZJriiacm2KvCrFoaPCU1FnaOV122NbWJexEGbKh0kCRR_Dag==

GET
H2 200 apple.svg
s3-symbol-logo.tradingview.com/ Frame 276A 1 KB
1 KB 19ms
12ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/apple.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:05:43 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
server: AmazonS3
age: 213
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
x-amz-cf-id: SFDiMziDfzKmlDWAWZmNADIfecRqyXTWzKg3Dx8Pi6bYILS8ms4ZuQ==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 276A 801 B
1 KB 20ms
13ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:47:10 GMT
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:03:52 GMT
server: AmazonS3
age: 1326
etag: "107060b925841745f310697bd9f1f83d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
content-length: 801
x-amz-cf-id: shu-Z0ReLMxilprCiha7tr2B_VaWmoE7NKZRlWc80iMyQIOkkvNNwg==

GET
H2 200 berkshire-hathaway.svg
s3-symbol-logo.tradingview.com/ Frame 276A 1 KB
1 KB 21ms
13ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/berkshire-hathaway.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:57:39 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:25 GMT
server: AmazonS3
age: 700
etag: W/"7c18bc7ae368cb48e47ba8066bb6f18d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 7c18bc7ae368cb48e47ba8066bb6f18d
x-amz-cf-id: 7yhjmKEmxuWh8PhZmlqhI6LK_m_5dA893JirQwXWoSM6PhtPfsi_Ng==

GET
H2 200 microsoft.svg
s3-symbol-logo.tradingview.com/ Frame 276A 304 B
693 B 21ms
14ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/microsoft.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:31:57 GMT
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
server: AmazonS3
age: 2246
etag: "074d127e2f9fd8c2e79c01a5f002979c"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
content-length: 304
x-amz-cf-id: i8zXmbARLwaVJT9l9bozkJTeZ71xu9qRRPxvjSkIgvl23gToFRYhYQ==

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 276A 3 KB
792 B 53ms
10ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:42:22 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
server: AmazonS3
age: 1614
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
x-amz-cf-id: zBgex5Hb-UyXFP-CQv7kusR22mvUJXfOQx_jTPs2zOTfCs2PhKPq-A==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 276A 870 B
1 KB 53ms
10ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:34:36 GMT
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
server: AmazonS3
age: 2080
etag: "e9173ef4613c3da43c45885ea39c4b96"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
content-length: 870
x-amz-cf-id: whEv4xdeCNUz7_PcGxbDVGkoSTKKlWU-i1IM0-ro-yesV2Cu_a-X6A==

GET
H2 200 alphabet.svg
s3-symbol-logo.tradingview.com/ Frame 276A 761 B
1 KB 22ms
15ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/alphabet.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:30:08 GMT
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:55:20 GMT
server: AmazonS3
age: 2348
etag: "d721ee9258a9e765f67ec5dfb05d72f2"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: d721ee9258a9e765f67ec5dfb05d72f2
content-length: 761
x-amz-cf-id: pU-vD9OTocOlMpX7Fr8qlwRkf7acp-EIBWI4IKaNTY3nW2B9u8tseA==

GET
H2 200 nasdaq-100.svg
s3-symbol-logo.tradingview.com/indices/ Frame 276A 1 KB
1023 B 52ms
9ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f627c7dd2a4af8ffa3d7ff2b7ce59e01539ff3e73cdf3fd8ee10f9b4ed56ca0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:33:25 GMT
content-encoding: gzip
last-modified: Sat, 02 Apr 2022 07:42:49 GMT
server: AmazonS3
age: 2151
etag: W/"2d70e9fa727864b2edac524d90d48e72"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: 2d70e9fa727864b2edac524d90d48e72
x-amz-cf-id: wi1nnIu46GR2RNtANn5oKWfhJVPePZ8G54ucjzKzWDjU5figXL_5sQ==

GET
H2 200 s-and-p-500.svg
s3-symbol-logo.tradingview.com/indices/ Frame 276A 2 KB
1 KB 51ms
9ms Image
image/svg+xml 2600:9000:225e:3c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc9906ae2eb46a468151265d3cadd50e4f3fec3c9d2bd379748fef41d279b1ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:45:01 GMT
content-encoding: gzip
last-modified: Sat, 02 Apr 2022 07:42:51 GMT
server: AmazonS3
age: 1455
etag: W/"d7dcef65c61349daf83b746ace461d47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA60-P4
x-amz-meta-hash: d7dcef65c61349daf83b746ace461d47
x-amz-cf-id: 1uomwMO8h-ssq_SDzN2z2eV54AalSqb-BlsDkmtF9FPvESyEUEuogw==

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 44ms
32ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 678
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: NWSR0TTTXYDHZTVM
x-amz-id-2: CBVPpuL41StJGVGPb7Cj3Eg3dJC9NwSdr1nGroE3fSNb/PJayzs8WsMHm6EQYAetwZZ80MvtIFk=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6f7d2900cfcc694f-FRA
expires: Thu, 07 Apr 2022 20:09:15 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
811 B 44ms
33ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FG38KV8M26FJED0H
x-amz-id-2: l3mAmuVjrUpypqS5VMdKU9TSK4C8/XeNHrmQdJJY1qaVIia26ovBa8AH+EEpwEVsS3UTtkQfoiM=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6f7d2900cfca694f-FRA
expires: Thu, 07 Apr 2022 20:09:15 GMT

GET
H3 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 25ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 17:23:17 GMT
x-content-type-options: nosniff
age: 96358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 17:23:17 GMT

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 4 KB
2 KB 43ms
30ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?pv=5&cbuster=1649275756898971307552&lct=1649203200&niet=4g&nisd=false&jsv=es6&w=370&h=1095&cols=1&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=624df36d-15e2f&pageView=1&pvid=180007ee08f94321f4d&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c26fc290f89d67bc8ee7265f1a0eed9dcf7bde2db116edeeda7ce68059384587

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 6f7d2901997a694f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/720413/ 1 KB
823 B 48ms
44ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720413/1?w=370&h=330&cols=1&pv=5&cbuster=1649275756900747346298&uniqId=0b699&lct=1649203200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=624df36d-15e2f&pageView=0&pvid=180007ee08f94321f4d&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 592c413af52d483656a5e67bec31ecaa5e6eebfb41056313fb444ff1700a1457

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 6f7d2901997d694f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
rumble.com/embed/vxdl17/ Frame F12E 17 KB
7 KB 311ms
104ms Document
text/html 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/vxdl17/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

90b30d6156360e17597da1243925554668eeb5d68e0717aad660493a024f7ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 06 Apr 2022 20:09:15 GMT
link: <https://rumble.com/vzzr1r-this-is-joe-bidens-america-not-even-close.html>; rel="canonical"
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
vary: Accept-Encoding

GET
H2 200 / Show response
rumble.com/embed/vxb5i3/ Frame C533 17 KB
7 KB 393ms
190ms Document
text/html 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/vxb5i3/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

6a123a54bdcbc73889d5f63c9b3e1b9a5705120d7711ea9dc1256847120e4a29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 06 Apr 2022 20:09:15 GMT
link: <https://rumble.com/vzxbin-congress-uses-tips-they-learned-from-silicon-valley-to-control-you-cradle-t.html>; rel="canonical"
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
vary: Accept-Encoding

GET
H3 200 1254f8aeb6052793b95b5f24352a623f1c485941.jpeg
beforeitsnews.com/img/i2022/04/ 13 KB
13 KB 63ms
60ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2022/04/1254f8aeb6052793b95b5f24352a623f1c485941.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d23a42bddab61b2b5d6aaa2428483ed8e502f5107a3eab8cc733b6b86913514

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 487416
cf-polished: origSize=13891, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13053
last-modified: Wed, 21 Aug 2019 02:22:47 GMT
server: cloudflare
etag: "5d5caaf7-3643"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 01 Apr 2023 04:00:12 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6f7d2901ab9b8fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg
beforeitsnews.com/img/i2022/04/ 15 KB
16 KB 41ms
36ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2022/04/cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b997bcff91f40fdd88dfa17feadca80bc7029e99e6dcbe6d78f3a1e210a9432

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 487416
cf-polished: origSize=16737, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15529
last-modified: Fri, 16 Aug 2019 22:57:14 GMT
server: cloudflare
etag: "5d5734ca-4161"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 01 Apr 2023 04:00:00 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6f7d2901aba78fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 4d414e65062e5cf65657538917dbd86cddece9f2.jpg
beforeitsnews.com/img/banner_contract/ 51 KB
52 KB 54ms
52ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/4d414e65062e5cf65657538917dbd86cddece9f2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba8bc161394d0f1fd1a2117405b99c2ff97fdd2bbf274310faeeba1f4129b1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 161388
cf-polished: origSize=59870, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52616
last-modified: Mon, 01 Nov 2021 22:43:47 GMT
server: cloudflare
etag: "61806da3-e9de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 17 Mar 2023 12:53:23 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6f7d2901aba98fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg
beforeitsnews.com/img/banner_contract/ 46 KB
46 KB 36ms
34ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58edc25ba1976b550899f5f02fe9344f4f5fccfd573a379df3451e743f8a8c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10477
cf-polished: origSize=51812, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46896
last-modified: Sat, 22 May 2021 12:15:55 GMT
server: cloudflare
etag: "60a8f5fb-ca64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 Apr 2023 17:06:52 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6f7d2901abab8fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
beforeitsnews.com/img/banner_contract/ 36 KB
36 KB 33ms
31ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 821380
cf-polished: origSize=36512, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36504
last-modified: Sat, 22 May 2021 12:16:37 GMT
server: cloudflare
etag: "60a8f625-8ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 16 Mar 2023 15:37:01 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6f7d2901abb08fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg
beforeitsnews.com/img/banner_contract/ 81 KB
82 KB 48ms
46ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 219104
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83236
last-modified: Fri, 04 Mar 2022 07:11:55 GMT
server: cloudflare
etag: "6221bbbb-14524"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 04 Apr 2023 07:12:12 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6f7d2901abb18fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 dcf09c8773644d031c1df11dd4352afcab7d6112.jpg
beforeitsnews.com/img/banner_contract/ 59 KB
59 KB 46ms
44ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/dcf09c8773644d031c1df11dd4352afcab7d6112.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed390e84c9cbc129328c6da9ead576f839b6fec67eb9ace1b32740f4641953a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 821745
cf-polished: origFmt=jpeg, origSize=149331
content-disposition: inline; filename="dcf09c8773644d031c1df11dd4352afcab7d6112.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60198
last-modified: Mon, 11 Oct 2021 07:26:58 GMT
server: cloudflare
etag: "6163e742-24753"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 23 Mar 2023 20:12:50 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6f7d2901abb28fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 1 Show response
servicer.mgid.com/720415/ 1 KB
913 B 53ms
52ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720415/1?w=370&h=330&cols=1&pv=5&cbuster=1649275756918433262800&uniqId=0070c&lct=1649203200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=624df36d-15e2f&pageView=0&pvid=180007ee08f94321f4d&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f64e2fc1e164a9327903f64967e77b69208bd79faf3278db718f05562a031d81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 6f7d2901a99e694f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK anvload.html Show response
w3.mp.lura.live/player/prod/v3/ Frame B5C7 562 B
1 KB 92ms
17ms Document
text/html 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiMTA1MzI3NCIsImFudmFjayI6Imw1UXczZHczZG1Vam9rTVVsVTdXNllHVEJHSzJsUTlSIiwic2hhcmVMaW5rIjoiaHR0cHM6Ly93d3cuZm94MmRldHJvaXQuY29tL25ld3Mvd2F0Y2gtbGl2ZS10cnVtcC1yYWxseS1pbi13YXNoaW5ndG9uLXRvd25zaGlwIiwicGx1Z2lucyI6eyJjdXN0b21Db21zY29yZVBsdWdpbiI6eyJjMyI6IkZPWCAyIERldHJvaXQiLCJjNiI6ImZ0cyIsInNjcmlwdCI6Imh0dHBzOi8vc3RhdGljLmZveHR2LmNvbS9zdGF0aWMvb3Jpb24vc2NyaXB0cy9jb3JlL3V0aWxzL2NvbXNjb3JlL0N1c3RvbUNvbXNjb3JlUGx1Z2luLmpzIiwic2RrIjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvY29tc2NvcmUuanMiLCJjbGllbnRJZCI6IjYwNDI5MDEiLCJuc19zdF9zdCI6IldKQksiLCJ0aXRsZSI6IlRydW1wIHJhbGx5IGluIFdhc2hpbmd0b24gVG93bnNoaXAiLCJuc19zdF9jaSI6IjEwNTMyNzQifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJ3amJrIiwiYXBwX25hbWUiOiJmb3gyZGV0cm9pdC5jb20iLCJhcHBfcGxhdGZvcm0iOiJ3ZWIiLCJhcHBfdmVyc2lvbiI6IjEuMC4wIiwic2VnbWVudElkIjoidW8yWW02RVUxNmpWVXlBNUx3WlpGVW81bTllRmJmMmciLCJwbGF5ZXJVbmlxdWVJZCI6InBsYXllci1hYWYyMDYxYy04MzJlLTQ2YzQtODIxOC03MzQxZDFlZDFlMzEifSwiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS82Mzc5MDU2NC93amJrX2ZveDImZGVzY3JpcHRpb25fdXJsPVtwbGFjZWhvbGRlcl0mZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPSZ0ZmNkPTAmbnBhPTAmZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZzej0xMDAxeDEwMDEmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZjbXNpZD0yNTQxMDM3JnZpZD0xMDUzMjc0Iiwia2V5VmFsdWVzIjp7InN0eXBlIjpbIm5ld3MiXSwicHR5cGUiOiJ2aWRlby1jbGlwIiwiYyI6WyJuZXdzIiwibWkiLCJ1cyJdLCJkIjoid2ViIiwidXNfcHJpdmFjeSI6IjEtLS0ifX19fSwiaHRtbDUiOnRydWUsImZvcm1hdCI6Im0zdTgiLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUoyYVdRaU9pSXhNRFV6TWpjMElpd2lhWE56SWpvaWJEVlJkek5rZHpOa2JWVnFiMnROVld4Vk4xYzJXVWRVUWtkTE1teFJPVklpTENKbGVIQWlPakUyTkRrd09USTRNRFlzSW1saGRDSTZNVFkwT1RBNE9USXdObjAuSEdhUGh0S2Y1RlJ0aGhjN2Y3MURuN3JQU0ZiQjRjZXJzSjJKUHdQWUVKOCJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 7e4737e7c4ec7eb997104bae7f89d6f865d25e7fdba20f5237819fa5bbab6bf4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 292
Content-Type: text/html
Date: Wed, 06 Apr 2022 20:09:15 GMT
ETag: "9d967b1f65ac81dd226533f6acb62bc3"
Last-Modified: Wed, 06 Apr 2022 11:29:20 GMT
Server: UploadServer
X-GUploader-UploadID: ADPycdu7ajDxewFiUydjhhpq8IBYX-Ola1HqlXcHoqzfTwhO6R7xsBCnNUZSS6R02esfnSvou97x2lruLtqBjCyURtnYXkzvyg
X-HW: 1649275755.dop120.am5.t,1649275755.cds324.am5.shn,1649275755.dop120.am5.t,1649275755.cds292.am5.c
x-goog-generation: 1649244560955352
x-goog-hash: crc32c=pxvwJg== md5=nZZ7H2Wsgd0iZTP2rLYrww==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 292

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 27ms
24ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 3891
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FG34RV4K6FMDV6G1
x-amz-id-2: tEFXSmgkprG5Jw7iBcEcrDj5Gfr2Arr7AwwbY8NJ5BDjB4bRL9nehzAWxlrhvKW6ZW8KK7LheRI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6f7d2901f84e90a3-FRA
expires: Thu, 07 Apr 2022 20:09:15 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 32ms
30ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 3887
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FG3F0R94819AK0XK
x-amz-id-2: 7EhZ7v77SUBqZG4SmP3QHGaUmQNEvQoqbc8skzEQkltu7S81gkYpZZr/vAozukpnbKgCzFi8C08=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6f7d2901f85090a3-FRA
expires: Thu, 07 Apr 2022 20:09:15 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvOWZlYWY1YjVjYjBhYzQyY...
s-img.mgid.com/g/11533304/492x277/-/ 17 KB
18 KB 70ms
29ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533304/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvOWZlYWY1YjVjYjBhYzQyYjZhMmI5NGZhNDc3MzFhZTcuanBlZw.webp?v=1649275755-eyOX-oSBd9EqUniUvjSh9h8FzAQypV9d_1mAJoT2ow4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 962ad038354035ffa7514c00b09391bb845c71748414018801d8b0710e5a13a7

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:24:27 GMT
x-mg-request-uuid: 85fd14d9-5789-4caf-9624-6a108263b1b2
age: 213505
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d29023c299bda-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17780
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9iOGE4NTNiMzc3NzMzMGI4NjA5MTBiZTMyMmE2NmRjYi5qcGVn.webp
s-img.mgid.com/g/3805658/492x277/0x0x902x601/ 28 KB
28 KB 70ms
30ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805658/492x277/0x0x902x601/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9iOGE4NTNiMzc3NzMzMGI4NjA5MTBiZTMyMmE2NmRjYi5qcGVn.webp?v=1649275755-DJEDVibqw9IFz_EhB319wm6v-ZIotuS9J_LAJy_hfUc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04ecbc9b770010b601da6d00953e93604a0cdf2de710367f6fa8b0cc6edec51d

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:56:53 GMT
x-mg-request-uuid: fc8e06ad-a31d-4776-9156-e84c491c66d2
age: 213702
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d29023c339bda-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28750
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzA4Zjg4MTdjZmQxNzk3N...
s-img.mgid.com/g/11533300/492x277/-/ 37 KB
38 KB 83ms
44ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533300/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzA4Zjg4MTdjZmQxNzk3N2NlZmIzYzEzNDlhODkxYjQuanBlZw.webp?v=1649275755-q21KP84bIzb_rOmakmI0JgsEBZPlbVGru5ZFW4scMD8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b60deb0a2079173ef23e3525d66b6a0681b8305a2a699ae059c1f360bfbb882c

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:23:33 GMT
x-mg-request-uuid: 0b008a7e-092c-4b87-843d-43f109500ed5
age: 213683
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d29023c3a9bda-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38134
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2VhZWMxNzA1NjlkMDVhYzdhZjZkMjRkNDZlMWIyMDNjLmpwZWc.webp
s-img.mgid.com/g/3959819/492x277/0x86x1024x682/ 8 KB
8 KB 66ms
27ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3959819/492x277/0x86x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2VhZWMxNzA1NjlkMDVhYzdhZjZkMjRkNDZlMWIyMDNjLmpwZWc.webp?v=1649275755--ij2nlc6heJ8xjQ8qNbRBBWCXRuHnpH7jQSrcOK3qwk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fbe550b77ee74326c037ac840193315da6af2ccd701865af574ee9194271486

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 16:00:15 GMT
x-mg-request-uuid: 0620958e-3f1d-4db2-a1c5-cbcb319b8405
age: 213624
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d29023c3e9bda-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7886
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp
s-img.mgid.com/g/8164894/492x328/72x0x1009x672/ 17 KB
17 KB 43ms
28ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164894/492x328/72x0x1009x672/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp?v=1649275755-mEpNLPrjH61DPmmaovISVFE4d9iKbSPGBmicW6QnWMA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09cc917c1b40ae197096b753399278c81a7198cdc9b739062d55a385607ac7a0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:53:52 GMT
x-mg-request-uuid: 68efe79e-0134-48c0-8786-415d333c4070
age: 213589
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d29023c3d9bda-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17268
server: cloudflare

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 24ms
23ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 293
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 6f7d290238299b5b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 06 May 2022 20:09:15 GMT

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 21ms
21ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 3891
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FG34RV4K6FMDV6G1
x-amz-id-2: tEFXSmgkprG5Jw7iBcEcrDj5Gfr2Arr7AwwbY8NJ5BDjB4bRL9nehzAWxlrhvKW6ZW8KK7LheRI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6f7d2902389c90a3-FRA
expires: Thu, 07 Apr 2022 20:09:15 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 35ms
34ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 3887
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FG3F0R94819AK0XK
x-amz-id-2: 7EhZ7v77SUBqZG4SmP3QHGaUmQNEvQoqbc8skzEQkltu7S81gkYpZZr/vAozukpnbKgCzFi8C08=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6f7d290238a190a3-FRA
expires: Thu, 07 Apr 2022 20:09:15 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA2LzEwMTkyNC84NThhNmQzZjg3NWEyZDQyN...
s-img.mgid.com/g/11533466/492x328/-/ 13 KB
13 KB 33ms
33ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533466/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA2LzEwMTkyNC84NThhNmQzZjg3NWEyZDQyNjI0MDRmNjRmOGVlODUyMi5qcGVn.webp?v=1649275755-zmfCrhuxRk1d7XABXfWFfg6Kk0WU52vjM2ppD6YHHSQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1142b7b240ebf021f074f0daaa9811f8a560350768ebe608500d69c7335755a

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:15 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:34:50 GMT
x-mg-request-uuid: b40753eb-6e6b-4e4d-b285-d2c9aaf6e8da
age: 213698
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6f7d29023c449bda-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12812
server: cloudflare

GET
H2 200 i.js Show response
cm.mgid.com/ 0
38 B 139ms
127ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1649275757018721332561
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 20:09:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6f7d29025af8694f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 5181 0
125 B 114ms
111ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1649275757033952181900
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 20:09:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6f7d29025b14694f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK anvplayer.min.js Show response
w3.mp.lura.live/player/prod/v3/90632594/scripts/ Frame B5C7 2 MB
703 KB 16ms
15ms Script
text/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiMTA1MzI3NCIsImFudmFjayI6Imw1UXczZHczZG1Vam9rTVVsVTdXNllHVEJHSzJsUTlSIiwic2hhcmVMaW5rIjoiaHR0cHM6Ly93d3cuZm94MmRldHJvaXQuY29tL25ld3Mvd2F0Y2gtbGl2ZS10cnVtcC1yYWxseS1pbi13YXNoaW5ndG9uLXRvd25zaGlwIiwicGx1Z2lucyI6eyJjdXN0b21Db21zY29yZVBsdWdpbiI6eyJjMyI6IkZPWCAyIERldHJvaXQiLCJjNiI6ImZ0cyIsInNjcmlwdCI6Imh0dHBzOi8vc3RhdGljLmZveHR2LmNvbS9zdGF0aWMvb3Jpb24vc2NyaXB0cy9jb3JlL3V0aWxzL2NvbXNjb3JlL0N1c3RvbUNvbXNjb3JlUGx1Z2luLmpzIiwic2RrIjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvY29tc2NvcmUuanMiLCJjbGllbnRJZCI6IjYwNDI5MDEiLCJuc19zdF9zdCI6IldKQksiLCJ0aXRsZSI6IlRydW1wIHJhbGx5IGluIFdhc2hpbmd0b24gVG93bnNoaXAiLCJuc19zdF9jaSI6IjEwNTMyNzQifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJ3amJrIiwiYXBwX25hbWUiOiJmb3gyZGV0cm9pdC5jb20iLCJhcHBfcGxhdGZvcm0iOiJ3ZWIiLCJhcHBfdmVyc2lvbiI6IjEuMC4wIiwic2VnbWVudElkIjoidW8yWW02RVUxNmpWVXlBNUx3WlpGVW81bTllRmJmMmciLCJwbGF5ZXJVbmlxdWVJZCI6InBsYXllci1hYWYyMDYxYy04MzJlLTQ2YzQtODIxOC03MzQxZDFlZDFlMzEifSwiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS82Mzc5MDU2NC93amJrX2ZveDImZGVzY3JpcHRpb25fdXJsPVtwbGFjZWhvbGRlcl0mZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPSZ0ZmNkPTAmbnBhPTAmZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZzej0xMDAxeDEwMDEmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZjbXNpZD0yNTQxMDM3JnZpZD0xMDUzMjc0Iiwia2V5VmFsdWVzIjp7InN0eXBlIjpbIm5ld3MiXSwicHR5cGUiOiJ2aWRlby1jbGlwIiwiYyI6WyJuZXdzIiwibWkiLCJ1cyJdLCJkIjoid2ViIiwidXNfcHJpdmFjeSI6IjEtLS0ifX19fSwiaHRtbDUiOnRydWUsImZvcm1hdCI6Im0zdTgiLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUoyYVdRaU9pSXhNRFV6TWpjMElpd2lhWE56SWpvaWJEVlJkek5rZHpOa2JWVnFiMnROVld4Vk4xYzJXVWRVUWtkTE1teFJPVklpTENKbGVIQWlPakUyTkRrd09USTRNRFlzSW1saGRDSTZNVFkwT1RBNE9USXdObjAuSEdhUGh0S2Y1RlJ0aGhjN2Y3MURuN3JQU0ZiQjRjZXJzSjJKUHdQWUVKOCJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 7feedef5ec2be919df16ee6ef2e80ecdd8b80daf012093c742829599b8d4bfe9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiMTA1MzI3NCIsImFudmFjayI6Imw1UXczZHczZG1Vam9rTVVsVTdXNllHVEJHSzJsUTlSIiwic2hhcmVMaW5rIjoiaHR0cHM6Ly93d3cuZm94MmRldHJvaXQuY29tL25ld3Mvd2F0Y2gtbGl2ZS10cnVtcC1yYWxseS1pbi13YXNoaW5ndG9uLXRvd25zaGlwIiwicGx1Z2lucyI6eyJjdXN0b21Db21zY29yZVBsdWdpbiI6eyJjMyI6IkZPWCAyIERldHJvaXQiLCJjNiI6ImZ0cyIsInNjcmlwdCI6Imh0dHBzOi8vc3RhdGljLmZveHR2LmNvbS9zdGF0aWMvb3Jpb24vc2NyaXB0cy9jb3JlL3V0aWxzL2NvbXNjb3JlL0N1c3RvbUNvbXNjb3JlUGx1Z2luLmpzIiwic2RrIjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvY29tc2NvcmUuanMiLCJjbGllbnRJZCI6IjYwNDI5MDEiLCJuc19zdF9zdCI6IldKQksiLCJ0aXRsZSI6IlRydW1wIHJhbGx5IGluIFdhc2hpbmd0b24gVG93bnNoaXAiLCJuc19zdF9jaSI6IjEwNTMyNzQifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJ3amJrIiwiYXBwX25hbWUiOiJmb3gyZGV0cm9pdC5jb20iLCJhcHBfcGxhdGZvcm0iOiJ3ZWIiLCJhcHBfdmVyc2lvbiI6IjEuMC4wIiwic2VnbWVudElkIjoidW8yWW02RVUxNmpWVXlBNUx3WlpGVW81bTllRmJmMmciLCJwbGF5ZXJVbmlxdWVJZCI6InBsYXllci1hYWYyMDYxYy04MzJlLTQ2YzQtODIxOC03MzQxZDFlZDFlMzEifSwiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS82Mzc5MDU2NC93amJrX2ZveDImZGVzY3JpcHRpb25fdXJsPVtwbGFjZWhvbGRlcl0mZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPSZ0ZmNkPTAmbnBhPTAmZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZzej0xMDAxeDEwMDEmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZjbXNpZD0yNTQxMDM3JnZpZD0xMDUzMjc0Iiwia2V5VmFsdWVzIjp7InN0eXBlIjpbIm5ld3MiXSwicHR5cGUiOiJ2aWRlby1jbGlwIiwiYyI6WyJuZXdzIiwibWkiLCJ1cyJdLCJkIjoid2ViIiwidXNfcHJpdmFjeSI6IjEtLS0ifX19fSwiaHRtbDUiOnRydWUsImZvcm1hdCI6Im0zdTgiLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUoyYVdRaU9pSXhNRFV6TWpjMElpd2lhWE56SWpvaWJEVlJkek5rZHpOa2JWVnFiMnROVld4Vk4xYzJXVWRVUWtkTE1teFJPVklpTENKbGVIQWlPakUyTkRrd09USTRNRFlzSW1saGRDSTZNVFkwT1RBNE9USXdObjAuSEdhUGh0S2Y1RlJ0aGhjN2Y3MURuN3JQU0ZiQjRjZXJzSjJKUHdQWUVKOCJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=KFd+GQ==, md5=5dYgcr2A4h+PMRC6I1x0Xw==
Date: Wed, 06 Apr 2022 20:09:15 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdv3kLY3ANNNyxGbxASMwxC7IOTbmj43DnLsLkYsqv2q-sfZYwVLofxW2_YFhASx9Dapmg1En9g03uNvJKa349H9Ib1qLQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 718608
Last-Modified: Wed, 06 Apr 2022 11:29:18 GMT
Server: UploadServer
ETag: "e5d62072bd80e21f8f3110ba235c745f"
X-HW: 1649275755.dop120.am5.t,1649275755.cds324.am5.shn,1649275755.dop120.am5.t,1649275755.cds017.am5.c
x-goog-generation: 1649244558622767
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 718608
Accept-Ranges: bytes
Content-Type: text/javascript

GET
H/1.1 200
OK anvhtml5.css
w3.mp.lura.live/player/prod/v3/ Frame B5C7 47 KB
10 KB 40ms
14ms Stylesheet
text/css 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/anvhtml5.css
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiMTA1MzI3NCIsImFudmFjayI6Imw1UXczZHczZG1Vam9rTVVsVTdXNllHVEJHSzJsUTlSIiwic2hhcmVMaW5rIjoiaHR0cHM6Ly93d3cuZm94MmRldHJvaXQuY29tL25ld3Mvd2F0Y2gtbGl2ZS10cnVtcC1yYWxseS1pbi13YXNoaW5ndG9uLXRvd25zaGlwIiwicGx1Z2lucyI6eyJjdXN0b21Db21zY29yZVBsdWdpbiI6eyJjMyI6IkZPWCAyIERldHJvaXQiLCJjNiI6ImZ0cyIsInNjcmlwdCI6Imh0dHBzOi8vc3RhdGljLmZveHR2LmNvbS9zdGF0aWMvb3Jpb24vc2NyaXB0cy9jb3JlL3V0aWxzL2NvbXNjb3JlL0N1c3RvbUNvbXNjb3JlUGx1Z2luLmpzIiwic2RrIjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvY29tc2NvcmUuanMiLCJjbGllbnRJZCI6IjYwNDI5MDEiLCJuc19zdF9zdCI6IldKQksiLCJ0aXRsZSI6IlRydW1wIHJhbGx5IGluIFdhc2hpbmd0b24gVG93bnNoaXAiLCJuc19zdF9jaSI6IjEwNTMyNzQifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJ3amJrIiwiYXBwX25hbWUiOiJmb3gyZGV0cm9pdC5jb20iLCJhcHBfcGxhdGZvcm0iOiJ3ZWIiLCJhcHBfdmVyc2lvbiI6IjEuMC4wIiwic2VnbWVudElkIjoidW8yWW02RVUxNmpWVXlBNUx3WlpGVW81bTllRmJmMmciLCJwbGF5ZXJVbmlxdWVJZCI6InBsYXllci1hYWYyMDYxYy04MzJlLTQ2YzQtODIxOC03MzQxZDFlZDFlMzEifSwiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS82Mzc5MDU2NC93amJrX2ZveDImZGVzY3JpcHRpb25fdXJsPVtwbGFjZWhvbGRlcl0mZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPSZ0ZmNkPTAmbnBhPTAmZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZzej0xMDAxeDEwMDEmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZjbXNpZD0yNTQxMDM3JnZpZD0xMDUzMjc0Iiwia2V5VmFsdWVzIjp7InN0eXBlIjpbIm5ld3MiXSwicHR5cGUiOiJ2aWRlby1jbGlwIiwiYyI6WyJuZXdzIiwibWkiLCJ1cyJdLCJkIjoid2ViIiwidXNfcHJpdmFjeSI6IjEtLS0ifX19fSwiaHRtbDUiOnRydWUsImZvcm1hdCI6Im0zdTgiLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUoyYVdRaU9pSXhNRFV6TWpjMElpd2lhWE56SWpvaWJEVlJkek5rZHpOa2JWVnFiMnROVld4Vk4xYzJXVWRVUWtkTE1teFJPVklpTENKbGVIQWlPakUyTkRrd09USTRNRFlzSW1saGRDSTZNVFkwT1RBNE9USXdObjAuSEdhUGh0S2Y1RlJ0aGhjN2Y3MURuN3JQU0ZiQjRjZXJzSjJKUHdQWUVKOCJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 7bd643bb9b42175959a170232380d03397a1d4b2c1be6753e07702830f7f7dd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiMTA1MzI3NCIsImFudmFjayI6Imw1UXczZHczZG1Vam9rTVVsVTdXNllHVEJHSzJsUTlSIiwic2hhcmVMaW5rIjoiaHR0cHM6Ly93d3cuZm94MmRldHJvaXQuY29tL25ld3Mvd2F0Y2gtbGl2ZS10cnVtcC1yYWxseS1pbi13YXNoaW5ndG9uLXRvd25zaGlwIiwicGx1Z2lucyI6eyJjdXN0b21Db21zY29yZVBsdWdpbiI6eyJjMyI6IkZPWCAyIERldHJvaXQiLCJjNiI6ImZ0cyIsInNjcmlwdCI6Imh0dHBzOi8vc3RhdGljLmZveHR2LmNvbS9zdGF0aWMvb3Jpb24vc2NyaXB0cy9jb3JlL3V0aWxzL2NvbXNjb3JlL0N1c3RvbUNvbXNjb3JlUGx1Z2luLmpzIiwic2RrIjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvY29tc2NvcmUuanMiLCJjbGllbnRJZCI6IjYwNDI5MDEiLCJuc19zdF9zdCI6IldKQksiLCJ0aXRsZSI6IlRydW1wIHJhbGx5IGluIFdhc2hpbmd0b24gVG93bnNoaXAiLCJuc19zdF9jaSI6IjEwNTMyNzQifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJ3amJrIiwiYXBwX25hbWUiOiJmb3gyZGV0cm9pdC5jb20iLCJhcHBfcGxhdGZvcm0iOiJ3ZWIiLCJhcHBfdmVyc2lvbiI6IjEuMC4wIiwic2VnbWVudElkIjoidW8yWW02RVUxNmpWVXlBNUx3WlpGVW81bTllRmJmMmciLCJwbGF5ZXJVbmlxdWVJZCI6InBsYXllci1hYWYyMDYxYy04MzJlLTQ2YzQtODIxOC03MzQxZDFlZDFlMzEifSwiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS82Mzc5MDU2NC93amJrX2ZveDImZGVzY3JpcHRpb25fdXJsPVtwbGFjZWhvbGRlcl0mZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPSZ0ZmNkPTAmbnBhPTAmZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZzej0xMDAxeDEwMDEmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZjbXNpZD0yNTQxMDM3JnZpZD0xMDUzMjc0Iiwia2V5VmFsdWVzIjp7InN0eXBlIjpbIm5ld3MiXSwicHR5cGUiOiJ2aWRlby1jbGlwIiwiYyI6WyJuZXdzIiwibWkiLCJ1cyJdLCJkIjoid2ViIiwidXNfcHJpdmFjeSI6IjEtLS0ifX19fSwiaHRtbDUiOnRydWUsImZvcm1hdCI6Im0zdTgiLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUoyYVdRaU9pSXhNRFV6TWpjMElpd2lhWE56SWpvaWJEVlJkek5rZHpOa2JWVnFiMnROVld4Vk4xYzJXVWRVUWtkTE1teFJPVklpTENKbGVIQWlPakUyTkRrd09USTRNRFlzSW1saGRDSTZNVFkwT1RBNE9USXdObjAuSEdhUGh0S2Y1RlJ0aGhjN2Y3MURuN3JQU0ZiQjRjZXJzSjJKUHdQWUVKOCJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=AzRjdQ==, md5=WbMLtBgSa7E0paNazEVRGw==
Date: Wed, 06 Apr 2022 20:09:15 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycduKtaQkFWGBoCJGaY_E55O7QxcpJy_0G360AAHu8a5k57Brh5iV22PHmCroT0I7tnbX7yb8YVDBC1SSNZqVXYKdjA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 9178
Last-Modified: Wed, 23 Mar 2022 11:25:58 GMT
Server: UploadServer
ETag: "59b30bb418126bb134a5a35acc45511b"
X-HW: 1649275755.dop121.am5.shc,1649275755.dop121.am5.t,1649275755.cds010.am5.c
x-goog-generation: 1648034758554580
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 9178
Accept-Ranges: bytes
Content-Type: text/css

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/ 44 B
525 B 296ms
285ms Fetch
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200 OK
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 579479b0-bd4e-4b53-9898-adb65d3bfcb9
x-runtime: 0.006363
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e51140cdcd044ad76335646936ec5319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6f7d290339ac917c-FRA
access-control-allow-headers: SDK-Version

GET
H2 200 l5Qw3dw3dmUjokMUlU7W6YGTBGK2lQ9R Show response
access.mp.lura.live/anvacks/ Frame B5C7 888 B
1 KB 1191ms
130ms XHR
application/json 35.224.142.165
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://access.mp.lura.live/anvacks/l5Qw3dw3dmUjokMUlU7W6YGTBGK2lQ9R?apikey=3hwbSuqqT690uxjNYBktSQpa5ZrpYYR0Iofx7NcJHyA
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.224.142.165 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 165.142.224.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 3114fc33f2736ee0b0157d2234740e587f03616ee1b924212677467e93d614c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: https://w3.mp.lura.live
date: Wed, 06 Apr 2022 20:09:17 GMT
access-control-allow-credentials: true
server: istio-envoy
x-envoy-upstream-service-time: 1
content-length: 888
content-type: application/json

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame F12E 69 KB
25 KB 100ms
100ms Script
application/javascript 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=308

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vxdl17/?pub=hw409

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

eb0b44522322e3379c9c3519c63813eab096880b9860a50a17712c5f085580e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/vxdl17/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:16 GMT
content-encoding: br
last-modified: Thu, 30 Dec 2021 22:19:53 GMT
server: nginx
etag: W/"61ce3089-11246"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 VANMd.OvCc-small-This-Is-Joe-Bidens-America-.jpg
sp.rmbl.ws/s8/1/V/A/N/M/ Frame F12E 59 KB
59 KB 19ms
18ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/V/A/N/M/VANMd.OvCc-small-This-Is-Joe-Bidens-America-.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vxdl17/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 53480910be5956cc20cf1675d6a28d405b806f9f4d09125a6870410809323997

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:16 GMT
last-modified: Wed, 06 Apr 2022 18:36:56 GMT
server: nginx
etag: "7b3545bf5a75bf1f3784ceccaabef69d"
x-hw: 1649275756.cds131.am5.hn,1649275756.cds132.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=82419
accept-ranges: bytes
content-length: 60671

GET
H2 206 VANMd.aaa.rec.mp4
sp.rmbl.ws/s8/2/V/A/N/M/ Frame F12E 7 MB
0 19ms
19ms Media
video/mp4 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/V/A/N/M/VANMd.aaa.rec.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vxdl17/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://rumble.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 06 Apr 2022 20:09:16 GMT
last-modified: Wed, 06 Apr 2022 20:01:33 GMT
server: nginx
access-control-allow-origin: *
etag: "550a3a8888d8b70680ed417111200c1d-224"
x-hw: 1649275756.cds131.am5.hn,1649275756.cds309.am5.pc
content-type: video/mp4
Content-Range: bytes 0-1172292878/1172292879
cache-control: max-age=85939
accept-ranges: bytes
x-foo: app-1-yyz unix:/run/nginx-wasabi.sock
Content-Length: 1172292879

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame C533 69 KB
25 KB 151ms
151ms Script
application/javascript 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=308

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vxb5i3/?pub=hw409

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

eb0b44522322e3379c9c3519c63813eab096880b9860a50a17712c5f085580e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/vxb5i3/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:16 GMT
content-encoding: br
last-modified: Thu, 30 Dec 2021 22:19:53 GMT
server: nginx
etag: W/"61ce3089-11246"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 pUlMd.OvCc.jpg
sp.rmbl.ws/s8/6/p/U/l/M/ Frame C533 17 KB
18 KB 18ms
18ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/p/U/l/M/pUlMd.OvCc.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vxb5i3/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0c8109f9ce61d91310472ea3097c6dcdfecaeddbc335b06bc00a464ce7d0a5f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:16 GMT
last-modified: Wed, 06 Apr 2022 09:51:36 GMT
server: nginx
etag: "0e05a52de6247563155c86845846572c"
x-hw: 1649275756.cds131.am5.hn,1649275756.cds005.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=49725
accept-ranges: bytes
x-foo: app-1-yyz 172.16.4.13:80
content-length: 17769

GET
H2 206 pUlMd.caa.rec.mp4
sp.rmbl.ws/s8/2/p/U/l/M/ Frame C533 6 MB
0 17ms
17ms Media
video/mp4 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/p/U/l/M/pUlMd.caa.rec.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vxb5i3/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://rumble.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 06 Apr 2022 20:09:16 GMT
last-modified: Wed, 06 Apr 2022 12:13:38 GMT
server: nginx
access-control-allow-origin: *
etag: "89d3f40dd78772fa4189066a37243c81-107"
x-hw: 1649275756.cds131.am5.hn,1649275756.cds238.am5.c
content-type: video/mp4
Content-Range: bytes 0-559908536/559908537
cache-control: max-age=57942
accept-ranges: bytes
Content-Length: 559908537

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame F12E 49 KB
20 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 270
date: Wed, 06 Apr 2022 20:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 06 Apr 2022 22:04:46 GMT

POST
H2 200 view...xdl17.suu0a4
rumble.com/l/ Frame F12E 35 B
191 B 96ms
96ms Ping
image/gif 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...xdl17.suu0a4?p=2.3&r=96887878&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=308

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/vxdl17/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 06 Apr 2022 20:09:16 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame F12E 4 B
24 B 16ms
16ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=87191062&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.vxdl17%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=This%20Is%20Joe%20Biden%E2%80%99s%20America%20-%20Not%20Even%20Close%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&_u=YEBAAEABAAAAAC~&jid=1883578563&gjid=1742176548&cid=274135618.1649275757&tid=UA-44331619-1&_gid=511567750.1649275757&_r=1&_slc=1&z=1953645500

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 20:09:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame F12E 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=87191062&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.vxdl17%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=This%20Is%20Joe%20Biden%E2%80%99s%20America%20-%20Not%20Even%20Close%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&ec=Embed&ea=View&el=vxdl17&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=274135618.1649275757&tid=UA-44331619-1&_gid=511567750.1649275757&z=591348837

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vxdl17/?pub=hw409

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 13:35:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23603
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame F12E 4 B
25 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-44331619-1&cid=274135618.1649275757&jid=1883578563&gjid=1742176548&_gid=511567750.1649275757&_u=YEBAAEAAAAAAAC~&z=2095397846

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Apr 2022 20:09:16 GMT
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
2 KB 52ms
52ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:16 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1728683
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 17 Mar 2023 19:38:53 GMT
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6f7d29050b808fe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 ga-audiences
www.google.com/ads/ Frame F12E 42 B
63 B 47ms
46ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44331619-1&cid=274135618.1649275757&jid=1883578563&_u=YEBAAEAAAAAAAC~&z=2128005579

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 20:09:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame F12E 42 B
63 B 54ms
34ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44331619-1&cid=274135618.1649275757&jid=1883578563&_u=YEBAAEAAAAAAAC~&z=2128005579

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 20:09:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame C533 49 KB
20 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 270
date: Wed, 06 Apr 2022 20:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 06 Apr 2022 22:04:46 GMT

POST
H2 200 view...xb5i3.1jrc5su
rumble.com/l/ Frame C533 35 B
191 B 103ms
103ms Ping
image/gif 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...xb5i3.1jrc5su?p=2.3&r=96887878&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=308

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/vxb5i3/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 06 Apr 2022 20:09:16 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame C533 2 B
22 B 56ms
55ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=273623691&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.vxb5i3%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Congress%20Uses%20Tips%20They%20Learned%20From%20Silicon%20Valley%20To%20Control%20You%20Cradle%20To%20Grave%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&_u=QACAAEABAAAAAC~&jid=&gjid=&cid=274135618.1649275757&tid=UA-44331619-1&_gid=511567750.1649275757&_slc=1&z=873090829

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 20:09:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame C533 35 B
55 B 57ms
57ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=273623691&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.vxb5i3%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Congress%20Uses%20Tips%20They%20Learned%20From%20Silicon%20Valley%20To%20Control%20You%20Cradle%20To%20Grave%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&ec=Embed&ea=View&el=vxb5i3&_u=QACAAEABAAAAAC~&jid=&gjid=&cid=274135618.1649275757&tid=UA-44331619-1&_gid=511567750.1649275757&z=1782584595

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vxb5i3/?pub=hw409

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 13:35:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23603
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 server_time Show response
tkx.mp.lura.live/rest/v2/ Frame B5C7 28 B
216 B 399ms
127ms XHR
application/json 35.209.67.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tkx.mp.lura.live/rest/v2/server_time?anvack=l5Qw3dw3dmUjokMUlU7W6YGTBGK2lQ9R&anvtrid=w90632594da9bd5dfc4002f5e4495bb62
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.67.224 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.67.209.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: dd437fae2b5a0d8bed59d4533e6c27529acd582705ef58c0c30cd18a61d8fba6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:17 GMT
via: 1.1 google
server: istio-envoy
content-type: application/json
access-control-allow-origin: https://w3.mp.lura.live
access-control-allow-credentials: true
x-onetkx-ver: ~~~~
x-envoy-upstream-service-time: 2
alt-svc: clear

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B5C7 374 KB
125 KB 211ms
18ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e56b7e66a75203914f5f0cb9cf1c4e95c065f101ace2189cc31de2da60f61e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127633
x-xss-protection: 0
expires: Wed, 06 Apr 2022 20:09:17 GMT

POST
H2 200 1053274 Show response
tkx.mp.lura.live/rest/v2/mcp/video/ Frame B5C7 13 KB
14 KB 161ms
160ms XHR
application/x-javascript 35.209.67.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tkx.mp.lura.live/rest/v2/mcp/video/1053274?anvack=l5Qw3dw3dmUjokMUlU7W6YGTBGK2lQ9R&anvtrid=w90632594e58423c2a4147107937fc73e&rtyp=fp&X-Anvato-Adst-Auth=FVQzHOVPR6fgTKg6fwvl1FrB%2BTM2IWkZcWpDY3jA83d7CdikpVL%2BfBgUq9qoa%2FEV9slUKGobu8P3QLxPyxAT8A%3D%3D
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.67.224 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.67.209.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 57ec47aac80233c10c94bef74f050e8ad513416a48d63775f0f71d40ee4f7d42

Request headers

Referer: https://w3.mp.lura.live/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Apr 2022 20:09:17 GMT
via: 1.1 google
server: istio-envoy
content-type: application/x-javascript
access-control-allow-origin: https://w3.mp.lura.live
access-control-allow-credentials: true
x-onetkx-ver: ~~~~
x-envoy-upstream-service-time: 42
alt-svc: clear

GET
H2 200 master.m3u8 Show response
dcs-vod.mp.lura.live/vod/p/ Frame B5C7 332 B
490 B 153ms
109ms XHR
application/json 35.244.172.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-vod.mp.lura.live/vod/p/master.m3u8?encp=yVxWiB2IC05QizVKPyUonA:JqtwwDaXWsKxocb0OKaTl-Q2nn5BfFrZZDWS8EQtoFzyii2YtybTpHOA91vmGpAn96pO4zoBXL5tjkvJXGw0ZK6LVDFsYbDO0SpB9KL47u5HL1hx0E8QnIwh7qOAx568iJwN0NbXhRfk4fjzoScis0oEVHguAT0vz5xuQ6j-D9HUxIEc9ebpiyy-iGG1_NwQcJ-5l8vFx9-N8x6iPXzf9mLNTNz6w8vx1v_zd_IfejwPDrNjcD8H2KhQe5WrbeckcTbW2hRp6iSUks_UEvXDJEnCv2Sy6icqFwZFVcUou8IHQtqlDik_HAdH4E2gqqlg0AjJiw9t55FR_d4OUpup1V9k1HDN5DnH0ttgcudxnRLpWGD0wN2wmq1jzZIYmSFd&anvtrid=61201ae1ac09ee7e131ecf7cf80d5e11&anvauth=tb=0~te=1649275847~sgn=2610a94de4c527e98e04081aabf45248eb778ba86afa286e292cd0a2320aa936&t=1649275757&_vpng=0
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.172.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 227.172.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 134ceb76ba650a82650cca9daa42a1fec333ba2af4c6655f10c7fb9ee7a81714

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:18 GMT
content-encoding: gzip
content-type: application/json
server: nginx
access-control-allow-origin: https://w3.mp.lura.live
x-anv-ver: ~~
vary: Accept-Encoding
vmap-check-d-tracking: 0
vmap-check-t-tracking: 0
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-anv-auth-status: valid
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK anvatoextension.js Show response
w3.mp.lura.live/player/prod/v3/90632594/lib/ Frame B5C7 288 B
1003 B 16ms
15ms Script
text/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/90632594/lib/anvatoextension.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: b510a882c697c69a11442c364a3e878dd12729f27c01c3b8054c643456034932

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiMTA1MzI3NCIsImFudmFjayI6Imw1UXczZHczZG1Vam9rTVVsVTdXNllHVEJHSzJsUTlSIiwic2hhcmVMaW5rIjoiaHR0cHM6Ly93d3cuZm94MmRldHJvaXQuY29tL25ld3Mvd2F0Y2gtbGl2ZS10cnVtcC1yYWxseS1pbi13YXNoaW5ndG9uLXRvd25zaGlwIiwicGx1Z2lucyI6eyJjdXN0b21Db21zY29yZVBsdWdpbiI6eyJjMyI6IkZPWCAyIERldHJvaXQiLCJjNiI6ImZ0cyIsInNjcmlwdCI6Imh0dHBzOi8vc3RhdGljLmZveHR2LmNvbS9zdGF0aWMvb3Jpb24vc2NyaXB0cy9jb3JlL3V0aWxzL2NvbXNjb3JlL0N1c3RvbUNvbXNjb3JlUGx1Z2luLmpzIiwic2RrIjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvY29tc2NvcmUuanMiLCJjbGllbnRJZCI6IjYwNDI5MDEiLCJuc19zdF9zdCI6IldKQksiLCJ0aXRsZSI6IlRydW1wIHJhbGx5IGluIFdhc2hpbmd0b24gVG93bnNoaXAiLCJuc19zdF9jaSI6IjEwNTMyNzQifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJ3amJrIiwiYXBwX25hbWUiOiJmb3gyZGV0cm9pdC5jb20iLCJhcHBfcGxhdGZvcm0iOiJ3ZWIiLCJhcHBfdmVyc2lvbiI6IjEuMC4wIiwic2VnbWVudElkIjoidW8yWW02RVUxNmpWVXlBNUx3WlpGVW81bTllRmJmMmciLCJwbGF5ZXJVbmlxdWVJZCI6InBsYXllci1hYWYyMDYxYy04MzJlLTQ2YzQtODIxOC03MzQxZDFlZDFlMzEifSwiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS82Mzc5MDU2NC93amJrX2ZveDImZGVzY3JpcHRpb25fdXJsPVtwbGFjZWhvbGRlcl0mZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPSZ0ZmNkPTAmbnBhPTAmZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZzej0xMDAxeDEwMDEmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZjbXNpZD0yNTQxMDM3JnZpZD0xMDUzMjc0Iiwia2V5VmFsdWVzIjp7InN0eXBlIjpbIm5ld3MiXSwicHR5cGUiOiJ2aWRlby1jbGlwIiwiYyI6WyJuZXdzIiwibWkiLCJ1cyJdLCJkIjoid2ViIiwidXNfcHJpdmFjeSI6IjEtLS0ifX19fSwiaHRtbDUiOnRydWUsImZvcm1hdCI6Im0zdTgiLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUoyYVdRaU9pSXhNRFV6TWpjMElpd2lhWE56SWpvaWJEVlJkek5rZHpOa2JWVnFiMnROVld4Vk4xYzJXVWRVUWtkTE1teFJPVklpTENKbGVIQWlPakUyTkRrd09USTRNRFlzSW1saGRDSTZNVFkwT1RBNE9USXdObjAuSEdhUGh0S2Y1RlJ0aGhjN2Y3MURuN3JQU0ZiQjRjZXJzSjJKUHdQWUVKOCJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=GsSnlg==, md5=iK4RmR1W/ZkNQKV+NmfhEw==
Date: Wed, 06 Apr 2022 20:09:18 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdthxBzpAU1YgpnEi1jWPohIg5Zv0bUykSy_9olyALH60V0EI0GDcQD8br6XcmgFmFoWUNBkzqCQY6IbFXydRZ9Szg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 195
Last-Modified: Wed, 06 Apr 2022 11:29:09 GMT
Server: UploadServer
ETag: "88ae11991d56fd990d40a57e3667e113"
X-HW: 1649275755.dop120.am5.t,1649275755.cds324.am5.shn,1649275758.dop120.am5.t,1649275758.cds220.am5.c
x-goog-generation: 1649244549556975
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 195
Accept-Ranges: bytes
Content-Type: text/javascript

GET
H3 200 bridge3.509.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame EFB6 632 KB
205 KB 24ms
9ms Document
text/html 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d78fa11d49d6f5896519ee387440209a4ad363f68a816146c03b732b3fd45809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 408620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209648
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Apr 2022 02:38:58 GMT
expires: Sun, 02 Apr 2023 02:38:58 GMT
last-modified: Sat, 02 Apr 2022 02:33:22 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B5C7 44 KB
17 KB 62ms
18ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Apr 2022 20:09:18 GMT

GET
DATA 200
OK truncated
/ Frame B5C7 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame B5C7 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 993c58ad3f0e7d5344de2eb67b12ea9b747a6200c990b88e0b7922a211966bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 398F15ACDA3B2A0AD8B7BABA54A9E5C1.jpg
m107833-mcdn.mp.lura.live/iupl/398/F15/ Frame B5C7 132 KB
133 KB 201ms
160ms Image
image/jpeg 34.117.147.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m107833-mcdn.mp.lura.live/iupl/398/F15/398F15ACDA3B2A0AD8B7BABA54A9E5C1.jpg?Expires=1649279357&KeyName=mcpkey1&Signature=h8pKNTxVUb29i326EPU51vEOd4Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.147.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.147.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 88849077748f50e5f7d546d975571053b7a23bfd7c1908bfa8dd268bc0e07a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:18 GMT
age: 0
x-guploader-uploadid: ADPycdscgfPu_rbOllBf5Tm-zSnNoRmyya2pahfIBNPabEJ1Da_yAnoKX-v8Sjd2X2iZYYPANsWHfRPEZJA-vpr0iW2c0McUqJvU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135116
last-modified: Sun, 03 Apr 2022 01:24:56 GMT
server: UploadServer
etag: "a87622bd60bd9a98f2796b8a48e29d44"
x-goog-hash: crc32c=8ZE6Rg==, md5=qHYivWC9mpjyeWuKSOKdRA==
x-goog-generation: 1648949096690460
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 135116
accept-ranges: bytes
content-type: image/jpeg

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7336 37 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 06 Apr 2022 21:01:55 GMT

GET
H2 200 CustomComscorePlugin.js Show response
static.foxtv.com/static/orion/scripts/core/utils/comscore/ Frame B5C7 6 KB
2 KB 113ms
10ms Script
text/javascript 2a02:26f0:ef::5c7b:c2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.foxtv.com/static/orion/scripts/core/utils/comscore/CustomComscorePlugin.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f571fc9f10d18fa07d344d224cf37b069e737389743539e2ca5c6c9565024536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 16:52:56 GMT
server: AmazonS3
x-amz-request-id: 9YZ2W4FX8M6RRXCV
etag: "ddc15863680262cd78252b4187416187"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=481675
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 1868
x-amz-id-2: GXOK9CsjGRdcFDv5+8Ld0FbRvCJhOySnfMldZ9P4KBsjgdN9P5dIkNWp+ojtkj7eCexQWJM6zoQ=
expires: Tue, 12 Apr 2022 09:57:13 GMT

GET
H2 200 CustomSegmentPlugin.js Show response
static.foxtv.com/static/orion/scripts/core/utils/ Frame B5C7 19 KB
5 KB 11ms
10ms Script
text/javascript 2a02:26f0:ef::5c7b:c2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.foxtv.com/static/orion/scripts/core/utils/CustomSegmentPlugin.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a85f13107d6d16140d0f04b0f906426fe7c9f933b3fe5bd65564118720460ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:18 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 15:29:06 GMT
server: AmazonS3
x-amz-request-id: 3BJJKG3HWKAM7ACW
etag: "dd188f5e51ab8e7a0d2f26415b537458"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=591995
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 4755
x-amz-id-2: QkBQdEwbjXUiKwGs0v4K0BbQLwFSCC/K2rfOxpVhSGV4ePjOfA7ZAP+fpKQ/6xC3Uo1TJgHlMPs=
expires: Wed, 13 Apr 2022 16:35:53 GMT

GET
H2 200 comscore.js Show response
static.foxtv.com/static/orion/scripts/core/utils/comscore/ Frame B5C7 168 KB
49 KB 80ms
80ms Script
text/javascript 2a02:26f0:ef::5c7b:c2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.foxtv.com/static/orion/scripts/core/utils/comscore/comscore.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7981a2b04cca6e1680f1c7fce898090dda1b59163b724f998f1a0ae5c2731054

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 16:53:01 GMT
server: AmazonS3
x-amz-request-id: FTKYW4T6M48001DT
etag: "d4e37d8b5dfdbb7b96626a4bf1ef1697"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=317832
server-timing: cdn-cache; desc=HIT, edge; dur=63
accept-ranges: bytes
x-amz-id-2: h1mSDJwQIsBZFXhqCpadUG5YVS3zvXV7AJZji8OUxkTU4ZVc7Ge+iZ7UC0mDZyFn43Zt/rGxfNw=
expires: Sun, 10 Apr 2022 12:26:30 GMT

GET
H3 200 398F15ACDA3B2A0AD8B7BABA54A9E5C1.jpg
m107833-mcdn.mp.lura.live/iupl/398/F15/ Frame B5C7 132 KB
132 KB 32ms
16ms Image
image/jpeg 34.117.147.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m107833-mcdn.mp.lura.live/iupl/398/F15/398F15ACDA3B2A0AD8B7BABA54A9E5C1.jpg?Expires=1649279357&KeyName=mcpkey1&Signature=h8pKNTxVUb29i326EPU51vEOd4Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.147.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.147.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 88849077748f50e5f7d546d975571053b7a23bfd7c1908bfa8dd268bc0e07a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:09:18 GMT
age: 0
x-guploader-uploadid: ADPycdscgfPu_rbOllBf5Tm-zSnNoRmyya2pahfIBNPabEJ1Da_yAnoKX-v8Sjd2X2iZYYPANsWHfRPEZJA-vpr0iW2c0McUqJvU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135116
last-modified: Sun, 03 Apr 2022 01:24:56 GMT
server: UploadServer
etag: "a87622bd60bd9a98f2796b8a48e29d44"
x-goog-hash: crc32c=8ZE6Rg==, md5=qHYivWC9mpjyeWuKSOKdRA==
x-goog-generation: 1648949096690460
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 135116
accept-ranges: bytes
content-type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M0.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 103 KB
104 KB 104ms
17ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M0.jpg?aktaexp=1649279357&aktasgn=c550dcd5538a5abdc67744ed8dc057c2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: ef8e4f21e130cbc16f421630f4d1f5bdc6350c1a6b6f6353f4854d9d81a843db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=chV+JA==, md5=8ZdlYQ5knHK0yi9AtSc7dQ==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdsIO-Kr3-SbpyqPQdfWdI6WAodkweqA-O86U-DUfMqsT2vBp54kOtkWmNXL6oWr140Z5XFXSzM-jM6z2C0ii2NbAbiOyQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 105380
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "f19765610e649c72b4ca2f40b5273b75"
X-HW: 1649275759.dop242.am5.t,1649275759.cds290.am5.shn,1649275759.dop242.am5.t,1649275759.cds009.am5.c
x-goog-generation: 1648950992249774
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 105380
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M1.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 99 KB
100 KB 101ms
15ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M1.jpg?aktaexp=1649279357&aktasgn=37660d0b79a82feec2e31f0bf9185383
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 685530e71232c03ceb6dafc772edeb39ffc4ac54a508fbb2310eab72aa7efb24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=M2fotA==, md5=3/FPRCLdUk2aHxOYTZ9LCQ==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycds60TukdajmaZz1P7ryFrrHedKt2aK32V-75G_b9cWmEhyW0hNuZyAZE0NDm7KrjPPavIiLe9W2msG6ip8nC9TqwDiHdA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 101487
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "dff14f4422dd524d9a1f13984d9f4b09"
X-HW: 1649275759.dop144.am5.t,1649275759.cds262.am5.shn,1649275759.dop144.am5.t,1649275759.cds205.am5.c
x-goog-generation: 1648950992309860
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 101487
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M2.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 95 KB
96 KB 105ms
17ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M2.jpg?aktaexp=1649279357&aktasgn=fdd15b93c96ea5a32c3d9155aad4bc02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 98a2cb3a17c838354e94266022a1fe77ee586049d9eba9e59a8bf6de95d31bc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=NddHGA==, md5=R35Bfd14MZ/e68mFGvoHWA==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdv7lV27sEcicOED_RE8ccSifAgHPbezgFzF1dDFmEI-uElfU_zG2m6xJEeOpkGTwHaEtAJq5d9Sq3FPbGx34PbiD1kOSw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 97596
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "477e417ddd78319fdeebc9851afa0758"
X-HW: 1649275759.dop237.am5.t,1649275759.cds224.am5.shn,1649275759.dop237.am5.t,1649275759.cds305.am5.c
x-goog-generation: 1648950992386330
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 97596
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M3.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 95 KB
96 KB 106ms
18ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M3.jpg?aktaexp=1649279357&aktasgn=c045da0ec40af03861cde2cc1924237d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 9834ca3586d66be8d05107db717ddc235db6479498868007319da66855c51d44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=vPcpnQ==, md5=lY5vW99acKHSCbBbMFuFYA==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdvVr_DYdaP4Mj8kz-ZXkOrW_OLeowfRMtvNDLZT1J5wVd9x58l3YVVVLqY6QMExuqJ-V55pF9MBGFWKdJcAuafNpLMVfQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 97586
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "958e6f5bdf5a70a1d209b05b305b8560"
X-HW: 1649275759.dop212.am5.t,1649275759.cds004.am5.shn,1649275759.dop212.am5.t,1649275759.cds283.am5.c
x-goog-generation: 1648950992447018
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 97586
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M4.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 96 KB
97 KB 108ms
21ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M4.jpg?aktaexp=1649279357&aktasgn=421c6e6f7b2744c9f89d714a23a3ce9a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: b0ab77a1efb951105f36b78a23a02b9212f5f356de812d587ef78006a6b8ee2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=ywS/bA==, md5=GqQ6STQld1cbsCK/fnsD3Q==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdvgQqf3nNvIdTUPvI6P7ZzJJDmi-PgUeGet5zrctoLy4cBP5WzLz8ot9GZvE8i4azC5hj3V_a4gphesRD1Hjvv1CL7Q3g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 98499
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "1aa43a49342577571bb022bf7e7b03dd"
X-HW: 1649275759.dop111.am5.t,1649275759.cds233.am5.shn,1649275759.dop111.am5.t,1649275759.cds129.am5.c
x-goog-generation: 1648950992502038
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 98499
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M5.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 102 KB
103 KB 107ms
19ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M5.jpg?aktaexp=1649279357&aktasgn=8a04c0ebcafa7b63858f3baa1c9fb560
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 524819c848e033d304a8c4a3bba95075b39efaed14a8148d7956fd7a75ac0d1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=/y2gBA==, md5=WPOBtHwgsTKASpOWLadYyQ==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdv4ljqUptoLcCxYTz8xh1eQG4a1NaF0xQJw3VGVqMeh-8pmFB0PTerS7Wio736RaOkjmCrmAyHrmf030t32NWE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 104113
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "58f381b47c20b132804a93962da758c9"
X-HW: 1649275759.dop152.am5.t,1649275759.cds140.am5.shn,1649275759.dop152.am5.t,1649275759.cds305.am5.c
x-goog-generation: 1648950992553240
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 104113
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M6.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 97 KB
98 KB 25ms
24ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M6.jpg?aktaexp=1649279357&aktasgn=13328f284ae5ca0aa8f1f77023a77848
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 132903897f549a18b6d66988675f65ec9db2f539748ee67d6a5c1b8f60b83c27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=WZILlw==, md5=3sKdTBFqCaHz8YfjSVJKew==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdvWeAW7d_i8Bx5Xb30RUJDjXNPA8GeGo8WhFYKTs97fW6Rlq2Axn-v2oyvUGpj4hZzCLodIpaLDSSzgGlymTSG44oojkA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 99140
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "dec29d4c116a09a1f3f187e349524a7b"
X-HW: 1649275759.dop144.am5.t,1649275759.cds262.am5.shn,1649275759.dop144.am5.t,1649275759.cds287.am5.c
x-goog-generation: 1648950992608093
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 99140
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M7.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 105 KB
106 KB 20ms
18ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M7.jpg?aktaexp=1649279357&aktasgn=77231cff89bca1fa4986544e6f2ea576
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 2f97bff3cceb5bad2c4c25f49040500c5e39075c6d47d4aa2b0380e53ec9f70d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=kpRLQg==, md5=8OcjL4o7zw/pPCyW0jbNXw==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdtadxI0e92Aww_KPM8fy6Qm2RaRE6N03QJtNJdmOG8ZkjOghtVgpAui8i0zKlr49HflaqO-94JwaEsqbovYcP41Rmvpig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 107444
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "f0e7232f8a3bcf0fe93c2c96d236cd5f"
X-HW: 1649275759.dop212.am5.t,1649275759.cds004.am5.shn,1649275759.dop212.am5.t,1649275759.cds315.am5.c
x-goog-generation: 1648950992659398
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 107444
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M8.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 110 KB
111 KB 18ms
16ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M8.jpg?aktaexp=1649279357&aktasgn=64797ec82c320e7501af19255a9fa161
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: cf449a3eceffa39c99b91ed1f9f2e2ba46b54c7c1c177be38a1404031ba68463

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=VUMfWA==, md5=rAg3JrlC/ofylox8Xj995w==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdt321o2N0qxg-3GgbqfgdQVeQ1tPAgFXIhdjn6Y9y2DvV_dja5VgVOwYmCzxgYF8oW6nzlKHX3b_L1FRZNP35hkDvf17w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 112311
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "ac083726b942fe87f2968c7c5e3f7de7"
X-HW: 1649275759.dop237.am5.t,1649275759.cds224.am5.shn,1649275759.dop237.am5.t,1649275759.cds306.am5.c
x-goog-generation: 1648950992714134
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 112311
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M9.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 98 KB
99 KB 24ms
23ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M9.jpg?aktaexp=1649279357&aktasgn=a763b62f0afde81027648ec0668fcbf5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 92a5ddaf5ce3836ea526daee5582730fbc4a93078d5343d2ede8ce45290df0fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=jkRpNA==, md5=+Hc1/4jktXZvGvYx79kaBQ==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdtqGydA-XOfVmn0rgj4A3IcvRC6n3de7J6rHLF6VJvUOy-mkaPMzF4IjRaGWVj8bAW2cRCZ3kSrzuNIls4yaWUOjeXeKg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 100799
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "f87735ff88e4b5766f1af631efd91a05"
X-HW: 1649275759.dop242.am5.t,1649275759.cds290.am5.shn,1649275759.dop242.am5.t,1649275759.cds294.am5.c
x-goog-generation: 1648950992765378
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 100799
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M10.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 100 KB
101 KB 19ms
18ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M10.jpg?aktaexp=1649279357&aktasgn=f221c38ca0861ca01f8126409f52099d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 523beb159be2a5e835f9c150f07471d58bad526d0668de7bbaba507b10427ec2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=x4fFrw==, md5=B5P/m85TjImHzgli8mN7ug==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycduOAO1BJZVj8Lar1FbYCHjR9yThjxYHzXmJiNYMdU9Qzhsh7gDYDyI67MWHoYyvPuv_hcIKi7PgFWDnDVAMmIwTmXyUjA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 102141
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "0793ff9bce538c8987ce0962f2637bba"
X-HW: 1649275759.dop152.am5.t,1649275759.cds140.am5.shn,1649275759.dop152.am5.t,1649275759.cds226.am5.c
x-goog-generation: 1648950992818016
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 102141
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M11.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 97 KB
98 KB 28ms
20ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M11.jpg?aktaexp=1649279357&aktasgn=a0eb8d709afcf08e99d2e416ef434145
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: d432412148b6b92ee52b350dd4b2cc61f2dd76036214fd0fde72788bc9158c1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=SO4MKQ==, md5=efhXJCbQGXQMM0f1b08DPg==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdukd4kTh9kFplxx0O04r_e3LsWHeLfOKCUZga_g4OpF1ld3v0BAhyJFgOY-bG6EwQRmy8Bs4yncglpVRFj_BNQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 99273
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "79f8572426d019740c3347f56f4f033e"
X-HW: 1649275759.dop111.am5.t,1649275759.cds233.am5.shn,1649275759.dop111.am5.t,1649275759.cds254.am5.c
x-goog-generation: 1648950992876623
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 99273
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M12.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 97 KB
98 KB 30ms
28ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M12.jpg?aktaexp=1649279357&aktasgn=22ba8e30c5b895a0d91c8d9a9b6272e0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 0bc3175dfad7d74cdf9bde074bf6059cf5153167c31d95dfdc2ff92a75bc4d8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=NfkUXA==, md5=OWG0jwtva5n+VUlPJ4+/aQ==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdt4-O3kJiML74haGunCkvXnGU7QcnLLTnNolheC3Yw7zPu5tNqUmqsRslMtqhLC0LPgEtdBIQ--fyxRieOh0wQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 99290
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "3961b48f0b6f6b99fe55494f278fbf69"
X-HW: 1649275759.dop152.am5.t,1649275759.cds140.am5.shn,1649275759.dop152.am5.t,1649275759.cds312.am5.c
x-goog-generation: 1648950992926772
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 99290
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M13.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 97 KB
98 KB 19ms
18ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M13.jpg?aktaexp=1649279357&aktasgn=d45a55801786f9ebfe2e53d01fe60b53
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: e2f5a5a55cd6453b2c02e2d98db5c2e86f5652807d78a50c93a37616f5c196f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=IgOEww==, md5=XMA9rqtNWDzFmo8+M64kjQ==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdtvn1jmEfUqvxXIHJdrX7Rm3_Bdl1SAZgqF1jv9vS8ZGypcq2szGvjrtfba9KiiO6QlQuV2y4WJ8cBnDo3vqpU2KNXSRQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 99751
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "5cc03daeab4d583cc59a8f3e33ae248d"
X-HW: 1649275759.dop212.am5.t,1649275759.cds004.am5.shn,1649275759.dop212.am5.t,1649275759.cds280.am5.c
x-goog-generation: 1648950992978998
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 99751
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M14.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 96 KB
97 KB 22ms
18ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M14.jpg?aktaexp=1649279357&aktasgn=994f686130fd4953df30e1df89b0e539
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 7516973fd6152d7a24a2b64cadf4afb4c036b6ad0537b010459e61c9cbd05879

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=sdpjAg==, md5=9eHbniwRb05tmkNe35jPIQ==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycds5wyO_wK1oIL9R0SLeW9KMt1YHZ8StpN5yBqaFXLHmBwmPBTTVSijDm3eYgjXgmvYkFVqb1PU28y-zAJbM3hW7z4HGlg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 98041
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "f5e1db9e2c116f4e6d9a435edf98cf21"
X-HW: 1649275759.dop237.am5.t,1649275759.cds224.am5.shn,1649275759.dop237.am5.t,1649275759.cds113.am5.c
x-goog-generation: 1648950993027116
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 98041
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M15.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 101 KB
102 KB 22ms
21ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M15.jpg?aktaexp=1649279357&aktasgn=7ab3a7b0c036c702d9970464c6badb83
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: d8320dd5880e4fa4824a76034658b646580c16cc4279a8186df89803beb9bca2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=3WEF5w==, md5=Y6iHXZgAVLet3FDbO2CfCA==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycduUgv5sLG-gkVfxMvQtL0CMHxwzpqLchQ5MUahRwyYuTyDWuD8-uO8d2mxcbpX0kVyX6ISTzQFOXyes447hcUk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 103846
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "63a8875d980054b7addc50db3b609f08"
X-HW: 1649275759.dop111.am5.t,1649275759.cds233.am5.shn,1649275759.dop111.am5.t,1649275759.cds274.am5.c
x-goog-generation: 1648950993086562
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 103846
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M00.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 125 KB
126 KB 27ms
23ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M00.jpg?aktaexp=1649279357&aktasgn=24c0d67ebe92ce66c6044eb74b8bc6c5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: feb41c509f43810ca3cdd52e858716c922fb97476f78d695e3d1f335b504ba53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=SYn+kw==, md5=VRU9nsakrqR2a9k56VxoIQ==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycds4mA5QHMPz5fOtpc5OFQRq5UpXV0320JZDrZgqqm7oePqzc_zIDvG3jQ_s7PV8ExBe_bPybSO3DR2_aIYTAjIQxSe_zQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 128500
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "55153d9ec6a4aea4766bd939e95c6821"
X-HW: 1649275759.dop212.am5.t,1649275759.cds004.am5.shn,1649275759.dop212.am5.t,1649275759.cds131.am5.c
x-goog-generation: 1648950993141005
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 128500
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M01.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 128 KB
129 KB 17ms
16ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M01.jpg?aktaexp=1649279357&aktasgn=c69f218d705ac4c456dc9a392ee79e57
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 63eb5d1f28f8e1d33405126b6f2bb9ead2a1ee82be5d495aad4a7612dbf46830

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=AK+MXg==, md5=VhYOb3wqURNvjvUfSy3wKA==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdvC5ayL2tlgDfiNBXkz1eGfs-cVMFTp0I7X8e8CImHrTpi2361gfajoZU1YlVBfVj-24wXuTW5SHKwKuZiPSU7-oEV7mQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 130585
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "56160e6f7c2a51136f8ef51f4b2df028"
X-HW: 1649275759.dop152.am5.t,1649275759.cds140.am5.shn,1649275759.dop152.am5.t,1649275759.cds271.am5.c
x-goog-generation: 1648950993195422
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 130585
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M02.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 130 KB
131 KB 15ms
15ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M02.jpg?aktaexp=1649279357&aktasgn=f8c052a66bf150c4d9e262a12a4ac289
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: cea4f9d1cf9509fed75ec685f44051486c6520fa65fa05f407b8d84b9ad1c919

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=FRxSCQ==, md5=68buH0zHZy4OCN2ZuStOdw==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdvZOwoHEuu9SmaYoguB-pgXhLkw6mwWiZMWg_S5plBKz13ARKLojGbhFqF8715Wrqde5bmvZ9z1MENFkDn8qKc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 133508
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "ebc6ee1f4cc7672e0e08dd99b92b4e77"
X-HW: 1649275759.dop237.am5.t,1649275759.cds224.am5.shn,1649275759.dop237.am5.t,1649275759.cds018.am5.c
x-goog-generation: 1648950993245408
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 133508
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M03.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 128 KB
129 KB 19ms
18ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M03.jpg?aktaexp=1649279357&aktasgn=8f5ef9d0b01e7beafb759d0425f3c077
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 2369d50fc4dddacdfadae06c66594a000c734b24ab49574c445e644a5607a1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=8xZoWg==, md5=OqqQXq3OeYzW/bisdhf63Q==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdsZM8gM_0M9RKCpc3n9d2fM9JGjczmkR6ytjlj1riaZLKcDB0NHngiIfeSKlmKBC-bjRn79UQVr7w_Hnlrt_wAcCn-ymQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 131265
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "3aaa905eadce798cd6fdb8ac7617fadd"
X-HW: 1649275759.dop111.am5.t,1649275759.cds233.am5.shn,1649275759.dop111.am5.t,1649275759.cds203.am5.c
x-goog-generation: 1648950993302532
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 131265
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-hi.bif
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 16 KB
16 KB 15ms
15ms Image
binary/octet-stream 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-hi.bif?aktaexp=1649279357&aktasgn=7919383b22672a085900a15afbf3a9e6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=6XFxdw==, md5=Q1UglCzioTr6UEwC5HHOAw==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdsD4qsraYsvIKoOafcCGXx6aiUb-u2ReSGDbKyRxyKm-BfYqVJdEoxKKde2fDUzfM9bOULj_-TvPBOnCMQqH4O5L099xA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 23816790
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "435520942ce2a13afa504c02e471ce03"
X-HW: 1649275759.dop237.am5.t,1649275759.cds224.am5.shn,1649275759.dop237.am5.t,1649275759.cds284.am5.c
x-goog-generation: 1648950993611627
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 23816790
Accept-Ranges: bytes
Content-Type: binary/octet-stream

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-med.bif
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 32 KB
32 KB 16ms
16ms Image
binary/octet-stream 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-med.bif?aktaexp=1649279357&aktasgn=da87fc09a19b47e6a52109d3599f9e37
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=9pkzgA==, md5=mjUrwUNAWQwrAJpIf5PaJw==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdvbAyQ-gOK4kPiGFs3T9RN827uXXNfisX4W6JKapsoGUKjl0pr8wLHAI1zwXXqBpbYPKvru7y3l5Ie90zGqc_El-kbJIw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 8580937
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "9a352bc14340590c2b009a487f93da27"
X-HW: 1649275759.dop152.am5.t,1649275759.cds140.am5.shn,1649275759.dop152.am5.t,1649275759.cds126.am5.c
x-goog-generation: 1648950993823136
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 8580937
Accept-Ranges: bytes
Content-Type: binary/octet-stream

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-lo.bif
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame B5C7 32 KB
32 KB 18ms
18ms Image
binary/octet-stream 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-lo.bif?aktaexp=1649279357&aktasgn=182b65be10bad788bbbebecbccd0475e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=or/pBA==, md5=4BtE4skF4oRyFiAnukqrVA==
Date: Wed, 06 Apr 2022 20:09:19 GMT
X-GUploader-UploadID: ADPycdvMC0UXK70zgzD1_nqdxxYnZNfPfaD6upyGHHtXaB97IvOB0Cfs0O5OCYtF0y60BnxDQb2g6EIpBSjCWdSLX26PiZZxTw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 2977551
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "e01b44e2c905e28472162027ba4aab54"
X-HW: 1649275759.dop212.am5.t,1649275759.cds004.am5.shn,1649275759.dop212.am5.t,1649275759.cds234.am5.c
x-goog-generation: 1648950993949533
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 2977551
Accept-Ranges: bytes
Content-Type: binary/octet-stream

Verdicts & Comments Add Verdict or Comment

300 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s1
beforeitsnews.com/	1970-01-20 02:08:04	Name: __cflb Value: 0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyJLiNktMCqiX
.mgid.com/	1970-01-20 02:07:57	Name: __cf_bm Value: hIxofgxUboviD1yGN.fwiBObX..RbN7O20HMFTZp1_E-1649275754-0-ARDi1XTMyzv4ULMg58C3ZrlVKRC2I0x9/rD4UuDJkQheB84TiLPweRzWPBH01cKchbQeHFkgMQ5pHBOnxn0Sew0=
beforeitsnews.com/	1970-01-21 02:07:55	Name: b4in-uuid Value: ad96017f-be69-413c-8251-552ffa326f8b
.beforeitsnews.com/	1970-01-20 19:39:07	Name: _ga Value: GA1.2.1934947354.1649275756
.beforeitsnews.com/	1970-01-20 02:09:22	Name: _gid Value: GA1.2.2081419660.1649275756
.beforeitsnews.com/	1970-01-20 02:07:55	Name: _gat_gtag_UA_16055024_1 Value: 1
beforeitsnews.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22UcwSbS7uV%22%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1649275756966%7D%2C%22C720413%22%3A%7B%22page%22%3A1%2C%22time%22%3A1649275756995%7D%2C%22C720415%22%3A%7B%22page%22%3A1%2C%22time%22%3A1649275757013%7D%7D
.rumble.com/	1970-01-20 19:39:07	Name: _ga Value: GA1.2.274135618.1649275757
.rumble.com/	1970-01-20 02:09:22	Name: _gid Value: GA1.2.511567750.1649275757
.rumble.com/	1970-01-20 02:07:55	Name: _gat_rumble Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js Message: Allow attribute will take precedence over 'allowfullscreen'.
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/748669/images/Screen%20Shot%202021-11-23%20at%2012_15_50%20AM.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/838644/images/Screen%20Shot%202021-12-20%20at%202_08_46%20AM.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/238306/images/Scary-Creatures-Caught-on-Camera.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/838644/images/Screen%20Shot%202022-04-06%20at%201_05_12%20AM.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.beforeitsnews.com
access.mp.lura.live
ajax.beforeitsnews.com
amg-news.com
beforeitsnews.com
c.mgid.com
cdn.mgid.com
cdn.onesignal.com
cdn2.customads.co
cm.mgid.com
customads.co
dcs-vod.mp.lura.live
external-content.duckduckgo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
h107833-ecdn.mp.lura.live
i.ibb.co
i.imgflip.com
i.ytimg.com
i2.wp.com
imasdk.googleapis.com
img.beforeitsnews.com
img.ifunny.co
img.youtube.com
jsc.mgid.com
m107833-mcdn.mp.lura.live
onesignal.com
pagead2.googlesyndication.com
rddywd.com
rumble.com
s-img.mgid.com
s.tradingview.com
s0.2mdn.net
s3-symbol-logo.tradingview.com
s3.tradingview.com
sctewbeans.xyz
servicer.mgid.com
sp.rmbl.ws
static-3.bitchute.com
static.foxtv.com
stats.g.doubleclick.net
tapnewswire.com
tkx.mp.lura.live
translate-pa.googleapis.com
translate.google.com
translate.googleapis.com
w3.mp.lura.live
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
104.18.64.15
104.19.133.78
104.19.136.78
151.139.128.11
169.55.146.12
18.66.2.79
18.66.91.125
192.0.77.2
209.58.165.79
2600:9000:223c:cc00:18:9413:7780:93a1
2600:9000:225e:3c00:1f:2f70:3e80:93a1
2606:4700:10::6816:4a8a
2606:4700:10::6816:4b8a
2606:4700::6812:e134
2606:4700::6812:e234
2a00:1450:4001:800::2002
2a00:1450:4001:802::200a
2a00:1450:4001:803::2006
2a00:1450:4001:803::200a
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:812::2016
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9a
2a02:26f0:ef::5c7b:c2a1
2a06:98c1:3120::7
2a06:98c1:3121::7
34.117.147.45
35.190.30.115
35.209.67.224
35.224.142.165
35.244.172.227
40.114.178.124
51.210.32.132
52.85.47.96
69.16.175.10
77.81.165.130
89.187.169.3
00b32e46f9cc4c02ccaf4aabe945b62c38b7b0f77a76ed653947e17b98cfab25
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
04ecbc9b770010b601da6d00953e93604a0cdf2de710367f6fa8b0cc6edec51d
07c651501ab571c3930f2d08841ac236962055b28c2dad45b479b72b2d64be96
09cc917c1b40ae197096b753399278c81a7198cdc9b739062d55a385607ac7a0
0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8
0bc3175dfad7d74cdf9bde074bf6059cf5153167c31d95dfdc2ff92a75bc4d8c
0c1a37f1e93e2b09bf1f78414e8d36cf043ac6baf9e75b5ad16898f4aafd6cc3
0c8109f9ce61d91310472ea3097c6dcdfecaeddbc335b06bc00a464ce7d0a5f9
0d55d444c4c2e7953c426971b5518a0a219334e6d3bc140b5564bbec80da7e64
0f9ae58daa0032a9d677be29e94efe949f9b99e3f643fbe8a715f61f6a1f2739
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
10dd194b8069ad30799a98fb2128e5e6accc3e56165ec8d11903bbf392a2243b
1189016500955f1732401ddbae934593b7f9a98b825806d50224941f324fac03
11c5625979269f539f0d6997bbef39ccb4f58713f1d080f9c08800a3f03a39a7
12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
132903897f549a18b6d66988675f65ec9db2f539748ee67d6a5c1b8f60b83c27
134ceb76ba650a82650cca9daa42a1fec333ba2af4c6655f10c7fb9ee7a81714
13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1
19b75019c6e3386c59d1d7e461cc4c6b5005a50fafb3e0e5ccb4d88e73b70bec
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1bb5463f066c121d2824b51f568b1783fd93f0b020e3db518366d6454a8e76c4
1d989b550c40f16ec4c592bf96b8787f43bdc88dbce9e25ee54ea3ab5538680e
1e1110f1eca7186750a7953411ee412c78f38ce861db58e8bc668c0dfdb98cc9
21b6f7e53806831b90878a1db8cc8f9f30be536b98d75b388925c28374cbed22
221c1305addb99a4f472eb0f4ee514f5c48e44ce80fd25266832afa6ef5892d9
226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d
22e56b7e66a75203914f5f0cb9cf1c4e95c065f101ace2189cc31de2da60f61e
2369d50fc4dddacdfadae06c66594a000c734b24ab49574c445e644a5607a1f3
23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b
2481371bfa0f684fdae04ff5e731b5eca020219ad3553e64c18eb919746d3ad6
24a5def112a50a4851378065e3b8c8d5718ea46fb62bc32e04960803605e6b80
2908bf5bf5fc38351a909fcf5d7dedb9dcf61a3bc10ff9af79d66a83f1d1c607
293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643
29a416ef332f8ec20d928f937dc0308282d5ce6fa0f1b93cb9eca87f63dbdd08
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
2f97bff3cceb5bad2c4c25f49040500c5e39075c6d47d4aa2b0380e53ec9f70d
300ae53f048c5c8da7aaa8e441599784b56d0cfaec6d45ef200d9496489fd93a
3114fc33f2736ee0b0157d2234740e587f03616ee1b924212677467e93d614c0
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
3582d70374e7c6f69d252bbff66c01930e0d18b47b8b29ad8537796dca8157c0
3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d
358a77653047ad7c05b75d09bd99ac299045ff2721d5811ec2f4ab87437c98f3
3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde
3ba0ec89a08dac2b188edb29fdd61033e516049fef6709cfb7c9839794f98f77
3d11e2588cd35b0b405dff819622a235f57ae37e195e54f65ea6e2b058a62b55
3e8fae34b1264a1e5793588e078296752d193ec75a6349eacf35ed094c8fe39c
3f627c7dd2a4af8ffa3d7ff2b7ce59e01539ff3e73cdf3fd8ee10f9b4ed56ca0
40fde384a385fd449c75e093bb8132f380cdf36ec2399dcd3c021a30b0e8ad68
41db5ed8b5612ed992ddae898fdb02c713ef224276c6e6151ccdb79ae8797a05
42526dd47f1aaa69c3de82e81c5892fb31494dc005b6eae41abd9dd24dbd85d2
43740fdd7e2b1f8884a067f22045f4ce1e296fffcbc5a9c2e3f25b0e32058d1a
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
4530611c3f1cae634c1faf7522163f51381ba334e9ce108f9bdb62bc28930dca
45ec09ef9e2d0e3f3903afd28ecbb6a99cd963f6ccd6dcaf0cfdb101bcdaf23d
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
49464ff796f9ad0ae71733bb09ca97b7a830625d69788b2fb82d389b7297a45d
4ad21eeba5edf636cd14bd80042ff43954a54f06cefb68d82ac2e4d5ceafba27
4c7f143de591c58b364772f049c84ef152a561c25ab903d061b8547716174e83
4d20f67113d1757b2a95a627d8124216e1a65ae5cd53bcb3f0a8365ae07ff2b2
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dd590da4543adceb76d881da1f96544411963582feaadc488ab9fe56befb958
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
4f10933a55ea376c3ae57000f6a7c410d52a2b45e0e8d404a0a7d1faa01ebe2f
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
4fbe550b77ee74326c037ac840193315da6af2ccd701865af574ee9194271486
523beb159be2a5e835f9c150f07471d58bad526d0668de7bbaba507b10427ec2
524819c848e033d304a8c4a3bba95075b39efaed14a8148d7956fd7a75ac0d1f
53480910be5956cc20cf1675d6a28d405b806f9f4d09125a6870410809323997
558e06787bc415a02f65b4befd26ee993b8c130e797662eb172655dfeaf9ec81
57ec47aac80233c10c94bef74f050e8ad513416a48d63775f0f71d40ee4f7d42
58edc25ba1976b550899f5f02fe9344f4f5fccfd573a379df3451e743f8a8c06
592c413af52d483656a5e67bec31ecaa5e6eebfb41056313fb444ff1700a1457
5a85f13107d6d16140d0f04b0f906426fe7c9f933b3fe5bd65564118720460ac
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5b997bcff91f40fdd88dfa17feadca80bc7029e99e6dcbe6d78f3a1e210a9432
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5ecf9f2f22901cca86d63ffe4ac76ac9f9ac40c7887ebdedc1c52fa77e4bf905
5ecfa786819c30473660f6d9312fc7040a02543e2e6d7e2d2d4afac2a39e3604
5f3e583f8e154035fdb6a5019d8e3fdd75cf11fcd6030d96a3640bc6b8858004
6110b17f97d16006713d1ce5464539d555b8265b8376af939950585b6dc40a7e
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
63eb5d1f28f8e1d33405126b6f2bb9ead2a1ee82be5d495aad4a7612dbf46830
685530e71232c03ceb6dafc772edeb39ffc4ac54a508fbb2310eab72aa7efb24
68a8fe1f631beef2ff44126e6a4ca9c5b0df5332c1d9feeb46822263ae485529
68acab0092db4bc9e90df7a7c9845997c35e8baf3f35950d48944afe37eb0dd0
6a123a54bdcbc73889d5f63c9b3e1b9a5705120d7711ea9dc1256847120e4a29
6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4
6c5472b311cc5cb731d6d9ded2dc1ef1143e97e79a444dd85e58cbb199f1fe62
6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965
6dfab4d0c5aaa10f4efb087ee57f2591d2e29c38ab7ad210415bd1862fa050ab
7018574f4f80ba558b5ea0275a30ebb8cc647e44927b7fb7b091c3e2ad4fe7f7
708e15f646a4a88e3398f55ae92a59a527aeeff35f3a801ba5e575aa1a2ea038
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
7516973fd6152d7a24a2b64cadf4afb4c036b6ad0537b010459e61c9cbd05879
79292ca05a41222666bcef29f05c6a015e62907013534ca87dd2b2c82b15dbf1
7981a2b04cca6e1680f1c7fce898090dda1b59163b724f998f1a0ae5c2731054
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7a5b08449ed71972cd12c3cea431776e3f4bf6629599ce4c3795045ad3fbdb37
7bd643bb9b42175959a170232380d03397a1d4b2c1be6753e07702830f7f7dd6
7d23a42bddab61b2b5d6aaa2428483ed8e502f5107a3eab8cc733b6b86913514
7e4737e7c4ec7eb997104bae7f89d6f865d25e7fdba20f5237819fa5bbab6bf4
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7f83faa9b7f37b833d3d80dbe2b5163f0d4ecf859d1cc0fac21b55a72270896d
7feedef5ec2be919df16ee6ef2e80ecdd8b80daf012093c742829599b8d4bfe9
80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db
81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a3d8af7a1f1580c3d29069e046b0bc5cea5406a3015d7f2de17d76fdef8711
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88849077748f50e5f7d546d975571053b7a23bfd7c1908bfa8dd268bc0e07a46
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90796b5c39aeb5c4c5f04c136aeeef2bcc1b7dcde611a8e448c14c9d507e68de
90b30d6156360e17597da1243925554668eeb5d68e0717aad660493a024f7ada
92a5ddaf5ce3836ea526daee5582730fbc4a93078d5343d2ede8ce45290df0fd
92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
962ad038354035ffa7514c00b09391bb845c71748414018801d8b0710e5a13a7
9722e5d135f2d857788589b7cda5fe2dcfc1fff75cd1d7663a43d87bbb6ca563
9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f
9834ca3586d66be8d05107db717ddc235db6479498868007319da66855c51d44
98a2cb3a17c838354e94266022a1fe77ee586049d9eba9e59a8bf6de95d31bc6
993c58ad3f0e7d5344de2eb67b12ea9b747a6200c990b88e0b7922a211966bc4
9a3cadfbcb7a00b44d9749e2f3cc615572b9ee7ffb403817733e73b5dd6674b1
9eca4e49045cd53a1b9ba95c3ab68ed361d1b406c3b884de14e5e65283abfe55
9fc321a58bf498a1a43fa8474df28cb4ad4f139f4b6aeea9e88d44bf7c07bfe9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a
a0f893cdd27ad638374e84f2d6a4700d51817bfbad8c15885a40a976c201c119
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3d6e14b6dcaecc24454e5eb10ed24b1470be51daf9d9cc8cc5dd5c1440f614f
a6a3a6b92cf304d5865647465ca4a75ebd5519c31afef90a98d3fb34df172636
a84a8744a41ecc1f71092aa59cf2ba573713c61179e9ecad6e3a5da4aac7bde9
a9133ce4738bf2d0d12282d16afe84b60f83a270af9750330b287429b360782a
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ad564c166f59b7f11fb1321424020fb0aeace18310447e7e4d3b577d57df7a40
ae9eeaa98bc6e80794e06c878bd1f52c521ce7585fdd12bfe35ebc47caae56d6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0ab77a1efb951105f36b78a23a02b9212f5f356de812d587ef78006a6b8ee2c
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
b510a882c697c69a11442c364a3e878dd12729f27c01c3b8054c643456034932
b5c6bdb4960d118fcc93d038a215f3bbf1178e17835ee5bff78d74fdba622db0
b60deb0a2079173ef23e3525d66b6a0681b8305a2a699ae059c1f360bfbb882c
b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2
b76ba6069e94791fea86ac3425ae824aff87339fb4ac3dfeeb0c46246dfe85b5
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
ba8bc161394d0f1fd1a2117405b99c2ff97fdd2bbf274310faeeba1f4129b1d8
c04a1d67e4819ba554cba5b79a86ad261fa2de0b0eae3bbe0cc5523d87b14130
c17370eabc62330fee9493927b6179288f22c8e2ecba3620a1a961b2cb123833
c26fc290f89d67bc8ee7265f1a0eed9dcf7bde2db116edeeda7ce68059384587
c298467ce4ae0bbec5dc5dad890d53b2e5aae3609030199b47e792e70991c8d2
c40a76d5b2a499d72ae9cf56f048c1a79f55909ecf1d81550b2aa4269ac0442f
c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7
c7e58799078e5a29d5b03f677d5402d4c36edb7f2af33d6fad341cb998569ba2
c80da2da9dfa9463f27ded5cd4ea366a443c038ec9e43609e9446cb4c71eba9c
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cc0ebbc5fca4ee4d348380f1d5d9466ddbf6e5dfa4dab01be22ad8dd06cfca18
ce8bf667e6f4e40095ea8c5ff0e951f1cb9113628ae49d770eb8e422238f0ba4
cea4f9d1cf9509fed75ec685f44051486c6520fa65fa05f407b8d84b9ad1c919
cf449a3eceffa39c99b91ed1f9f2e2ba46b54c7c1c177be38a1404031ba68463
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619
d2d5082c838c08e75129535e625ad20eced3811758e0013e8c36412c4e96bb2b
d432412148b6b92ee52b350dd4b2cc61f2dd76036214fd0fde72788bc9158c1e
d4b612a2e22b46805d3a445acb4830c06549c89d878a8d9f979a7fd51111a4b6
d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3
d6eb39975c99803522d3b2fe171480294ca7125366f34565e773ea7e34a1b45a
d78fa11d49d6f5896519ee387440209a4ad363f68a816146c03b732b3fd45809
d79fee025b93dac74df8a60e0c1676b78b99f614e6f37fe2b1bb0de2bea3b3f2
d8320dd5880e4fa4824a76034658b646580c16cc4279a8186df89803beb9bca2
da69f6ccfa05256e6a49dd676b486cc9cd36756d773b663fc49e4c26cdbf71e4
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391
dd437fae2b5a0d8bed59d4533e6c27529acd582705ef58c0c30cd18a61d8fba6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0cc46fd307661ddfe1c8a4f05af453ce3c5c7641b22c4ce3e06ab690c99348b
e1142b7b240ebf021f074f0daaa9811f8a560350768ebe608500d69c7335755a
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2f5a5a55cd6453b2c02e2d98db5c2e86f5652807d78a50c93a37616f5c196f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e64bd547501d02ecc8284478d8e0b3e9a726a95a7aa4fc8781f3d4fda759f3d4
e67454d67b52ee7514361ce8a2a3d6617a01338d6909eddc7ccb86da8d451e0c
ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770
eb0b44522322e3379c9c3519c63813eab096880b9860a50a17712c5f085580e3
ed390e84c9cbc129328c6da9ead576f839b6fec67eb9ace1b32740f4641953a5
edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb
eeda1f19ef221f80fa47f884948c4cc56c932768ee79ace609e7545852bf2987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8e4f21e130cbc16f421630f4d1f5bdc6350c1a6b6f6353f4854d9d81a843db
f09c10e1655b77957585fbdba97724eb8cc87805a4ad8c6924c1bc83e476e1d0
f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897
f3d26f3941c668c57d648fbd4675065c6f9b274ebf4d0611c16b2436d583ab83
f571fc9f10d18fa07d344d224cf37b069e737389743539e2ca5c6c9565024536
f64e2fc1e164a9327903f64967e77b69208bd79faf3278db718f05562a031d81
f80df881f4300620113717b24686456d7bd64ead2731d5c319ac1f1fd0fff489
fc35289c9c1db23e19069f7829065dbf6bb81dee08abff40c051c57a24ee144c
fc82346fd0b1807d7bc777203f7206ef117cec0f256c710ed99baa3051b8c0de
fc9906ae2eb46a468151265d3cadd50e4f3fec3c9d2bd379748fef41d279b1ac
feb41c509f43810ca3cdd52e858716c922fb97476f78d695e3d1f335b504ba53
ff04d6b84bf181bc57b1af04902e28cf7f395ac25a87303d017aaf15f8c3046a

beforeitsnews.com Open in urlscan Pro 2606:4700:10::6816:4b8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

244 Requests

100 %HTTPS

57 %IPv6

30 Domains

54 Subdomains

48 IPs

8 Countries

7698 kBTransfer

26092 kBSize

11 Cookies

32 Outgoing links

Redirected requests

244 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Screenshot
Live screenshot

Full Image

244
Requests

100 %
HTTPS

57 %
IPv6

30
Domains

54
Subdomains

48
IPs

8
Countries

7698 kB
Transfer

26092 kB
Size

11
Cookies

244 HTTP transactions
3 data transactions