beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://beforeitsnews.com/
Submission: On October 15 via api (October 15th 2021, 4:45:23 pm UTC) from QA — Scanned from DE

Summary HTTP 257 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 63 IPs in 10 countries across 50 domains to perform 257 HTTP transactions. The main IP is 2606:4700:10::6816:4b8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2021. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	2606:4700:10:... 2606:4700:10::6816:4b8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	65.9.71.121 65.9.71.121	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:4e23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
6	104.18.255.14 104.18.255.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
5	89.187.169.15 89.187.169.15	60068 (CDN77 ^_^) (CDN77 ^_^)
2	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:303... 2606:4700:3031::ac43:a025	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::ac43:d037	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	40.114.178.124 40.114.178.124	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	209.58.165.79 209.58.165.79	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	2600:9000:206... 2600:9000:206f:9600:1:93c2:a1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3035::ac43:b7d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8746	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.40.36.137 89.40.36.137	50939 (SPACE-AS) (SPACE-AS)
1	2a02:fe80:101... 2a02:fe80:1010::16	30148 (SUCURI-SEC) (SUCURI-SEC)
1	104.26.11.239 104.26.11.239	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	13.35.253.111 13.35.253.111	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:40f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:4a8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
19	2600:9000:205... 2600:9000:2057:2600:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
4	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
10	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	169.55.146.12 169.55.146.12	36351 (SOFTLAYER) (SOFTLAYER)
9	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
5	35.241.40.69 35.241.40.69	15169 (GOOGLE) (GOOGLE)
1	35.190.16.125 35.190.16.125	15169 (GOOGLE) (GOOGLE)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a0c:5c81:513... 2a0c:5c81:5139::2	55081 (24SHELLS) (24SHELLS)
2 2	52.29.14.143 52.29.14.143	16509 (AMAZON-02) (AMAZON-02)
1 1	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	18.195.106.43 18.195.106.43	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
1 3	13.35.253.42 13.35.253.42	16509 (AMAZON-02) (AMAZON-02)
2	107.178.255.150 107.178.255.150	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.186.200.149 35.186.200.149	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
25	35.241.22.139 35.241.22.139	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
257	63

44 2606:4700:10::6816:4b8a (United States)

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.71.121 (United States)

ASN16509 (AMAZON-02, US)

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:4e23 (United States)

ASN13335 (CLOUDFLARENET, US)

calabeshes.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.255.14 (None, )

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.187.169.15 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-632.bunnyinfra.net

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:a025 (United States)

ASN13335 (CLOUDFLARENET, US)

jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:d037 (United States)

ASN13335 (CLOUDFLARENET, US)

thewashingtonstandard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.114.178.124 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

external-content.duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.58.165.79 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: opal2.opalstack.com

tapnewswire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:9600:1:93c2:a1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

photos.brighteon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:b7d9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conservativedailynews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8746 (United States)

ASN13335 (CLOUDFLARENET, US)

www.naturalnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.40.36.137 (Romania)

ASN50939 (SPACE-AS, RO)
PTR: amg-news.com

amg-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fe80:1010::16 (United States)

ASN30148 (SUCURI-SEC, US)

secureservercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.239 (United States)

ASN13335 (CLOUDFLARENET, US)

21stcenturywire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.35.253.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-111.fra6.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:40f1 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4a8a (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:2057:2600:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.55.146.12 (Hamilton, Canada)

ASN36351 (SOFTLAYER, US)
PTR: c.92.37a9.ip4.static.sl-reverse.com

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.241.40.69 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 69.40.241.35.bc.googleusercontent.com

w3.cdn.anvato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.16.125 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 125.16.190.35.bc.googleusercontent.com

access-prod.apis.anvato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.14.143 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-14-143.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.161.21 (Netherlands) 1 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.106.43 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.25 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.253.42 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-42.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.255.150 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 150.255.178.107.bc.googleusercontent.com

tkx.apis.anvato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.200.149 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 149.200.186.35.bc.googleusercontent.com

dcs-vod.apis.anvato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 35.241.22.139 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 139.22.241.35.bc.googleusercontent.com

nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.foxtv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	beforeitsnews.com beforeitsnews.com img.beforeitsnews.com ajax.beforeitsnews.com a1.beforeitsnews.com	809 KB
34	anvato.net w3.cdn.anvato.net access-prod.apis.anvato.net tkx.apis.anvato.net dcs-vod.apis.anvato.net nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net	3 MB
29	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	305 KB
29	tradingview.com s3.tradingview.com s.tradingview.com s3-symbol-logo.tradingview.com	267 KB
12	youtube.com img.youtube.com www.youtube.com	775 KB
10	rmbl.ws sp.rmbl.ws	1 MB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net static.doubleclick.net	41 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	83 KB
7	googleapis.com fonts.googleapis.com www.googleapis.com translate.googleapis.com imasdk.googleapis.com	397 KB
6	google-analytics.com www.google-analytics.com	59 KB
6	imgflip.com i.imgflip.com	492 KB
5	bidswitch.net 5 redirects x.bidswitch.net	3 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	11 KB
5	onesignal.com cdn.onesignal.com onesignal.com	83 KB
5	google.com www.google.com translate.google.com	42 KB
5	bitchute.com static-3.bitchute.com	200 KB
3	foxtv.com static.foxtv.com	56 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	rumble.com rumble.com	32 KB
3	tapnewswire.com tapnewswire.com	29 KB
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	755 B
2	adform.net 2 redirects c1.adform.net	947 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	adsrvr.org 2 redirects match.adsrvr.org	905 B
2	360yield.com 2 redirects ad.360yield.com	612 B
2	lockerdome.com lockerdome.com	3 KB
2	google.de www.google.de	629 B
2	rddywd.com rddywd.com	1 KB
2	duckduckgo.com external-content.duckduckgo.com	57 KB
2	thewashingtonstandard.com thewashingtonstandard.com	118 KB
2	wp.com i2.wp.com i0.wp.com	83 KB
2	googletagmanager.com www.googletagmanager.com	76 KB
2	ytimg.com i.ytimg.com	61 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	2mdn.net s0.2mdn.net	17 KB
1	lentainform.com cm.lentainform.com	495 B
1	pubmatic.com simage2.pubmatic.com	492 B
1	idealmedia.io cm.idealmedia.io	412 B
1	e-volution.ai 1 redirects sync.e-volution.ai	463 B
1	adtelligent.com s.adtelligent.com sync.adtelligent.com Failed	885 B
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	googlesyndication.com pagead2.googlesyndication.com	50 KB
1	21stcenturywire.com 21stcenturywire.com	12 KB
1	secureservercdn.net secureservercdn.net	37 KB
1	amg-news.com amg-news.com	903 KB
1	naturalnews.com www.naturalnews.com	380 KB
1	conservativedailynews.com www.conservativedailynews.com	19 KB
1	brighteon.com photos.brighteon.com	29 KB
1	jamesredpillsamerica.com jamesredpillsamerica.com	886 KB
1	calabeshes.xyz calabeshes.xyz	41 KB
257	50

	Domain	Requested by
30	beforeitsnews.com	beforeitsnews.com
25	nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net
19	s3-symbol-logo.tradingview.com	s.tradingview.com
14	img.beforeitsnews.com	beforeitsnews.com
10	s-img.mgid.com	jsc.mgid.com
10	sp.rmbl.ws	beforeitsnews.com rumble.com
9	www.youtube.com	beforeitsnews.com www.youtube.com
9	s.tradingview.com	s3.tradingview.com s.tradingview.com
8	cm.mgid.com	jsc.mgid.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com rumble.com
6	i.imgflip.com	beforeitsnews.com
5	x.bidswitch.net	5 redirects
5	w3.cdn.anvato.net	w3.cdn.anvato.net
5	static-3.bitchute.com	beforeitsnews.com
4	www.gstatic.com	translate.googleapis.com www.youtube.com www.gstatic.com
4	cdn.mgid.com	jsc.mgid.com
4	www.google.com	beforeitsnews.com www.youtube.com
4	stats.g.doubleclick.net	www.google-analytics.com lockerdome.com
4	jsc.mgid.com	beforeitsnews.com jsc.mgid.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	static.foxtv.com	w3.cdn.anvato.net
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com
3	rumble.com	beforeitsnews.com rumble.com
3	onesignal.com	cdn.onesignal.com
3	translate.googleapis.com	translate.googleapis.com
3	tapnewswire.com	beforeitsnews.com
3	img.youtube.com	beforeitsnews.com
2	imasdk.googleapis.com	w3.cdn.anvato.net imasdk.googleapis.com
2	tkx.apis.anvato.net	w3.cdn.anvato.net
2	rtb-usw.mfadsrvr.com	2 redirects
2	c1.adform.net	2 redirects
2	creativecdn.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	match.adsrvr.org	2 redirects
2	ad.360yield.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	servicer.mgid.com	jsc.mgid.com
2	lockerdome.com	cdn2.lockerdomecdn.com
2	cdn.onesignal.com	beforeitsnews.com cdn.onesignal.com
2	www.google.de	beforeitsnews.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com
2	rddywd.com	beforeitsnews.com
2	external-content.duckduckgo.com	beforeitsnews.com
2	thewashingtonstandard.com	beforeitsnews.com
2	www.googletagmanager.com	beforeitsnews.com s.tradingview.com
2	i.ytimg.com	beforeitsnews.com www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	s0.2mdn.net	imasdk.googleapis.com
1	static.doubleclick.net	www.youtube.com
1	dcs-vod.apis.anvato.net	w3.cdn.anvato.net
1	token.rubiconproject.com	eus.rubiconproject.com
1	cm.lentainform.com
1	simage2.pubmatic.com
1	cm.idealmedia.io
1	pixel.rubiconproject.com
1	sync.e-volution.ai	1 redirects
1	s.adtelligent.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	access-prod.apis.anvato.net	w3.cdn.anvato.net
1	cdn2.lockerdomecdn.com	beforeitsnews.com
1	a1.beforeitsnews.com	beforeitsnews.com
1	c.mgid.com	jsc.mgid.com
1	translate.google.com	beforeitsnews.com
1	ajax.beforeitsnews.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	21stcenturywire.com	beforeitsnews.com
1	secureservercdn.net	beforeitsnews.com
1	amg-news.com	beforeitsnews.com
1	www.naturalnews.com	beforeitsnews.com
1	i0.wp.com	beforeitsnews.com
1	www.conservativedailynews.com	beforeitsnews.com
1	photos.brighteon.com	beforeitsnews.com
1	jamesredpillsamerica.com	beforeitsnews.com
1	i2.wp.com	beforeitsnews.com
1	calabeshes.xyz	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
0	sync.adtelligent.com Failed	s.adtelligent.com
257	79

This site contains links to these domains. Also see Links.

Domain
www.herbanomics.com
www.tradingview.com
mitocopper.com
c206dt1hkf52hb9pfn3hobak55.hop.clickbank.net
25d25y4dmmx7h8eiri68xb0o9k.hop.clickbank.net
5startech.bioptimize.hop.clickbank.net
67c17t4mop5dd2bkqeiatx5n7u.hop.clickbank.net
forum.beforeitsnews.com
www.youtube.com
0d1bc30khn8aj8baofa0ob1zic.hop.clickbank.net
widgets.mgid.com
www.mgid.com
brainberries.co
tinyurl.com
polaraidhealth.com
www.fincabayano.net
www.braintuner.com
www.herbanomic.com
telegram.org
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-14` - `2022-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.tradingview.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sp.rmbl.ws R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
static-3.bitchute.com R3	`2021-09-23` - `2021-12-22`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.duckduckgo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-02` - `2022-11-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tapnewswire.com R3	`2021-08-14` - `2021-11-12`	3 months	crt.sh
brighteon.com Amazon	`2021-07-23` - `2022-08-21`	a year	crt.sh
amg-news.com R3	`2021-09-28` - `2021-12-27`	3 months	crt.sh
secureservercdn.net Starfield Secure Certificate Authority - G2	`2021-05-27` - `2022-06-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
cdn2.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2021-03-06` - `2022-04-07`	a year	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
*.rumble.com DigiCert SHA2 Secure Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
w3.cdn.anvato.net GTS CA 1D4	`2021-08-26` - `2021-11-24`	3 months	crt.sh
access-prod.apis.anvato.net GTS CA 1D4	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
tkx.apis.anvato.net GTS CA 1D4	`2021-08-29` - `2021-11-27`	3 months	crt.sh
dcs-vod.apis.anvato.net GTS CA 1D4	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net GTS CA 1D4	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
foxtv.com DigiCert SHA2 Secure Server CA	`2021-08-24` - `2022-08-24`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 4C858C7A19670017209000D97CC478C7
Requests: 139 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202191516
Frame ID: 0550BF7CC541588ADD337D2797161057
Requests: 3 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202191516
Frame ID: 960E6D7C4A74DDAEE03EA7EFF0D4EFEB
Requests: 6 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: FEFC6D74AFFF75715B1755962957D067
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Frame ID: C5CE1D658AAA04BE1DE6FE99B0021B6C
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: F4A853798E9105013BFA416BE28125EF
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: C6320CDB9A94A40C566351217DB9B945
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: DD52EA4D803EF7AEF57933992FCB6B2E
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 1A1E1C18AD97F712814E48E3AFA4036F
Requests: 1 HTTP requests in this frame

Frame: https://rumble.com/embed/vl5ncf/?pub=hw409
Frame ID: 74BA71A84761A0922EA69E7591D77A69
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/HNSnlQVj29E
Frame ID: 3A31D73DC93FB3F051AE1DDBCDBE0705
Requests: 18 HTTP requests in this frame

Frame: https://w3.cdn.anvato.net/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiOTY5NDI2IiwiYW52YWNrIjoiMHJRcGExZG1CYVRtS254aGRVMjNiWWFIbHZ6UkJBUHAiLCJzaGFyZUxpbmsiOiJodHRwczovL3d3dy5rdHZ1LmNvbS92aWRlby85Njk0MjYiLCJwbHVnaW5zIjp7ImN1c3RvbUNvbXNjb3JlUGx1Z2luIjp7ImMzIjoiS1RWVSBGT1ggMiIsImM2IjoiZnRzIiwic2NyaXB0IjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvQ3VzdG9tQ29tc2NvcmVQbHVnaW4uanMiLCJzZGsiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9jb21zY29yZS9jb21zY29yZS5qcyIsImNsaWVudElkIjoiNjA0MjkwMSIsIm5zX3N0X3N0IjoiS1RWVSIsInRpdGxlIjoiRm9ybWVyIHByZXNpZGVudCBEb25hbGQgVHJ1bXAgaG9sZHMgYSByYWxseSBpbiBDdWxsbWFuLCBBbGFiYW1hIiwibnNfc3RfY2kiOiI5Njk0MjYifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJrdHZ1IiwiYXBwX25hbWUiOiJrdHZ1LmNvbSIsImFwcF9wbGF0Zm9ybSI6IndlYiIsImFwcF92ZXJzaW9uIjoiMS4wLjAiLCJzZWdtZW50SWQiOiJvZ1hUZndpSzhUQXJsSFF6cEFBNmN5MmcySEp4bHUzTyIsInBsYXllclVuaXF1ZUlkIjoicGxheWVyLTEzNTBhY2UwLTg3NGQtNGZlZC1hMmE4LWU0MGMzYTY5NDhhNiJ9LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2FaXU9LzYzNzkwNTY0L2t0dnVfZm94MiZkZXNjcmlwdGlvbl91cmw9W3BsYWNlaG9sZGVyXSZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9JnRmY2Q9MCZucGE9MCZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnN6PTEwMDF4MTAwMSZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmNtc2lkPTI1NDEyOTgmdmlkPTk2OTQyNiIsImtleVZhbHVlcyI6eyJzdHlwZSI6WyJuZXdzIl0sInB0eXBlIjoidmlkZW8tY2xpcCIsImMiOlsibmV3cyIsInNlZW4tb24tdHYiLCJkb25hbGQtai10cnVtcCIsInBvbGl0aWNzIl0sImQiOiJ3ZWIiLCJ1c19wcml2YWN5IjoiMS0tLSJ9fX0sImhlYWx0aEFuYWx5dGljcyI6e319LCJodG1sNSI6dHJ1ZSwiZm9ybWF0IjoibTN1OCIsInRva2VuIjoiZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SjJhV1FpT2lJNU5qazBNallpTENKcGMzTWlPaUl3Y2xGd1lURmtiVUpoVkcxTGJuaG9aRlV5TTJKWllVaHNkbnBTUWtGUWNDSXNJbVY0Y0NJNk1UWXlPVGd5T1RReU9Td2lhV0YwSWpveE5qSTVPREkxT0RJNWZRLkN1SGtHM25oSmJGTGF6b3pURWhicjdTYzZPd1JuV05YaXBLZ001cHJvZXMifQ%3D%3D
Frame ID: A5E4A046B5EB5C9EABA8738299593FB0
Requests: 41 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1634316317753453691085
Frame ID: 930DB072AD41F4F1FE28D76FB529D4EF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 15468D5DF395127F8510F3F0D4B881BB
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: EA92BE4A9805DD5CB2F1BCB9DD8289CD
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: A97F8206BBA499214F1CEBBCCCF55D07
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before It's News | People Powered News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

257
Requests

100 %
HTTPS

49 %
IPv6

50
Domains

79
Subdomains

63
IPs

10
Countries

11019 kB
Transfer

21987 kB
Size

40
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Ticker Tape

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/certified-organic-biotin/
Title: What Vitamin Gives You Beautiful Hair, Strong Nails, Amazing Skin and Helps Lose Weight? (VIDEO)

Search URL Search Domain Scan URL

URL: https://c206dt1hkf52hb9pfn3hobak55.hop.clickbank.net/?tid=BINRTL32021
Title: New Fat-Burning Formula Melts Off Fat While Enjoying The Best Sleep Of Your Life - Click Here For Details

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/immusist-beverage-concentrate/

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/hnex-hydronano-extracellular-water/

Search URL Search Domain Scan URL

URL: https://25d25y4dmmx7h8eiri68xb0o9k.hop.clickbank.net/?tid=BINRTL1_1521
Title: Click Here If You’re Ready to Give Up the Burden of Your Belly Fat, and Bring Excitement, Comfort and Satisfaction Back into Your Life…

Search URL Search Domain Scan URL

URL: http://5startech.bioptimize.hop.clickbank.net/?w=mag
Title: Magnesium Breakthrough Helps To Eliminate Anxiety, Stress and Promotes Better Sleep and Well-Being

Search URL Search Domain Scan URL

URL: https://67c17t4mop5dd2bkqeiatx5n7u.hop.clickbank.net/?tid=BINRTL92321
Title: Attention Men & Women Over Age 55 Struggling To Lose Weight… Discover How The Foods You Eat Every Day Are Making Your Fat Cells SICK… Making it IMPOSSIBLE to Lose Weight

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://0d1bc30khn8aj8baofa0ob1zic.hop.clickbank.net/?tid=BINPBL101021

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720412

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://brainberries.co/culturearts/what-women-from-famous-paintings-really-looked-like/

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/emf-blocking-smart-meter-cover/
Title: Try THIS Smart Meter Shield and Cut Radiation by 98%! It's Why the Illuminati Are Freaking Out! (VIDEO)

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxwvh36c

Search URL Search Domain Scan URL

URL: https://polaraidhealth.com/buy/

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/
Title: The Curcumin You Can Feel - UltraCür® - Fast Acting Natural Inflammation Support

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://brainberries.co/gadgets-and-science/7-theories-about-the-death-of-our-universe/

Search URL Search Domain Scan URL

URL: https://brainberries.co/people/10-plus-size-models-that-will-make-you-forget-about-your-girlfriend/

Search URL Search Domain Scan URL

URL: https://brainberries.co/funny/average-guy-photoshops-himself-sleeping-with-celebrities-and-its-hilarious/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/top-7-best-car-manufacturers-of-all-time/

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/humic-fulvic-liquid-trace-mineral-complex
Title: THIS Humic Fulvic Complex Has Provided Major Health Benefits To Thousands. (See VIDEO)

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/detoxadine-organic-iodine-supplement/
Title: Your Body Needs Iodine! Here's What You Don't Know About Iodine and Your Health!

Search URL Search Domain Scan URL

URL: https://mitocopper.com/
Title: Breakthrough Patented Copper Supplement! You'll Never Believe What It Does Until You See the Blood Video!

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: ALERT! Protect Yourself NOW - They'll Never See It Coming Until They Are On The Ground and Can't Move!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 176

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 178

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=5e0e09ee-6c85-42cb-b55d-ee2b3edac06a

Request Chain 179

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l9fgyRh_ycJ9 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=

Request Chain 180

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=90f0e81e-3914-4763-a0bb-f1b4e2094168&ttl=1636908318

Request Chain 182

https://x.bidswitch.net/sync?dsp_id=303&user_id=l9fgyRh_ycJ9 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l9fgyRh_ycJ9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a897d2b1-829c-460f-960e-cee6dd9ef342&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDlmZ3lSaF95Y0o5&muidn=l9fgyRh_ycJ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDlmZ3lSaF95Y0o5&muidn=l9fgyRh_ycJ9&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=l9fgyRh_ycJ9&google_ula={guid},5&google_gid=CAESECVtUYSrVOByCHUStXcuqCw&google_cver=1

Request Chain 185

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=IKNqnOFMJ4o2AJvKzdqg&pi=mgid&tc=1

Request Chain 186

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=4369468153446208702&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=a897d2b1-829c-460f-960e-cee6dd9ef342&gdpr=&gdpr_consent=&us_privacy=

Request Chain 187

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=c9161312-269c-4e04-860d-cea6977229ba

Request Chain 209

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1634316318093&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634316318093&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=

257 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
beforeitsnews.com/ 122 KB
25 KB 722ms
642ms Document
text/html 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09ab0e09a94016fd87bdbec6cbb5318f6077b123ae4092313394fed3b6629d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: beforeitsnews.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
content-type: text/html; charset=UTF-8
cf-ray: 69ea8447eb4d4e80-FRA
access-control-allow-origin: *
cache-control: private
set-cookie: SERVERID=s3; path=/ __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H; SameSite=Lax; path=/; expires=Fri, 15-Oct-21 19:03:15 GMT; HttpOnly
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-max-age: 3628800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 _KRSshvvWcFjj8eVhUL7TTu75W0.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 24ms
22ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11541141
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: K522D3R0RH0204P8
x-amz-id-2: asuqKPIQP/RST6NJ+S20Sw1PTYqLIM9dgZlD6+5N2El6vJsSdDsTDZBoA0aoi2ufLwyrsyk0Zao=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7f176f4cc71059e93db3ae6263ce5c62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: iruw_GjpCNwc.7p7jDS427AkLHWsll2i
cf-ray: 69ea844c1aa94e80-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27ade501ed1979a72641c4341d674b0ac8268a928ab4f256f55603fef19dc7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 16:45:15 GMT
server: ESF
date: Fri, 15 Oct 2021 16:45:15 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 15 Oct 2021 16:45:15 GMT

GET
H2 200 global-bin-rev-20211014.css
beforeitsnews.com/static/css-v3/ 15 KB
4 KB 26ms
24ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c6b9a83f42cb144aa389cd13ebf0d3349818b28170449f11813094ae2492c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/global-bin-rev-20211014.css
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 106398
cf-polished: origSize=15789
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:11:07 GMT
server: cloudflare
etag: W/"6168104b-3dad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 69ea844c1aad4e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:11:57 GMT

GET
H2 200 fancybox-bin-rev-20211014.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 34ms
32ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20211014.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/fancybox-bin-rev-20211014.css
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 106398
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:11:07 GMT
server: cloudflare
etag: W/"6168104b-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 69ea844c1ab04e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:11:57 GMT

GET
H2 200 home-bin-rev-20211014.css
beforeitsnews.com/static/css-v3/ 28 KB
7 KB 32ms
31ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20211014.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdac3b2e717d6b9c56e993749d915b26847520b8bd7dfb90d1f9089fffe09e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/home-bin-rev-20211014.css
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 106370
cf-polished: origSize=29134
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:11:07 GMT
server: cloudflare
etag: W/"6168104b-71ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 69ea844c1ab24e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:12:25 GMT

GET
H2 200 responsive-bin-rev-20211014.css
beforeitsnews.com/static/css-v3/ 20 KB
4 KB 23ms
21ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20211014.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

708e15f646a4a88e3398f55ae92a59a527aeeff35f3a801ba5e575aa1a2ea038

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/responsive-bin-rev-20211014.css
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 106398
cf-polished: origSize=20565
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:11:07 GMT
server: cloudflare
etag: W/"6168104b-5055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 69ea844c1ab44e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:11:57 GMT

GET
H2 200 web-responsive-bin-rev-20211014.css
beforeitsnews.com/static/css-v3/ 371 B
240 B 37ms
33ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/web-responsive-bin-rev-20211014.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/web-responsive-bin-rev-20211014.css
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 106398
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:11:07 GMT
server: cloudflare
etag: W/"6168104b-173"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 69ea844c1ab54e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:11:57 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
57 KB 34ms
31ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/jquery-fancybox-mobiledetect-uuid.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1857484
cf-polished: origSize=149701
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 69ea844c1ab64e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 01 Oct 2021 04:47:11 GMT

GET
H2 200 global-bin-rev-20211014.js Show response
beforeitsnews.com/static/js-v3/ 12 KB
4 KB 33ms
30ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20211014.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/global-bin-rev-20211014.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 106398
cf-polished: origSize=12613
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:10:29 GMT
server: cloudflare
etag: W/"61681025-3145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 69ea844c2ab84e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:11:57 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 49ms
36ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 394183
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 03:15:32 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844c8bb34e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 61ms
9ms Script
text/javascript 65.9.71.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da8688a50b98af6cfcb106a460d4371795eed39b580da7672083e79149c6f3f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 10:14:22 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
last-modified: Fri, 15 Oct 2021 10:14:18 GMT
server: AmazonS3
age: 23454
etag: "21900f307f22135fe5dafa6a070e7222"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10981
x-amz-cf-id: rZshzWpACRH1-tDYibL8dI4A5WRnnNXuR0H0_VH3BqTtR1auLqMm4A==

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 46ms
35ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 396219
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14030
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 02:41:36 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844c8bb74e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
188 B 46ms
36ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 394689
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 03:07:05 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844c8bb64e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/sNTlqX0KMQU/ 20 KB
20 KB 72ms
21ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/sNTlqX0KMQU/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45509e50c859d0496a77e9a18fff42075135ef708c981c7e7cded1eea0408200

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19974
x-xss-protection: 0
server: sffe
etag: "1448993191"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 15 Oct 2021 18:45:15 GMT

GET
H2 200 tabs-bin-rev-20211014.js Show response
beforeitsnews.com/static/js-v3/ 148 B
578 B 36ms
36ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20211014.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/tabs-bin-rev-20211014.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 106397
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:10:33 GMT
server: cloudflare
etag: W/"61681029-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 69ea844c6b4a4e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:11:58 GMT

GET
H2 200 12098 Show response
calabeshes.xyz/easylist/ 203 KB
41 KB 228ms
157ms Script
text/javascript 2606:4700:3035::6815:4e23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://calabeshes.xyz/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4e23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c34cee0da05b75843de9f5e5d030ef80bd19b062e8a504a5269e510aea389ca5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4a64733c870abb35a8683564f891be5b01c52628"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUoiNQHq7B246XIw1Zrh0YTPilD2MjuSEYrJWyrBqLqQHuzlB0MK49lYj0qBJG34dGNADldxyQnGQMvtYeVj3M%2FSnMFgg8qNfqcS6DB6bxKbQgWcTZiX7Xmvot39uzvfERCTHKMQ4j7s%2FFFbqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 69ea844cfacf4a7f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 53ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

282ee1dc1110f5bf8192975d9489db5345e5d8f20e97cb1e0de7c4f7ec16c3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38549
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 16:12:36 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Oct 2021 16:45:15 GMT

GET
H2 200 jsDeferParsing-bin-rev-20211014.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
1 KB 37ms
37ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211014.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

135d33fda618989589e4d6f2d10fd7febe414dc38724db75a3c92710ccb9a1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/jsDeferParsing-bin-rev-20211014.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 106397
cf-polished: origSize=6188
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:10:31 GMT
server: cloudflare
etag: W/"61681027-182c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 69ea844c6b4c4e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:11:58 GMT

GET
H2 200 DN2ljmq1lJUOI91HMatC4Qo4fdo.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 32ms
28ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/DN2ljmq1lJUOI91HMatC4Qo4fdo.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /cdn-cgi/apps/body/DN2ljmq1lJUOI91HMatC4Qo4fdo.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2815838
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: MSMS6XT6HFAS2SRM
x-amz-id-2: DdIxAUr/6USuzdT+5PVX1fN+Ikx6+MO0MlPzwe3pqksXtgBdsm8Qm8WPvHjaOlY26ODca6CTx1w=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7a6e84d6417ab337f05fd7000f282762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: aBVNeaiVU3H7gys1mI2xPATDTQBfk7Cv
cf-ray: 69ea844c8ba14e80-FRA

GET
H2 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
282 B 42ms
38ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/v3/top-bg.png
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 396205
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 100
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 02:41:50 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 69ea844c8ba34e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 search.png
beforeitsnews.com/img/b4in/ 686 B
917 B 40ms
38ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/b4in/search.png
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1039302
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 686
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 03 Oct 2022 16:03:33 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 69ea844c8bb04e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v40/ 16 KB
17 KB 56ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb3ad1dc64d18b21f026e0b6c3bd3535da6c8f0e4fe3f63f60503508baef2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 11:16:38 GMT
x-content-type-options: nosniff
age: 451717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16364
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 10 Oct 2022 11:16:38 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v9/ 15 KB
15 KB 64ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 14:39:16 GMT
x-content-type-options: nosniff
age: 439559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15124
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:18:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Oct 2022 14:39:16 GMT

GET
H2 200 5qiozv.jpg
i.imgflip.com/ 73 KB
73 KB 74ms
37ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5qiozv.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1092c98d043e25085b48f8668b55723ac319c88df422e07e0aaaa5c53bb72377

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
cf-cache-status: HIT
age: 15307
cf-polished: origSize=74940
cf-ray: 69ea844d18094309-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 74406
x-amz-id-2: QZXSnMeWzf7bepx+6aOpAo9mBWHv8ZkNKd1P14OVSRKYK3/SuKsSgF5/ANLp3Fe0EbxNoVJwC3c=
last-modified: Fri, 15 Oct 2021 12:22:07 GMT
server: cloudflare
etag: "5d0a0c9aaf473474548376631a7386ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: F6V5D17DXSVT7JMG
access-control-allow-origin: *
expires: Mon, 13 Oct 2031 16:45:15 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 Z34xc.aG-v.jpg
sp.rmbl.ws/s8/6/Z/3/4/x/ 103 KB
103 KB 47ms
20ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/Z/3/4/x/Z34xc.aG-v.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 46c9b9ea4ae28dbd5effbfe582ed3e873262994e7cff82b627bd19a78d632843

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
last-modified: Wed, 13 Oct 2021 19:51:46 GMT
etag: "4c43a55a9cbce8d1e332524a6be772c5"
x-hw: 1634316315.cds002.fr8.hn,1634316315.cds011.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=80095
accept-ranges: bytes
content-length: 104997

GET
H2 200 5qe6a5.jpg
i.imgflip.com/ 71 KB
72 KB 98ms
61ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5qe6a5.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4848c1220210017fc059081ccafde7832d950e02ce946df7492dc78d9fbc204

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
cf-cache-status: HIT
age: 98097
cf-polished: origSize=73735
cf-ray: 69ea844d180c4309-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 73041
x-amz-id-2: yglL4j82QSHfUiY3hvdgT4vbY839jqoT/rIIhMMmY7h+ZOEBFtnKGYk8AuG/YDBOLYW0pskrZ4I=
last-modified: Thu, 14 Oct 2021 13:21:35 GMT
server: cloudflare
etag: "9a8cd17ee57318b08fc763f99f536d50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: VJXJCZF5QKRCTVQG
access-control-allow-origin: *
expires: Mon, 13 Oct 2031 16:45:15 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 D4tvJltIcGSP_640x360.jpg
static-3.bitchute.com/live/cover_images/Htw7sVXytG2m/ 57 KB
58 KB 97ms
38ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/Htw7sVXytG2m/D4tvJltIcGSP_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

ed8e36b2a5eaed65bd49b5340b1c8978daa11720ee8a3ce1b25da4b34ac770ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 10/14/2021 21:34:28
cdn-pullzone: 89010
content-length: 58814
x-amz-request-id: tx000000000000002c582cc-0061688644-8058b93-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Thu, 14 Oct 2021 19:08:30 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 3acf934f03157138eb855d6b915a9005
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Trump-babies-Cabal.png
i2.wp.com/operationdisclosureofficial.com/wp-content/uploads/2021/01/ 38 KB
39 KB 26ms
6ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/operationdisclosureofficial.com/wp-content/uploads/2021/01/Trump-babies-Cabal.png?w=640&ssl=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6c5472b311cc5cb731d6d9ded2dc1ef1143e97e79a444dd85e58cbb199f1fe62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 15 Oct 2021 16:45:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 16:06:15 GMT
server: nginx
etag: "faf3481fc6687853"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://operationdisclosureofficial.com/wp-content/uploads/2021/01/Trump-babies-Cabal.png>; rel="canonical"
content-length: 39300
expires: Sun, 26 Feb 2023 04:06:15 GMT

GET
H2 200 3Smyc.iR4e-small-Ep.-2601b-The-Script-Has-Be.jpg
sp.rmbl.ws/s8/1/3/S/m/y/ 151 KB
151 KB 76ms
49ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/3/S/m/y/3Smyc.iR4e-small-Ep.-2601b-The-Script-Has-Be.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 256a515cbe73f6c194b502c5497242f15ac6c33a81bfca7d433b8d738dd3fee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
last-modified: Thu, 14 Oct 2021 21:51:25 GMT
etag: "b512617a292868975cac92872e7f93d5"
x-hw: 1634316315.cds002.fr8.hn,1634316315.cds259.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=18526
accept-ranges: bytes
content-length: 154875

GET
H2 200 download%20(111)(1).jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 21 KB
21 KB 34ms
29ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/download%20(111)(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f597c64f4c462fe4371ff01b1b5f243c951ec28b6930490ec325b51ae9dde4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 16687
cf-polished: origSize=50994, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21658
last-modified: Fri, 15 Oct 2021 06:26:59 GMT
server: cloudflare
etag: "61691f33-c732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 15 Oct 2022 12:01:17 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844cdc2d4e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 EXTINCTION.jpg
jamesredpillsamerica.com/images/ 884 KB
886 KB 90ms
39ms Image
image/jpeg 2606:4700:3031::ac43:a025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/EXTINCTION.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56211ae71a980d896bf59af0a91407b3e29d93ec9567564798ebba5fd30f485f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161111
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 905667
last-modified: Wed, 13 Oct 2021 19:39:02 GMT
server: cloudflare
etag: "616735d6-dd1c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k733A9CEa8tr2RlxnWrjaRmm81XFHngAIoxO1mNLifcmzlQchrBydBGdL3wOUk%2Fk8eemrbCxS6l0TvL2BDma7hYQQt5UNp6LmGU8yzSkqaHNulZgHtod03cJrqQX70v74V5n5%2F4PGrjEo%2BL4qHEvSu8IlsMVIds%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844d3fed6945-FRA
expires: Thu, 13 Oct 2022 20:00:04 GMT

GET
H2 200 jhmxc.qR4e-small-QFS-IS-ALIVE-and-WELLFIAT-C.jpg
sp.rmbl.ws/s8/1/j/h/m/x/ 198 KB
198 KB 88ms
70ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/j/h/m/x/jhmxc.qR4e-small-QFS-IS-ALIVE-and-WELLFIAT-C.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 0713f728b0eaeb4f0cf215fdc5073cead7097d6e63ef3aecc78928333b3544f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
last-modified: Mon, 11 Oct 2021 13:49:09 GMT
etag: "d8d87be7bdbf8286451110411dfae671"
x-hw: 1634316315.cds002.fr8.hn,1634316315.cds264.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=76898
accept-ranges: bytes
content-length: 202914

GET
H2 200 download-3-1.jpg
thewashingtonstandard.com/wp-content/uploads/2021/10/ 23 KB
23 KB 122ms
37ms Image
image/jpeg 2606:4700:3036::ac43:d037
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thewashingtonstandard.com/wp-content/uploads/2021/10/download-3-1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d037 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 917a0412c2c8c49e2b54520422835b16700fa43a6cd7a389a726f95e2d5d41e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 150337
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23326
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Oct 2021 22:59:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxWKaOziOxtn%2B2OmG9G4Q1TaPu8PSLFtj8Y4mjC20YXTA20pkvXUnxpofcoJhwn5%2F2Qomo0M5fiXc5HShJrGZNeKSbkl%2B%2FumOgl2WDGpTth%2FrRYNsS07scJdcQzyf8IV6lOk5ApUTviMWGiNdRCedEygYxHSOriR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844d89382c36-FRA
expires: Thu, 13 Oct 2022 22:59:38 GMT

GET
H2 200 tsVwav56ubF6_640x360.jpg
static-3.bitchute.com/live/cover_images/1uDxpDogKMs9/ 47 KB
47 KB 71ms
47ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/1uDxpDogKMs9/tsVwav56ubF6_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

1dd0897e0986f727472c9a8bcc742f732d50ea87cf6d64b5c27a3eba659d1e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
cdn-edgestorageid: 752
x-amz-request-id: tx00000000000001705b25f-00616846fc-67e8a05-nyc3a
cdn-cachedat: 10/14/2021 17:04:28
cdn-pullzone: 89010
content-length: 47867
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Thu, 14 Oct 2021 14:57:23 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: f08b178d6ea99acdfe0f9d3cca061ebe
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Vekyc.qR4e-small-SITUATION-UPDATE-101421.jpg
sp.rmbl.ws/s8/1/V/e/k/y/ 105 KB
105 KB 193ms
190ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/V/e/k/y/Vekyc.qR4e-small-SITUATION-UPDATE-101421.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 2f07ceaa2c8d954c2f584188ae462a518760dfe25e3f6e0efc3d57df61cd3fd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
last-modified: Thu, 14 Oct 2021 18:55:01 GMT
etag: "5fb376002b00b630d8e261ef9bae66bb"
x-hw: 1634316315.cds002.fr8.hn,1634316315.cds150.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=9470
accept-ranges: bytes
content-length: 107634

GET
H2 200 /
external-content.duckduckgo.com/iu/ 27 KB
29 KB 109ms
36ms Image
image/jpeg 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Ftse4.mm.bing.net%2Fth%3Fid%3DOIF.jUKU%252foFu515agKNQCIrG4Q%26pid%3DApi&f=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

ef5584c07d408079dd7cfd529b0a9fa727380789bcc5efbf2283cd0c3937c4ad

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ https://duck.co ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ https://duck.co ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-duckduckgo-locale: de_DE
strict-transport-security: max-age=31536000
referrer-policy: origin
server: nginx
date: Fri, 15 Oct 2021 16:45:15 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1;mode=block
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ https://duck.co ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ https://duck.co ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
x-content-type-options: nosniff
expires: Sat, 15 Oct 2022 16:45:15 GMT

GET
H2 200 vZ7xc.4Wpjb.1.jpg
sp.rmbl.ws/s8/6/v/Z/7/x/ 67 KB
67 KB 260ms
258ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/v/Z/7/x/vZ7xc.4Wpjb.1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 3fb470af8e2e82f0cddd7f387665efbf51e03c13fbc66119c968735c7d555c20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
last-modified: Wed, 13 Oct 2021 23:32:33 GMT
etag: "7e37890738f52cf439e63aaf823d312b"
x-hw: 1634316315.cds002.fr8.hn,1634316315.cds013.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=30947
accept-ranges: bytes
content-length: 68388

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/bxkLFd5Jrlg/ 34 KB
35 KB 189ms
60ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/bxkLFd5Jrlg/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69542bfd55b09397c9eae1997a4dddb975024f8a74465647a63423f50090d9be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:43:43 GMT
x-content-type-options: nosniff
age: 92
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35106
x-xss-protection: 0
server: sffe
etag: "1634268494"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 15 Oct 2021 16:48:43 GMT

GET
H2 200 f236880bce91dc8857a014db8fe704d6.png
thewashingtonstandard.com/wp-content/uploads/2021/10/ 94 KB
95 KB 148ms
74ms Image
image/png 2606:4700:3036::ac43:d037
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thewashingtonstandard.com/wp-content/uploads/2021/10/f236880bce91dc8857a014db8fe704d6.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d037 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da3e40e104373e943d6fba921bc12cd96ca9bf8b735af66b08135b3809a6ce27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62741
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 96599
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Oct 2021 23:19:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2Bxi3B%2B85IQIwHWW2xRw924HgpgDh8Vro1G7DPLmLr6f4O6rLKKiGhjs5BHesiQkQLqdvHpFRzf2vHhK0pT05jGUHCcyvlLBPTbN5IjyoqIfzTajvkg7riqhLGAxpHSP6ocvWFnEa0CEC%2BPP7iohlPdCkGuwOBIZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844d89362c36-FRA
expires: Fri, 14 Oct 2022 23:19:34 GMT

GET
H2 200 2021_05_11-03_02-redvoicemedia-6099f3ad10f42.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 22 KB
22 KB 35ms
28ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/2021_05_11-03_02-redvoicemedia-6099f3ad10f42.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f810b28de9346b9574fca0b9a15f4acc101e7f20d6863fe3ff86f3badf1f1a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 329660
cf-polished: origSize=24183, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22836
last-modified: Wed, 25 Aug 2021 21:06:51 GMT
server: cloudflare
etag: "6126b0eb-5e77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 21:10:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844cec3e4e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 twitter.png
tapnewswire.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/ 3 KB
3 KB 842ms
376ms Image
image/png 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/twitter.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: 9e60a41d7cc3c8c642a61b4707f23017f99d4ed04a5a4c91682d7b3c1cdc76b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
last-modified: Fri, 27 Aug 2021 07:45:22 GMT
server: nginx
accept-ranges: bytes
etag: "ad4-5ca85aa77ea7b"
content-length: 2772
content-type: image/png

GET
H2 200 OIP%20(9)(12).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 18 KB
18 KB 43ms
36ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(9)(12).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a81122150ce75b5626fe2405a887dc54ba50546e7d07fed4626a5e94fe38deb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 85674
cf-polished: origSize=19264, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18326
last-modified: Thu, 14 Oct 2021 16:33:13 GMT
server: cloudflare
etag: "61685bc9-4b40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 14 Oct 2022 16:49:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844cec3f4e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 KXjeKc16gZO61W46nptWmd66_small.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 10 KB
10 KB 43ms
37ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/KXjeKc16gZO61W46nptWmd66_small.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a46105885c5a86da7684c935f2647f6dd95b168d24968484041c704525fbd31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 776633
cf-polished: origSize=10923, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10414
last-modified: Sat, 14 Aug 2021 16:47:10 GMT
server: cloudflare
etag: "6117f38e-2aab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 Oct 2022 17:01:22 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844cec404e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 D4hJ1x3C8BiT_640x360.jpg
static-3.bitchute.com/live/cover_images/zF2pCSj7AldT/ 32 KB
33 KB 69ms
47ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/zF2pCSj7AldT/D4hJ1x3C8BiT_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

6d860c52cf1f7e76357d3fb68fa89d85eb798c6a0979dc42b344b98d2814b2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 10/14/2021 05:45:23
cdn-pullzone: 89010
content-length: 33265
x-amz-request-id: tx000000000000002b8f4d1-006167a7d3-8089691-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Thu, 14 Oct 2021 03:31:59 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 6e639eac32497701c1df0d0dd8b64445
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 no-img.png
img.beforeitsnews.com/img/v3/ 1 KB
1 KB 60ms
54ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/no-img.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 392295
cf-polished: origFmt=png, origSize=1604
content-disposition: inline; filename="no-img.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1298
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-644"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 03:47:00 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844cec424e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 vocal.JPG
img.beforeitsnews.com/contributor/upload/819011/images/ 41 KB
42 KB 36ms
30ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/819011/images/vocal.JPG

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8ad4fb10bfe2f13ccb2ce071f7181463e1c0e360fa340e1028df60e96883aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 53975
cf-polished: origSize=45153, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42393
last-modified: Fri, 15 Oct 2021 01:34:40 GMT
server: cloudflare
etag: "6168dab0-b061"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 15 Oct 2022 01:40:20 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844cec434e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Pervywood.jpg
img.beforeitsnews.com/contributor/upload/724569/images/ 32 KB
33 KB 50ms
44ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/724569/images/Pervywood.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e79522da1bfba3d9e473e89c22acc561990785d6c5628f3ca41dc4e7dc05fcdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 15192833
cf-polished: origSize=37819, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32890
last-modified: Sat, 02 Jan 2021 14:59:50 GMT
server: cloudflare
etag: "5ff08a66-93bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 22 Apr 2022 20:31:22 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844cec444e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 mD0xc.qR4e-small-WARNING-ITS-NOT-EVEN-A-FEW-.jpg
sp.rmbl.ws/s8/1/m/D/0/x/ 151 KB
152 KB 258ms
258ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/m/D/0/x/mD0xc.qR4e-small-WARNING-ITS-NOT-EVEN-A-FEW-.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6fba3de368fd1cdbf65b5c4f74d49960a452db46e4b795f2da91fac813f1f050

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
last-modified: Wed, 13 Oct 2021 15:14:31 GMT
etag: "c9bee30df33d5b491e4e628c266dd57a"
x-hw: 1634316315.cds002.fr8.hn,1634316315.cds232.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=83008
accept-ranges: bytes
content-length: 155068

GET
H2 200 nqCSSlwhySg2_640x360.jpg
static-3.bitchute.com/live/cover_images/1uDxpDogKMs9/ 23 KB
23 KB 68ms
47ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/1uDxpDogKMs9/nqCSSlwhySg2_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

ebd92051af81a19e841e82770de8af0f54c1320388dfb6813ab31f075914e3fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 10/13/2021 05:24:43
cdn-pullzone: 89010
content-length: 23349
x-amz-request-id: tx000000000000002a1b4c0-006166517b-8058b93-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Wed, 13 Oct 2021 03:18:56 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: f9447073d59a350d3ec709a7af1d115d
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 34e13c11-9ce3-4d83-883a-deb6fffd4c79
photos.brighteon.com/thumbnail/ 28 KB
29 KB 296ms
67ms Image
image/jpeg 2600:9000:206f:9600:1:93c2:a1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.brighteon.com/thumbnail/34e13c11-9ce3-4d83-883a-deb6fffd4c79
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9600:1:93c2:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc2b47120e24c011dbc609d7415e213cb3614a16e9317f94d3b25e147be3d539

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:05:55 GMT
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
last-modified: Thu, 14 Oct 2021 15:06:27 GMT
server: AmazonS3
age: 88762
etag: "9798b87d09533acc84cf753da8bd5696"
x-cache: Hit from cloudfront
x-amz-meta-optimized: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 29013
x-amz-cf-id: H3gQYVVno6j795BX3nFJYrQ0LIcYab1gPuLuxtg1VmMmwzjl6_gJCA==

GET
H2 200 wOXtTS4djENX_640x360.jpg
static-3.bitchute.com/live/cover_images/okiFK5CwQrZS/ 38 KB
38 KB 214ms
214ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/okiFK5CwQrZS/wOXtTS4djENX_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

9882a7ebe8c6ae37a7b2d95cf7f4a37821176f576f8d3f99a37dc09d32923133

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 10/13/2021 23:28:47
cdn-pullzone: 89010
content-length: 38831
x-amz-request-id: tx000000000000002b098db-0061674f8f-82d236e-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Wed, 13 Oct 2021 21:15:12 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 7b0973c294619573e9136758320439bd
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 download.jpg
img.beforeitsnews.com/contributor/upload/819011/images/ 43 KB
44 KB 43ms
38ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/819011/images/download.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18bb1f2e95d4bca0f3e3d3c77d13db73cb3fe23bdbe7931dd58ca55270fabc1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 336203
cf-polished: origSize=47320, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44543
last-modified: Mon, 11 Oct 2021 19:05:02 GMT
server: cloudflare
etag: "61648ade-b8d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 19:21:52 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844cec464e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Charlotte-Holmes-Miracle-Woman-Heaven-250x144.png
www.conservativedailynews.com/wp-content/uploads/2021/10/ 18 KB
19 KB 320ms
157ms Image
image/png 2606:4700:3035::ac43:b7d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conservativedailynews.com/wp-content/uploads/2021/10/Charlotte-Holmes-Miracle-Woman-Heaven-250x144.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b7d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03c67ff4db87708e1a941689a6db2cdd968e59b3d7bd1c6e7a94148eb6105688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18516
last-modified: Fri, 15 Oct 2021 05:02:53 GMT
server: cloudflare
etag: "61690b7d-4854"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXD6NVDHBIAYSO9L4NgJbiP7YeN97DnKFDl%2Fa6NXfRIa1LbUXT2cDc0r7LNHfFaPn2CRA28I8tgy5rXQ3XkrUVw8%2F31lTalyRFe1cldmVOWYbXN%2F5jWk%2BjGwDKciV8P%2BCHpPnqETXeYOrDRXTAT9C4eWQUT1FGF69IGGkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69ea844eac7b5bf9-FRA
expires: Fri, 15 Oct 2021 15:30:39 GMT

GET
H2 200 OIP%20(8)(15).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 29 KB
29 KB 59ms
55ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(8)(15).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd3979106582f4ef0fa30069969aa045254e0956a1e89b90f09a97d902a48b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 86905
cf-polished: origSize=31018, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29402
last-modified: Thu, 14 Oct 2021 16:18:39 GMT
server: cloudflare
etag: "6168585f-792a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 14 Oct 2022 16:36:50 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844cec474e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 THE%20HIGHWIRE%20Episode%20237%20THE%20TURNING%20POINT.jpg
img.beforeitsnews.com/contributor/upload/10958/images/ 41 KB
41 KB 62ms
58ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/10958/images/THE%20HIGHWIRE%20Episode%20237%20THE%20TURNING%20POINT.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48385b4687bce7d8a8fcfee2c8ac1f90791fb90c07672cb851352269a7a0327a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29228
cf-polished: origSize=43932, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 41543
last-modified: Fri, 15 Oct 2021 07:49:55 GMT
server: cloudflare
etag: "616932a3-ab9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 15 Oct 2022 07:58:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844cec484e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 FuellmichJesperssonFWM-min-300x135.jpg
tapnewswire.com/wp-content/uploads/2021/10/ 11 KB
11 KB 590ms
227ms Image
image/jpeg 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/uploads/2021/10/FuellmichJesperssonFWM-min-300x135.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: 0c47254cfd694fea4b7d862d4b2faa0212440a592f164956b5104c49c3c61948

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
last-modified: Fri, 15 Oct 2021 09:55:00 GMT
server: nginx
accept-ranges: bytes
etag: "2bef-5ce61304be1c2"
content-length: 11247
content-type: image/jpeg

GET
H2 200 P5Mxc.qR4e-small-ANOTHER-CREATURE-FOUND-IN-J.jpg
sp.rmbl.ws/s8/1/P/5/M/x/ 85 KB
85 KB 303ms
302ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/P/5/M/x/P5Mxc.qR4e-small-ANOTHER-CREATURE-FOUND-IN-J.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 8a4c9c332d04b02b4487bf244a6e9d074e3ec336a24788981f04cc43fa348847

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
last-modified: Tue, 12 Oct 2021 21:06:21 GMT
etag: "eeb97495eae5239d3f6e0f3e82624dd1"
x-hw: 1634316315.cds002.fr8.hn,1634316315.cds250.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17149
accept-ranges: bytes
content-length: 86532

GET
H2 200 image-150.png
i0.wp.com/theexpose.uk/wp-content/uploads/2021/10/ 44 KB
44 KB 37ms
36ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/theexpose.uk/wp-content/uploads/2021/10/image-150.png?resize=639%2C129&ssl=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

72627ff2facf83bb7a03434a571d4741d9beba2085c3ccc2c1492120e84d33f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 15 Oct 2021 16:45:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Oct 2021 05:55:40 GMT
server: nginx
etag: "06cef1fea9ca7dce"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://theexpose.uk/wp-content/uploads/2021/10/image-150.png>; rel="canonical"
content-length: 44740
expires: Sun, 15 Oct 2023 17:55:40 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/HNS4K8c5PLo/ 34 KB
35 KB 149ms
144ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/HNS4K8c5PLo/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

826e2d5dea755940eb6e891ecb1ed092850fbde074bb7b2a846e4a1b9efd4815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35254
x-xss-protection: 0
server: sffe
etag: "1634307307"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 15 Oct 2021 16:50:15 GMT

GET
H2 200 Death-Holocaust-Vaccine-Syringe.jpg
www.naturalnews.com/wp-content/uploads/sites/91/2019/07/ 379 KB
380 KB 258ms
76ms Image
image/jpeg 2606:4700::6810:8746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.naturalnews.com/wp-content/uploads/sites/91/2019/07/Death-Holocaust-Vaccine-Syringe.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 36ab78759192db0f5350163eaf3750527a967d7b7137483b29fa3c5436ad86a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
cf-cache-status: HIT
age: 11
x-powered-by: ASP.NET
last-modified: Sat, 13 Mar 2021 07:47:24 GMT
content-length: 388317
cf-bgj: h2pri
server: cloudflare
etag: "b68a761bdd17d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 69ea844f1c7c4ec7-FRA
expires: Fri, 15 Oct 2021 16:46:16 GMT

GET
H2 200 5qiss7.jpg
i.imgflip.com/ 110 KB
110 KB 71ms
66ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5qiss7.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43ba6b0c9d4df0d0475b0edbd8b682f597e0d475545725297ff316d55f8c58f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
cf-cache-status: HIT
age: 13992
cf-polished: origSize=113180
cf-ray: 69ea844e0a1b4309-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 112155
x-amz-id-2: HPDlW4K7NWBdEWZQA+I7Js3M/+0C8oHXBNJNcGGsTO9KfZyAinz+nMbXGB1WDkT3l/U+RErDf2s=
last-modified: Fri, 15 Oct 2021 12:47:00 GMT
server: cloudflare
etag: "61a915280eecd16a8978a34b34ca1d7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: MZSC87EA89F1JQM1
access-control-allow-origin: *
expires: Mon, 13 Oct 2031 16:45:15 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 /
external-content.duckduckgo.com/iu/ 26 KB
28 KB 70ms
65ms Image
image/jpeg 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Ftse3.mm.bing.net%2Fth%3Fid%3DOIF.qI6v5xEFrGEgrEfxMazUnw%26pid%3DApi&f=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

e037e67fb84b34c21f02f7daba5f42421ddba2a6d83ca5aeeccad53c6d795aef

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ https://duck.co ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ https://duck.co ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-duckduckgo-locale: de_DE
strict-transport-security: max-age=31536000
referrer-policy: origin
server: nginx
date: Fri, 15 Oct 2021 16:45:15 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1;mode=block
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ https://duck.co ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ https://duck.co ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
x-content-type-options: nosniff
expires: Sat, 15 Oct 2022 16:45:15 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/dUWByt813fA/ 14 KB
14 KB 94ms
89ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/dUWByt813fA/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

812bba97a1dc7c3bdc6fa391f382114a3a9dadb182505ee8b9013b4218011c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:28:45 GMT
x-content-type-options: nosniff
age: 990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14009
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 15 Oct 2021 18:28:45 GMT

GET
H2 200 0-960x645.png
amg-news.com/wp-content/uploads/2021/07/ 902 KB
903 KB 396ms
135ms Image
image/png 89.40.36.137
SPACE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2021/07/0-960x645.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.40.36.137 , Romania, ASN50939 (SPACE-AS, RO),
Reverse DNS: amg-news.com
Software: LiteSpeed /
Resource Hash: f454dd190dcfdeb36b600bd4ad9e5cdf8773bae3d04312c745f46e53062926ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
last-modified: Sun, 11 Jul 2021 11:46:41 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 924048
expires: Fri, 22 Oct 2021 16:45:16 GMT

GET
H2 200 image0-3-696x454.jpeg
secureservercdn.net/198.12.144.78/ogs.08d.myftpupload.com/wp-content/uploads/2021/10/ 37 KB
37 KB 259ms
65ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/198.12.144.78/ogs.08d.myftpupload.com/wp-content/uploads/2021/10/image0-3-696x454.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

29ebf8694ee72ff4d6a97c8a69c040c8702192089df78d20bb19fff7289d2d8f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 213
x-cache: cached
x-sucuri-cache: HIT
content-length: 37480
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Oct 2021 15:14:27 GMT
server: nginx
date: Fri, 15 Oct 2021 16:45:15 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19016
etag: "9268-5ce3d6b0caa22"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5ppidk.jpg
i.imgflip.com/ 113 KB
114 KB 165ms
163ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5ppidk.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e01f6f5f154a03959c0a29473510453dcd9960bb64419235c40722ad1290a479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
cf-cache-status: HIT
age: 619748
cf-polished: origSize=116608
cf-ray: 69ea844e0a1f4309-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 115866
x-amz-id-2: xLc87K3xyExnJsw4/U7WRHNdO7Z7DJj2fU1ET/Oa2eNofFDwEiG20pufdD21aaQxA/6m4ZDCSAI=
last-modified: Fri, 08 Oct 2021 12:29:07 GMT
server: cloudflare
etag: "3f3383fad5aa6fc2de4e6d36fd6a4ccc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: D42KRK9KDNEN458H
access-control-allow-origin: *
expires: Mon, 13 Oct 2031 16:45:15 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 cropped-David-Dees-cover.jpg
img.beforeitsnews.com/contributor/upload/819011/images/ 70 KB
71 KB 51ms
46ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/819011/images/cropped-David-Dees-cover.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f9a86bdccc391efd2b573328013ea9bdfe182d2e123e8f8049bb7c1c681b5f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 131827
cf-polished: origSize=75700, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 72033
last-modified: Thu, 14 Oct 2021 03:48:49 GMT
server: cloudflare
etag: "6167a8a1-127b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 14 Oct 2022 04:08:08 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844cec4a4e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 5qaoqh.jpg
i.imgflip.com/ 52 KB
52 KB 217ms
215ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5qaoqh.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ea7ee33d1938b358fc2ced12d721cdc70e312357326095ed37afbd4f3a37a18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
cf-cache-status: HIT
age: 168010
cf-polished: origSize=53470
cf-ray: 69ea844e0a234309-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 53201
x-amz-id-2: cZnh0O67GawjnAcKDeG6BA9CfqEWStA3gvvrKZVYIbZlCUoxNw2Ug2xiRWaIL6yJSKaYLPLj+H8=
last-modified: Wed, 13 Oct 2021 17:57:56 GMT
server: cloudflare
etag: "f9334dee63bd689f66e7f23409e0fb65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: YBS3J2WGGW2K8QEY
access-control-allow-origin: *
expires: Mon, 13 Oct 2031 16:45:15 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 5pbyjg.jpg
i.imgflip.com/ 72 KB
72 KB 172ms
170ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5pbyjg.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a2e010259dfd57a0a1425478fd2227881750a537da2338e7dbd69b002b4232c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
cf-cache-status: HIT
age: 876251
cf-polished: origSize=73704
cf-ray: 69ea844e0a264309-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 73333
x-amz-id-2: 1kBaBoMr7hCKGl5sJELt8UGIO8cFzBM1AeyQO3f8yxHJbJf45Sw/HH+MM/m+BYGPfNNosfRyjQ4=
last-modified: Tue, 05 Oct 2021 13:17:28 GMT
server: cloudflare
etag: "fb6bb65dca40e8509b128af745b95248"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: VR6WQ5ABDZ744AF1
access-control-allow-origin: *
expires: Mon, 13 Oct 2031 16:45:15 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 Russian-Gas-UK-150x150.jpg
21stcenturywire.com/wp-content/uploads/2021/10/ 12 KB
12 KB 254ms
77ms Image
image/jpeg 104.26.11.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2021/10/Russian-Gas-UK-150x150.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18eccfbae9f4260c067005bcc6a030b5d2f8b33b825bd8f63b53c7723d4c09fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4216
cf-polished: origSize=22810
content-length: 11817
last-modified: Fri, 15 Oct 2021 15:29:47 GMT
server: cloudflare
etag: "61699e6b-591a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFHFN0hPDj0xn9mhnCjunIgnfzouH5aYtvHtJQc4bkDqSYAPu37kqtyfkc6900XT6DJREvpzk8097AjiSvz8IzyWWpZEXtjv%2BTUgnb8lXVmwh2M1TunAx1tHfJFiFv3gWuvEu1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69ea844f18845bf1-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 VaExc.qR4e-small-SITUATION-UPDATE-101221.jpg
sp.rmbl.ws/s8/1/V/a/E/x/ 138 KB
138 KB 389ms
388ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/V/a/E/x/VaExc.qR4e-small-SITUATION-UPDATE-101221.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66306de6b327cbfa2b8bd1494b6d06ba6e97f6bfbb5e7e2d860741b3e4fae089

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
last-modified: Tue, 12 Oct 2021 12:19:12 GMT
etag: "5d751dcd6635fea320b3f0647356e375"
x-hw: 1634316315.cds002.fr8.hn,1634316315.cds102.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=74568
accept-ranges: bytes
content-length: 140869

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 29ms
27ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/v3/culturebg.jpg
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 106032
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15334
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 14 Oct 2022 11:18:03 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 69ea844d4cd04e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame 0550 2 KB
1 KB 250ms
58ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202191516
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3a7060843b2adf1775e4e6345f0c0089037746f2643934a7ca11f1e8987e735

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 2460
last-modified: Wed, 08 Sep 2021 08:07:03 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: KAW76HQF0V29YJ58
x-amz-id-2: ZUXjrfhRCidguReADAtSNCxNByUhW28ljPAvG5qgN5XMDVvMx76XDD1h6xrms4GJIveGIIFUEJg=
cf-bgj: minify
server: cloudflare
etag: W/"f075fd5795e71a23dc54ed3fd9ce7745"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 69ea844f7a1a0621-FRA
expires: Fri, 15 Oct 2021 19:45:16 GMT

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame 960E 2 KB
1 KB 127ms
49ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202191516
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44048535de81b7a3309d0fdffe816de5fbd19d82629956d9fb2a70f051261a4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 2460
last-modified: Wed, 08 Sep 2021 05:45:40 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XEK2SK54MQ2J60X6
x-amz-id-2: O4ASwyzi3/JhC8znfjSIwtZkKBAZIxW7TnYkJDtmr0SZhXDP2V4AbKMbwsaBFJeyto2QgTDRCXM=
cf-bgj: minify
server: cloudflare
etag: W/"41011185499ef3cdbc478e8a78e1b8cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 69ea844f7a1b0621-FRA
expires: Fri, 15 Oct 2021 19:45:16 GMT

GET
H2 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
42 KB 55ms
55ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/banner/BIN_Join_Telegram_bg-min.jpg
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1857256
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43060
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 24 Sep 2022 04:50:58 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 69ea844d7d0e4e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame FEFC 18 KB
7 KB 252ms
112ms Document
text/html 13.35.253.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-111.fra6.r.cloudfront.net

Software

tv /

Resource Hash

2cf371cde7e8ad64956ae9eede9f0f8f8a1b35081f2a80308a5d46c8274184bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' blob: https://.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://.doubleclick.net/ https://.googleadservices.com/ https://adservice.google.com/ https://.googlesyndication.com/ https://.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://.paypal.com/ https://platform.twitter.com 'nonce-TJRW3x1El077Kn04bz4r/A=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; report-uri /csp-report/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: s.tradingview.com
:scheme: https
:path: /embed-widget/ticker-tape/?locale=en
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
date: Fri, 15 Oct 2021 16:44:51 GMT
expires: Fri, 15 Oct 2021 16:46:51 GMT
cache-control: max-age=120
content-security-policy: script-src 'self' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://*.paypal.com/ https://platform.twitter.com 'nonce-TJRW3x1El077Kn04bz4r/A=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; report-uri /csp-report/
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Cookie
x-cache: Hit from cloudfront
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: PjC9-DgJo-_ILY4TB1YgPSpHTWwHy92S9U0cCVufA5ifzY72qKaJng==
age: 24

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 200ms
80ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7441859e3bafa78b2f9350a25a47810628081b87b77db99c1c68419b9af48289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50992
x-xss-protection: 0
server: cafe
etag: 12511592129125918510
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Oct 2021 16:45:16 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
634 B 227ms
68ms Script
application/javascript 2606:4700:3035::6815:40f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:40f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39628
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9
last-modified: Fri, 15 Oct 2021 05:44:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SW6wtLO9lezM87Ndb6cwSsWZWVfHbdPV46zMScGY3nKvEj23COcYF5xa9xjlU9Trnr8HzZg%2B1tG4mDEirXaUVW%2BI5IB2wtufOP5ioPVqqHQsTcW2iESWTAGBeWYRDLAxvpILlpl80P9U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 69ea84509c5a4edf-FRA

GET
H2 200 adcode.png
rddywd.com/ 43 B
664 B 199ms
53ms Image
image/gif 2606:4700:3035::6815:40f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:40f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31050
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63f3lqeSM%2BhptGKbunGohTPw6B0u8wsc1WQP0A6%2Bf7lPBg6BDCtPrfwUMclqb1ILXGwQVGD56sFSRFIEJPiaWv2cXfDGL62VNbY2%2Fahd%2FKxapMVzbyUEHZwu3YeZwDAc5ty0meqv3%2FJR"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 69ea84509b762bc6-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
199 B 307ms
41ms Image
text/plain 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 72ms
70ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/v3/logo-bottom.jpg
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:15 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 396205
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2250
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 02:41:50 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 69ea844ddd8f4e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
597 B 844ms
591ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7455224aba593f4a964f9da3d83e14553fa4b2c85d124b10eaf6c677d5194596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 69ea844faff505d0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16

GET
H2 200 Graphene-Oxide-Detox-Protocols-For-The-Vaxxed-Unvaxxed-FI-08-26-21-min-300x135.jpg
tapnewswire.com/wp-content/uploads/2021/08/ 15 KB
15 KB 396ms
375ms Image
image/jpeg 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/uploads/2021/08/Graphene-Oxide-Detox-Protocols-For-The-Vaxxed-Unvaxxed-FI-08-26-21-min-300x135.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: cb158292c1e00f2a542a6db98b2fb425da7c68dfbc924d68ac09681b93a2e272

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
last-modified: Thu, 26 Aug 2021 13:20:57 GMT
server: nginx
accept-ranges: bytes
etag: "3a8a-5ca763cc2666c"
content-length: 14986
content-type: image/jpeg

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 394ms
45ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 7099
date: Fri, 15 Oct 2021 14:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 15 Oct 2021 16:46:57 GMT

GET
H2 200 en.fb33ec5aa4249891.js Show response
s.tradingview.com/static/localization/translations/ Frame FEFC 442 KB
70 KB 56ms
55ms Script
application/javascript 13.35.253.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/localization/translations/en.fb33ec5aa4249891.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-111.fra6.r.cloudfront.net

Software

tv /

Resource Hash

693fa6655498a104846c9de10867aaed0b9d4104c7e24ae3f1b3e6bb2363ee97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 10:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109750
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 14 Oct 2021 08:46:14 GMT
server: tv
etag: W/"6167ee56-1150e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Ig2QqnTAQeKFCvGmgMZ_uObRtA__AP17XFh1rN2L929pC88vmWgfhw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.47b64963c56ee87b2d6e.js Show response
s.tradingview.com/static/bundles/embed/ Frame FEFC 59 KB
22 KB 165ms
164ms Script
application/javascript 13.35.253.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/runtime.47b64963c56ee87b2d6e.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-111.fra6.r.cloudfront.net

Software

tv /

Resource Hash

7b0d48c3f2fe64b36b8e693a9e3784d0e3756efd6d621690f502fcdc3a0b561f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 10:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23411
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 15 Oct 2021 08:39:30 GMT
server: tv
etag: W/"61693e42-540e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: cxMAxEOdp4xaSlRcLLiSikhcqoxIQF1W-GJ9hc8Q_lRorTtNoufzww==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors_embed.32e86cc59cd44e12e10e.js Show response
s.tradingview.com/static/bundles/embed/ Frame FEFC 144 KB
47 KB 53ms
52ms Script
application/javascript 13.35.253.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/vendors_embed.32e86cc59cd44e12e10e.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-111.fra6.r.cloudfront.net

Software

tv /

Resource Hash

6cab9f44156fa2f5bd5a49775f40ea75d5b4d917c713a341267d48cbed0b725e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 10:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23411
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 15 Oct 2021 08:39:31 GMT
server: tv
etag: W/"61693e43-baf6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: qY1BUfQjPiWpXgsCD7plDmY7f9Uv4S0Xgy6-P19-cPkDiZkvsF1sbQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.5d8cdddea175c576f1ba.js Show response
s.tradingview.com/static/bundles/embed/ Frame FEFC 283 KB
82 KB 95ms
95ms Script
application/javascript 13.35.253.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.5d8cdddea175c576f1ba.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-111.fra6.r.cloudfront.net

Software

tv /

Resource Hash

98ec49e2ded344c2dfaea627532d40cb6b3bb86c40aed39117abebf51538c93d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 10:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23408
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 15 Oct 2021 08:39:31 GMT
server: tv
etag: W/"61693e43-14514"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: xUFjVMPFAOURc7vWoP9pvB-gaVwiQX-fjQG33JpiDN8z2guhMhCfKw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css_embed_normalize.5decea81a5d9f250c172.css
s.tradingview.com/static/bundles/embed/ Frame FEFC 1 KB
1 KB 171ms
170ms Stylesheet
text/css 13.35.253.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/css_embed_normalize.5decea81a5d9f250c172.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-111.fra6.r.cloudfront.net

Software

tv /

Resource Hash

61272354c450141b08dfb8d1bf7cb6d67e8e4236f605074ccc86c89749f7249a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 10:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7970290
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 15 Jul 2021 10:05:38 GMT
server: tv
etag: W/"60f00872-2be"
vary: Accept-Encoding
content-type: text/css
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 1bDC553HIrJJMoF4p-iGehIIE7QKQlZmRJO50OOeD9KwpbiW12eE8w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.1aadc88a7bafa11f9887.css
s.tradingview.com/static/bundles/embed/ Frame FEFC 26 KB
4 KB 183ms
183ms Stylesheet
text/css 13.35.253.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.1aadc88a7bafa11f9887.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-111.fra6.r.cloudfront.net

Software

tv /

Resource Hash

6e5885cb048ca400e25c37ab41913ba7a288c31c5bf571e19b40e4366e17cd9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 11:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1313590
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 30 Sep 2021 10:26:40 GMT
server: tv
etag: W/"615590e0-f7f"
vary: Accept-Encoding
content-type: text/css
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: ynGtsgRbFpnr9b3uVTMKEu6ki6m4N0i9AS1KUaqovMTvDT5C0iEknA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 beforeitsnews.com.351459.es6.js Show response
jsc.mgid.com/b/e/ Frame 960E 232 KB
65 KB 129ms
62ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202191516
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a57fbcd5222f2ad85bff6adbea147fd03df4ca1759e34ae437e29051c43dd5cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 2416
last-modified: Wed, 08 Sep 2021 05:45:40 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 4HNERPQV96VMEPZR
x-amz-id-2: IrRfMA+jjp4DyxVzyLfqOCyq7rOh1mjvBmTV7RGowjDiPXgMrSdyWcJY1+v7Co7+QOyffdscTKQ=
cf-bgj: minify
server: cloudflare
etag: W/"f01ecd0e15f33a32665361e67f28b5e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 69ea84506bbb1f25-FRA
expires: Fri, 15 Oct 2021 19:45:16 GMT

GET
H3 200 beforeitsnews.com.720412.es6.js Show response
jsc.mgid.com/b/e/ Frame 0550 232 KB
65 KB 173ms
108ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202191516
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b45da36302b1875d7e6dd6a31f010b0b06fc6c1b6ba2fbf4d756f18dcddf3e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 2410
last-modified: Wed, 08 Sep 2021 08:07:03 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XX9SABXSAQA7VCBW
x-amz-id-2: Yhyw4nCX0BAa6AR8c35tudjxD+rFwmNukIPKMTCAntIAreXb5bokjZ1z5XEDeVm2XS4/vli9NOk=
cf-bgj: minify
server: cloudflare
etag: W/"bde038cd1d915872cf6ebb4f4f831aa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 69ea84506bbd1f25-FRA
expires: Fri, 15 Oct 2021 19:45:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/ Frame C5CE 10 KB
5 KB 141ms
56ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211013/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 14 Oct 2021 21:27:24 GMT
expires: Thu, 28 Oct 2021 21:27:24 GMT
content-type: text/html; charset=UTF-8
etag: 9069739545958607985
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4691
x-xss-protection: 0
age: 69472
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame FEFC 95 KB
38 KB 319ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.5d8cdddea175c576f1ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4720928be8c0b0ceb6c5c395a9a5e3074229df1b56f874347732561abf40586f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38545
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 16:12:36 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Oct 2021 16:45:16 GMT

GET
H2 200 305.ec7ca0f804a63d865c10.css
s.tradingview.com/static/bundles/embed/ Frame FEFC 801 B
759 B 43ms
43ms Stylesheet
text/css 13.35.253.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/305.ec7ca0f804a63d865c10.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.47b64963c56ee87b2d6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-111.fra6.r.cloudfront.net

Software

tv /

Resource Hash

76844492baae9acad7de5a10b830bc7a22e97852a4a4859866104e84cf973b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 10:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109749
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 14 Oct 2021 08:46:20 GMT
server: tv
etag: W/"6167ee5c-104"
vary: Accept-Encoding
content-type: text/css
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: w0W644nk1AhtuuM3ukXE_ZqXVsDZqiVuLnKsOqWMii_6NCJ9jEDxpw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tradingview-copyright-data-impl.bc2a1d12352656925c8a.js Show response
s.tradingview.com/static/bundles/embed/ Frame FEFC 4 KB
3 KB 47ms
46ms Script
application/javascript 13.35.253.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.bc2a1d12352656925c8a.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.47b64963c56ee87b2d6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-111.fra6.r.cloudfront.net

Software

tv /

Resource Hash

6f4c7baf55e7c028d298c83e4a92e38dd451d5c025ed77ddc4703f4e0fb66253

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 11:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4253589
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 27 Aug 2021 09:21:05 GMT
server: tv
etag: W/"6128ae81-8cc"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: o9dZUKwlEX_Pv8wj4qiWsot9g2WvwIfziVkv-ExbqOFbBrTLO4KKpQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 15ms
15ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1437989026&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=604147867&gjid=1282070907&cid=815576447.1634316317&tid=UA-16055024-1&_gid=872783037.1634316317&_r=1&gtm=2ouad0&z=1919929596

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame FEFC 3 KB
790 B 54ms
13ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:26:02 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
server: AmazonS3
age: 1154
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
x-amz-cf-id: rgJGtph-0-_WScVduPuJg10Wn1k3HaSGxXZe_TS71m-pzMCVEkqGXw==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame FEFC 870 B
1 KB 55ms
14ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:26 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
server: AmazonS3
age: 2404
etag: "e9173ef4613c3da43c45885ea39c4b96"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
content-length: 870
x-amz-cf-id: buLwBHE2VYTV-3nK0hU9G28LS8Foy71feZq9Okr84Po4XIZN766pWg==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame FEFC 801 B
1 KB 54ms
13ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:47:47 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:03:52 GMT
server: AmazonS3
age: 3462
etag: "107060b925841745f310697bd9f1f83d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
content-length: 801
x-amz-cf-id: d1T8rJusRvs1TUN44EcMf-snSw2UURpgNHbJsr7fa4IcBmOSfP6tCw==

GET
H2 200 apple.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 1 KB
1 KB 55ms
15ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/apple.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:47:25 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
server: AmazonS3
age: 3471
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
x-amz-cf-id: C65Ywd6MungGNrYFhXhQM3w393yCewh3cXq1zScxw-hqPpw4YSstUQ==

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame FEFC 523 B
911 B 54ms
14ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:21:16 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:05:18 GMT
server: AmazonS3
age: 1443
etag: "4542d4ecd73f04c73affa787a4522596"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
content-length: 523
x-amz-cf-id: 992hcb5RAh8nZp8gVi7ybskE84EtcP1Vfkd7y-W28tyXEVUKflnQww==

GET
H2 200 facebook.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 225 B
613 B 55ms
15ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/facebook.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f785ad56ccd948b3be8bc3fc810e51ccd0cbb9f4da47100300b25797e9ffb8ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:33:24 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:20 GMT
server: AmazonS3
age: 714
etag: "0c6d458a2d9ece244f3676100a74b59f"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 0c6d458a2d9ece244f3676100a74b59f
content-length: 225
x-amz-cf-id: -A7tU4ZIDqgTMP3i06PAuM8imVMsg7p5S_qG4eOZN8uZYG6zjU3E4g==

GET
H2 200 alphabet.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 761 B
1 KB 19ms
15ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/alphabet.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:00:20 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:55:20 GMT
server: AmazonS3
age: 2884
etag: "d721ee9258a9e765f67ec5dfb05d72f2"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: d721ee9258a9e765f67ec5dfb05d72f2
content-length: 761
x-amz-cf-id: s2txEBPUa3FybgaR-Ga6Cn2oRxTViUB6fNm8WLYfJ-VMQ7R1edHcjw==

GET
H2 200 berkshire-hathaway.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 1 KB
1 KB 22ms
18ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/berkshire-hathaway.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:39:21 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:25 GMT
server: AmazonS3
age: 444
etag: W/"7c18bc7ae368cb48e47ba8066bb6f18d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 7c18bc7ae368cb48e47ba8066bb6f18d
x-amz-cf-id: LN1x5WyCrdmuJONndPuxaLyjLMu9_5q0Nb54ura3I0h00hp_-ChaSw==

GET
H2 200 twitter.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 635 B
1 KB 22ms
19ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/twitter.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:36:06 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:54:59 GMT
server: AmazonS3
age: 623
etag: "4c66a5172a9c77ab75e140f5079218ec"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 4c66a5172a9c77ab75e140f5079218ec
content-length: 635
x-amz-cf-id: kO9cENOLSMIYAlVBTH5c0PUz68-ZPuNH3Wso6RMwsNrpGKLCm5lljg==

GET
H2 200 microsoft.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 304 B
699 B 23ms
19ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/microsoft.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:28:49 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
server: AmazonS3
age: 1012
etag: "074d127e2f9fd8c2e79c01a5f002979c"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
content-length: 304
x-amz-cf-id: v8LpL2H8K_rqR2l--nO-z32w3wT2KFFoFa0aMldodpn8ZpdqWyEffQ==

GET
H2 200 united-parcel.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 1 KB
1 KB 25ms
21ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/united-parcel.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:11:33 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:56:05 GMT
server: AmazonS3
age: 2048
etag: W/"ffadcdfb231eca2a6bddb9ca0efde5be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: ffadcdfb231eca2a6bddb9ca0efde5be
x-amz-cf-id: 56n0cQLCfeAQruBrAbfsJv_2ohThq8etqdDxOd4CctD178doOYi9Ng==

GET
H2 200 crispr-therapeutics-ag.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 1 KB
1 KB 23ms
19ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crispr-therapeutics-ag.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:43:09 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:34:28 GMT
server: AmazonS3
age: 152
etag: W/"16a44c1a6154b68c7aa2fa206e59c817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 16a44c1a6154b68c7aa2fa206e59c817
x-amz-cf-id: wCzqQtOkvxw7x6anysNsD5FoFb7SfYWo7YT4ovSQaIvAXiIG7mq36A==

GET
H2 200 amazon.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 1 KB
1 KB 19ms
16ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/amazon.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:09:47 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:49 GMT
server: AmazonS3
age: 2266
etag: W/"839d24db4574bb8543cec9624d3e1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
x-amz-cf-id: Zp55myaCsX84FEGvpx1P-_O8kEs-iFw-a1sVuDowpfhgkjbqbT1yPA==

GET
H2 200 dillards.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 522 B
920 B 23ms
19ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/dillards.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:29:29 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:49 GMT
server: AmazonS3
age: 975
etag: "fe0a346dd65be84d3e810b04e0ec4c77"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: fe0a346dd65be84d3e810b04e0ec4c77
content-length: 522
x-amz-cf-id: pZqEp0HuKEy9jWh8g1MkY-YRaTL_x1U7A6JK8pJM4IBWV4FV9GUWLg==

GET
H2 200 tesla.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 508 B
898 B 14ms
11ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/tesla.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:55:32 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:16 GMT
server: AmazonS3
age: 3018
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
content-length: 508
x-amz-cf-id: iAn-WyRlWVTlSQIvpaygJFfvkvfWC3AJKnGC7PCuPnksXlNyq7UmUg==

GET
H2 200 paypal.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 1 KB
1 KB 25ms
21ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/paypal.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:24:28 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:02:09 GMT
server: AmazonS3
age: 1400
etag: W/"65eea60fcee5ecdfdbb1acd1ba7cc66b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 65eea60fcee5ecdfdbb1acd1ba7cc66b
x-amz-cf-id: gAaFnfgp2RGbstxp8DWdLOicVuYYFtSNus0h9GAsn6wsSc1L0wo_ig==

GET
H2 200 gamestop.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 1 KB
1 KB 23ms
19ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/gamestop.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:13 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 07:36:30 GMT
server: AmazonS3
age: 2446
etag: W/"bbf56edc1acae4673f8e03ab9e3e2290"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: bbf56edc1acae4673f8e03ab9e3e2290
x-amz-cf-id: yAWHNydR3t-qVjNQiHs-zZqKQIIFS1-GeVsMV6q3NrVAy1eCRViBkw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
414 B 48ms
15ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-16055024-1&cid=815576447.1634316317&jid=604147867&gjid=1282070907&_gid=872783037.1634316317&_u=YEBAAUAAAAAAAC~&z=164334787

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 15 Oct 2021 16:45:16 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fedex.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 182 B
580 B 23ms
19ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/fedex.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:18:32 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:21 GMT
server: AmazonS3
age: 1805
etag: "a4fcbd383e2f657b6528f4aa95844de5"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: a4fcbd383e2f657b6528f4aa95844de5
content-length: 182
x-amz-cf-id: Vb4hT2iOxpOUbbJroNiM9I4a7LY4IJE6Y0QAZOk4-YuSK1CDwGmWyQ==

GET
H2 200 ebay.svg
s3-symbol-logo.tradingview.com/ Frame FEFC 1 KB
1 KB 24ms
21ms Image
image/svg+xml 2600:9000:2057:2600:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/ebay.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:29:31 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:07 GMT
server: AmazonS3
age: 946
etag: W/"10fc27643c8debeb225d244f546f3641"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 10fc27643c8debeb225d244f546f3641
x-amz-cf-id: xBmdbV1pRoGEDqevOYtHi3L74SXry1SQ-LISlOzGVcVy7SirEtGyXQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 57ms
31ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-16055024-1&cid=815576447.1634316317&jid=604147867&_u=YEBAAUAAAAAAAC~&z=812795115

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 57ms
31ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-16055024-1&cid=815576447.1634316317&jid=604147867&_u=YEBAAUAAAAAAAC~&z=812795115

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jsDynamic-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 5 KB
2 KB 55ms
54ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211014.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bee09fc277d6ccee88223868eb868bb9fd9166e2d6163df385ddc4c07628bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/jsDynamic-bin-rev-202108091.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H; b4in-uuid=15d04827-f336-4c94-b6ae-aaf7f86d9dcf; _ga=GA1.2.815576447.1634316317; _gid=GA1.2.872783037.1634316317; _gat_gtag_UA_16055024_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 511540
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 08 Aug 2021 18:37:09 GMT
server: cloudflare
etag: W/"61102455-155d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 69ea8453ff504e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 16 Oct 2021 18:39:36 GMT

GET
H2 200 responsive-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
804 B 55ms
54ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211014.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/responsive-bin-rev-202108091.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H; b4in-uuid=15d04827-f336-4c94-b6ae-aaf7f86d9dcf; _ga=GA1.2.815576447.1634316317; _gid=GA1.2.872783037.1634316317; _gat_gtag_UA_16055024_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 511540
cf-polished: origSize=1728
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 08 Aug 2021 18:37:09 GMT
server: cloudflare
etag: W/"61102455-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 69ea8453ff524e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 16 Oct 2021 18:39:36 GMT

GET
H2 200 validate-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 56ms
55ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211014.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/validate-bin-rev-202108091.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H; b4in-uuid=15d04827-f336-4c94-b6ae-aaf7f86d9dcf; _ga=GA1.2.815576447.1634316317; _gid=GA1.2.872783037.1634316317; _gat_gtag_UA_16055024_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 511540
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 08 Aug 2021 18:37:11 GMT
server: cloudflare
etag: W/"61102457-19fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 69ea8453ff534e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 16 Oct 2021 18:39:36 GMT

GET
H2 200 loadmore-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
2 KB 57ms
56ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211014.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/loadmore-bin-rev-202108091.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H; b4in-uuid=15d04827-f336-4c94-b6ae-aaf7f86d9dcf; _ga=GA1.2.815576447.1634316317; _gid=GA1.2.872783037.1634316317; _gat_gtag_UA_16055024_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 511540
cf-polished: origSize=14745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 08 Aug 2021 18:37:09 GMT
server: cloudflare
etag: W/"61102455-3999"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 69ea8453ff544e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 16 Oct 2021 18:39:36 GMT

GET
H2 200 lazy-loading-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 124 B
227 B 83ms
82ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/lazy-loading-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211014.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/lazy-loading-bin-rev-202108091.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H; b4in-uuid=15d04827-f336-4c94-b6ae-aaf7f86d9dcf; _ga=GA1.2.815576447.1634316317; _gid=GA1.2.872783037.1634316317; _gat_gtag_UA_16055024_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 511540
cf-polished: origSize=173
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 08 Aug 2021 18:37:09 GMT
server: cloudflare
etag: W/"61102455-ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 69ea8453ff554e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 16 Oct 2021 18:39:36 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
27 KB 123ms
36ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211014.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c2520bff591b925d456fa010c41b64995fbd9931892e4eb473ad9cd37ddc0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8irajuAAtyVqGve7GQSTq0VGurvVOiUfjvKzysc56O7oR1Y4t0K3_N7a5bit2UEt79w","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irajuAAtyVqGve7GQSTq0VGurvVOiUfjvKzysc56O7oR1Y4t0K3_N7a5bit2UEt79w"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irajuAAtyVqGve7GQSTq0VGurvVOiUfjvKzysc56O7oR1Y4t0K3_N7a5bit2UEt79w"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame FEFC 48 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 7099
date: Fri, 15 Oct 2021 14:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 15 Oct 2021 16:46:57 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
280 B 70ms
60ms Script
text/plain 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1634316316832836611942&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=6169b01d-079c0&pageView=1&pvid=17c84d7f0a1aa34a05b&site=310742&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69ea84544cc50621-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 showing.php Show response
a1.beforeitsnews.com/dAjax/ 127 KB
13 KB 643ms
589ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.beforeitsnews.com/dAjax/showing.php?_=1634316316834

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d638b11074de56b32af5239619ea24cd960f1cd3f8e991545507de95747ef4db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private
cf-ray: 69ea8454988c05d0-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 46ms
11ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-202108091.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 02:55:43 GMT
server: nginx
etag: W/"14f4-17c6d470719"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 2348

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 40ms
17ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20211014.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 435
etag: W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 69ea845478cb6939-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 18 Oct 2021 16:45:16 GMT

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 25ms
13ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 5558
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: TV9EGYWE00S199ZT
x-amz-id-2: PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 69ea84549d2d0621-FRA
expires: Sat, 16 Oct 2021 16:45:16 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
813 B 26ms
15ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 2992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 69ea84549d2e0621-FRA
expires: Sat, 16 Oct 2021 16:45:16 GMT

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 310ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:14:43 GMT
x-content-type-options: nosniff
age: 333034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 20:14:43 GMT

GET
H/1.1 200
OK 10864438442185062 Show response
lockerdome.com/lad/ Frame F4A8 1 KB
2 KB 460ms
119ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Fri, 15 Oct 2021 16:45:17 GMT

GET
H/1.1 200
OK 10864440455450982 Show response
lockerdome.com/lad/ Frame C632 1 KB
2 KB 463ms
119ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Fri, 15 Oct 2021 16:45:17 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 328ms
26ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 22
etag: W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 69ea84568dbe6939-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 18 Oct 2021 16:45:17 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 24ms
8ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Hv-Wvpw6uvU.O/d=1/rs=AN8SPfrRRDqyWCt2vhBeBuY_uWNxIe05hA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:40:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Fri, 15 Oct 2021 17:40:37 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Hv-Wvpw6uvU.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrRRDqyWCt2vhBeBuY_uWNxIe05hA/ 222 KB
76 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Hv-Wvpw6uvU.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrRRDqyWCt2vhBeBuY_uWNxIe05hA/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Hv-Wvpw6uvU.O/d=1/rs=AN8SPfrRRDqyWCt2vhBeBuY_uWNxIe05hA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

318031252ad84165978bffe9823ebd9f39fd73219086f79a0f3fe1f5585a5828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 12:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77500
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 21:14:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Sat, 15 Oct 2022 12:40:37 GMT

GET
DATA 200
OK truncated Show response
/ Frame DD52 2 KB
2 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acf3a01aa1b63a4ab6cca270b4fa30cb7c574166ac4897b25dfa71117cecc637

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 34ms
8ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:26:40 GMT
x-content-type-options: nosniff
age: 1117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 15 Oct 2022 16:26:40 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 1A1E 18 KB
3 KB 310ms
7ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Hv-Wvpw6uvU.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrRRDqyWCt2vhBeBuY_uWNxIe05hA/m=el_main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:40:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Fri, 15 Oct 2021 17:40:37 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
936 B 31ms
9ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:39:05 GMT
x-content-type-options: nosniff
age: 3972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 15 Oct 2022 15:39:05 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
320 B 19ms
18ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 3 KB
2 KB 70ms
60ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?pv=5&cbuster=1634316317222658929864&niet=4g&nisd=false&jsv=es6&w=370&h=1090&cols=1&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=6169b01d-079c0&pageView=1&pvid=17c84d7f0a1aa34a05b&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143c6420887630424992a884abf8eb1514c373b3bcd4d57d59f2c215364e632f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69ea8456b9090621-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/720412/ 1 KB
933 B 72ms
62ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?w=370&h=312&cols=1&pv=5&cbuster=1634316317223268661495&uniqId=013ca&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=6169b01d-079c0&pageView=0&pvid=17c84d7f0a1aa34a05b&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddae72582af05f215c51a3c088c3d7aa50c7fc83d45f8008ad162110b808dcc5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69ea8456b9060621-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 web Show response
onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/ 4 KB
2 KB 20ms
19ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9763c501581060b53aba9fa6128c140de3c9befa7a770bba6dc71309c4d1a342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 821
cf-polished: origSize=4420
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8bc42eb5-fa9c-424d-a83a-479ac6095570
x-runtime: 0.061611
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f2518df4c14c7dfc4221215f693f3838"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 69ea84570f086939-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 15 Oct 2021 17:45:17 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame F4A8 45 KB
17 KB 333ms
31ms Script
text/javascript 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 33
date: Fri, 15 Oct 2021 16:44:44 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17093
expires: Fri, 15 Oct 2021 18:44:44 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame C632 45 KB
17 KB 340ms
39ms Script
text/javascript 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 33
date: Fri, 15 Oct 2021 16:44:44 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17093
expires: Fri, 15 Oct 2021 18:44:44 GMT

GET
H3 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 25ms
24ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 5559
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: TV9EGYWE00S199ZT
x-amz-id-2: PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 69ea84583ec61f25-FRA
expires: Sat, 16 Oct 2021 16:45:17 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 25ms
25ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 2993
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 69ea84583ec81f25-FRA
expires: Sat, 16 Oct 2021 16:45:17 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzdlOGI5NWVlYTM1MTdmOWNlOTVkMjYyZGRlMzQzYWQzLmpwZWc.webp
s-img.mgid.com/g/5097652/492x277/0x161x1024x682/ 18 KB
18 KB 133ms
76ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097652/492x277/0x161x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzdlOGI5NWVlYTM1MTdmOWNlOTVkMjYyZGRlMzQzYWQzLmpwZWc.webp?v=1634316317-EmPEpFFCUQonVtNfLLopZED-FtCJEIr2XTRUKj5SI1U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99789e7d9c4e41890923605f01d5f04f687f4716b523e8bcf2a5e9ca41b0a8e6

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:23:09 GMT
x-mg-request-uuid: 003c8cbc-7f0c-4a50-b3c8-2b704fce2f84
age: 1216355
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69ea84589e3c7052-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18142
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp
s-img.mgid.com/g/3805603/492x277/0x63x1000x666/ 7 KB
7 KB 126ms
70ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805603/492x277/0x63x1000x666/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp?v=1634316317-NNaVnRYsUfShY_pnivEJe-tdMH-2JZ796nP-omm4r5Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bbdfac5d34390e019dcda310f45c524b4a303aa4db0f98e4d8b6ba442808148

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:23:41 GMT
x-mg-request-uuid: 62cf8422-c0ff-4375-988b-1ba0486d8cc4
age: 1216949
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69ea84589e427052-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6820
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE2N2M0OTZmNzkyOThhYzBlNGRhZDgwN2VhMGI2Y2U1LmpwZz90PTE0OTc5ODQwMTQ5NjU.webp
s-img.mgid.com/g/3805481/492x277/0x205x800x533/ 16 KB
16 KB 130ms
74ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805481/492x277/0x205x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE2N2M0OTZmNzkyOThhYzBlNGRhZDgwN2VhMGI2Y2U1LmpwZz90PTE0OTc5ODQwMTQ5NjU.webp?v=1634316317-NtaIWVfslKO2UqSL0W2F0QM-GA4qE2oJIWC19EsLaro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 297489ccb667f6076f816e00c3664df68ca7b545910ee93191aa6dffa774062e

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:24:19 GMT
x-mg-request-uuid: 4f55e738-ca4c-4344-a5e6-41454cd20505
age: 1217332
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69ea84589e437052-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16252
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp
s-img.mgid.com/g/4023144/492x277/278x0x828x552/ 14 KB
15 KB 124ms
68ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4023144/492x277/278x0x828x552/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp?v=1634316317-s5ZsbwlYijUp0Q-IOzQOFeX1DceM7hYBtEiRad_L2kc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 539215a62c4691bef106556dffea082d138c9e5b1a6de672fb608173f5bbba58

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:24:11 GMT
x-mg-request-uuid: 41d48416-567c-4f1a-a0b3-b8a4c88b0400
age: 1217468
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69ea84589e467052-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14786
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp
s-img.mgid.com/g/3805664/492x328/0x0x640x426/ 24 KB
24 KB 100ms
46ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805664/492x328/0x0x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp?v=1634316317-7UZpVjJAESC91eGL7-QdKsXJyI9eod8ZF4_5ii2yaOY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b5304bc525ec5c2300964c1be915ad25a164a2d681ddc072f75ba922bd524b2

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:23:36 GMT
x-mg-request-uuid: ae07e502-0146-42df-a95f-53e302aaabe6
age: 361216
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69ea84589e407052-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24104
server: cloudflare

GET
H2 200 / Show response
rumble.com/embed/vl5ncf/ Frame 74BA 17 KB
7 KB 343ms
109ms Document
text/html 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/vl5ncf/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 Hamilton, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

aae75b11dbc95a65ff077f80d2d39984d8e0bfff94b1a9eac5c70655d279fa68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

:method: GET
:authority: rumble.com
:scheme: https
:path: /embed/vl5ncf/?pub=hw409
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

server: nginx
date: Fri, 15 Oct 2021 16:45:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://rumble.com/vnrth5-whistleblower-fema-is-replacing-unvaxxed-doctors-and-nurses.html>; rel="canonical"
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br

GET
H2 200 HNSnlQVj29E Show response
www.youtube.com/embed/ Frame 3A31 57 KB
25 KB 128ms
58ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/HNSnlQVj29E

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

786ddd2561ffec477a046b9ab05c9245515015226e1f40daf392b34874f786dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/HNSnlQVj29E
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 15 Oct 2021 16:45:17 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=ZOoyQXEqaXA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=l-8HorJl6RU; Domain=.youtube.com; Expires=Wed, 13-Apr-2022 16:45:17 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+395; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2a2bc415347d64441a458a8ee798b3922335e4ad.jpeg
beforeitsnews.com/img/i2021/10/ 12 KB
13 KB 53ms
51ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/10/2a2bc415347d64441a458a8ee798b3922335e4ad.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91bf36977033d1006fe405e0e51e1729e70e03f9ffff635efc32292fbaed6379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/i2021/10/2a2bc415347d64441a458a8ee798b3922335e4ad.jpeg
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H; b4in-uuid=15d04827-f336-4c94-b6ae-aaf7f86d9dcf; _ga=GA1.2.815576447.1634316317; _gid=GA1.2.872783037.1634316317; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317473%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317476%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1255084
cf-polished: origSize=13934, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12630
last-modified: Mon, 02 Mar 2020 08:19:43 GMT
server: cloudflare
etag: "5e5cc19f-366e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 01 Oct 2022 04:07:13 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 69ea84587e5f4e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 44d8732aadf4a0334bfd6689d3abd3413bdf615e.jpg
beforeitsnews.com/img/i2021/10/ 36 KB
36 KB 42ms
40ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/10/44d8732aadf4a0334bfd6689d3abd3413bdf615e.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4727c236a79590156e2b25d8bd8ece765550e11055191092b3f4632446dbcfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/i2021/10/44d8732aadf4a0334bfd6689d3abd3413bdf615e.jpg
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H; b4in-uuid=15d04827-f336-4c94-b6ae-aaf7f86d9dcf; _ga=GA1.2.815576447.1634316317; _gid=GA1.2.872783037.1634316317; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317473%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317476%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 396181
cf-polished: origSize=42361, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36793
last-modified: Sun, 09 May 2021 05:43:48 GMT
server: cloudflare
etag: "60977694-a579"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 02:42:16 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 69ea84587e614e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg
beforeitsnews.com/img/i2021/10/ 15 KB
15 KB 32ms
31ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/10/cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b997bcff91f40fdd88dfa17feadca80bc7029e99e6dcbe6d78f3a1e210a9432

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/i2021/10/cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H; b4in-uuid=15d04827-f336-4c94-b6ae-aaf7f86d9dcf; _ga=GA1.2.815576447.1634316317; _gid=GA1.2.872783037.1634316317; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317473%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317476%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1255366
cf-polished: origSize=16737, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15529
last-modified: Fri, 16 Aug 2019 22:57:14 GMT
server: cloudflare
etag: "5d5734ca-4161"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 01 Oct 2022 04:02:31 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 69ea84587e624e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 472904724a9f0fd8d89d830c13ec11b163ed69f1.jpeg
beforeitsnews.com/img/banner_contract/ 63 KB
63 KB 53ms
52ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/472904724a9f0fd8d89d830c13ec11b163ed69f1.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cddacd31b67bdd4defac835f959b663d44a637b5608081b54717154c711ad4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/banner_contract/472904724a9f0fd8d89d830c13ec11b163ed69f1.jpeg
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H; b4in-uuid=15d04827-f336-4c94-b6ae-aaf7f86d9dcf; _ga=GA1.2.815576447.1634316317; _gid=GA1.2.872783037.1634316317; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317473%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317476%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 66610
cf-polished: origSize=70185, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 64646
last-modified: Thu, 14 Oct 2021 22:14:33 GMT
server: cloudflare
etag: "6168abc9-11229"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 14 Oct 2022 22:14:38 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 69ea84587e634e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg
beforeitsnews.com/img/banner_contract/ 46 KB
46 KB 64ms
63ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba2ec1f0e483b39c4f96db14778f55eceafa2ef67aa2b49c532a2cb24a52377b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/banner_contract/7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H; b4in-uuid=15d04827-f336-4c94-b6ae-aaf7f86d9dcf; _ga=GA1.2.815576447.1634316317; _gid=GA1.2.872783037.1634316317; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317473%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317476%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1916325
cf-polished: origSize=51812, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 46878
last-modified: Sat, 22 May 2021 12:15:55 GMT
server: cloudflare
etag: "60a8f5fb-ca64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 23 Sep 2022 12:26:32 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 69ea84587e654e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
beforeitsnews.com/img/banner_contract/ 36 KB
36 KB 48ms
47ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H; b4in-uuid=15d04827-f336-4c94-b6ae-aaf7f86d9dcf; _ga=GA1.2.815576447.1634316317; _gid=GA1.2.872783037.1634316317; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317473%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317476%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 136653
cf-polished: origSize=36512, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36504
last-modified: Sat, 22 May 2021 12:16:37 GMT
server: cloudflare
etag: "60a8f625-8ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 14 Oct 2022 02:47:44 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 69ea84587e684e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 dcf09c8773644d031c1df11dd4352afcab7d6112.jpg
beforeitsnews.com/img/banner_contract/ 59 KB
59 KB 72ms
71ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/dcf09c8773644d031c1df11dd4352afcab7d6112.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed390e84c9cbc129328c6da9ead576f839b6fec67eb9ace1b32740f4641953a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/banner_contract/dcf09c8773644d031c1df11dd4352afcab7d6112.jpg
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H; b4in-uuid=15d04827-f336-4c94-b6ae-aaf7f86d9dcf; _ga=GA1.2.815576447.1634316317; _gid=GA1.2.872783037.1634316317; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317473%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317476%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 378953
cf-polished: origFmt=jpeg, origSize=149331
content-disposition: inline; filename="dcf09c8773644d031c1df11dd4352afcab7d6112.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60198
last-modified: Mon, 11 Oct 2021 07:26:58 GMT
server: cloudflare
etag: "6163e742-24753"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 07:29:24 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 69ea84587e6a4e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 anvload.html Show response
w3.cdn.anvato.net/player/prod/v3/ Frame A5E4 569 B
780 B 87ms
8ms Document
text/html 35.241.40.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.cdn.anvato.net/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiOTY5NDI2IiwiYW52YWNrIjoiMHJRcGExZG1CYVRtS254aGRVMjNiWWFIbHZ6UkJBUHAiLCJzaGFyZUxpbmsiOiJodHRwczovL3d3dy5rdHZ1LmNvbS92aWRlby85Njk0MjYiLCJwbHVnaW5zIjp7ImN1c3RvbUNvbXNjb3JlUGx1Z2luIjp7ImMzIjoiS1RWVSBGT1ggMiIsImM2IjoiZnRzIiwic2NyaXB0IjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvQ3VzdG9tQ29tc2NvcmVQbHVnaW4uanMiLCJzZGsiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9jb21zY29yZS9jb21zY29yZS5qcyIsImNsaWVudElkIjoiNjA0MjkwMSIsIm5zX3N0X3N0IjoiS1RWVSIsInRpdGxlIjoiRm9ybWVyIHByZXNpZGVudCBEb25hbGQgVHJ1bXAgaG9sZHMgYSByYWxseSBpbiBDdWxsbWFuLCBBbGFiYW1hIiwibnNfc3RfY2kiOiI5Njk0MjYifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJrdHZ1IiwiYXBwX25hbWUiOiJrdHZ1LmNvbSIsImFwcF9wbGF0Zm9ybSI6IndlYiIsImFwcF92ZXJzaW9uIjoiMS4wLjAiLCJzZWdtZW50SWQiOiJvZ1hUZndpSzhUQXJsSFF6cEFBNmN5MmcySEp4bHUzTyIsInBsYXllclVuaXF1ZUlkIjoicGxheWVyLTEzNTBhY2UwLTg3NGQtNGZlZC1hMmE4LWU0MGMzYTY5NDhhNiJ9LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2FaXU9LzYzNzkwNTY0L2t0dnVfZm94MiZkZXNjcmlwdGlvbl91cmw9W3BsYWNlaG9sZGVyXSZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9JnRmY2Q9MCZucGE9MCZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnN6PTEwMDF4MTAwMSZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmNtc2lkPTI1NDEyOTgmdmlkPTk2OTQyNiIsImtleVZhbHVlcyI6eyJzdHlwZSI6WyJuZXdzIl0sInB0eXBlIjoidmlkZW8tY2xpcCIsImMiOlsibmV3cyIsInNlZW4tb24tdHYiLCJkb25hbGQtai10cnVtcCIsInBvbGl0aWNzIl0sImQiOiJ3ZWIiLCJ1c19wcml2YWN5IjoiMS0tLSJ9fX0sImhlYWx0aEFuYWx5dGljcyI6e319LCJodG1sNSI6dHJ1ZSwiZm9ybWF0IjoibTN1OCIsInRva2VuIjoiZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SjJhV1FpT2lJNU5qazBNallpTENKcGMzTWlPaUl3Y2xGd1lURmtiVUpoVkcxTGJuaG9aRlV5TTJKWllVaHNkbnBTUWtGUWNDSXNJbVY0Y0NJNk1UWXlPVGd5T1RReU9Td2lhV0YwSWpveE5qSTVPREkxT0RJNWZRLkN1SGtHM25oSmJGTGF6b3pURWhicjdTYzZPd1JuV05YaXBLZ001cHJvZXMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.69 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.40.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fc11d2ab4ad186693e03e7a1b27f0fcc6ac27f74dda2bb86b57dff812ce91abb

Request headers

:method: GET
:authority: w3.cdn.anvato.net
:scheme: https
:path: /player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiOTY5NDI2IiwiYW52YWNrIjoiMHJRcGExZG1CYVRtS254aGRVMjNiWWFIbHZ6UkJBUHAiLCJzaGFyZUxpbmsiOiJodHRwczovL3d3dy5rdHZ1LmNvbS92aWRlby85Njk0MjYiLCJwbHVnaW5zIjp7ImN1c3RvbUNvbXNjb3JlUGx1Z2luIjp7ImMzIjoiS1RWVSBGT1ggMiIsImM2IjoiZnRzIiwic2NyaXB0IjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvQ3VzdG9tQ29tc2NvcmVQbHVnaW4uanMiLCJzZGsiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9jb21zY29yZS9jb21zY29yZS5qcyIsImNsaWVudElkIjoiNjA0MjkwMSIsIm5zX3N0X3N0IjoiS1RWVSIsInRpdGxlIjoiRm9ybWVyIHByZXNpZGVudCBEb25hbGQgVHJ1bXAgaG9sZHMgYSByYWxseSBpbiBDdWxsbWFuLCBBbGFiYW1hIiwibnNfc3RfY2kiOiI5Njk0MjYifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJrdHZ1IiwiYXBwX25hbWUiOiJrdHZ1LmNvbSIsImFwcF9wbGF0Zm9ybSI6IndlYiIsImFwcF92ZXJzaW9uIjoiMS4wLjAiLCJzZWdtZW50SWQiOiJvZ1hUZndpSzhUQXJsSFF6cEFBNmN5MmcySEp4bHUzTyIsInBsYXllclVuaXF1ZUlkIjoicGxheWVyLTEzNTBhY2UwLTg3NGQtNGZlZC1hMmE4LWU0MGMzYTY5NDhhNiJ9LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2FaXU9LzYzNzkwNTY0L2t0dnVfZm94MiZkZXNjcmlwdGlvbl91cmw9W3BsYWNlaG9sZGVyXSZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9JnRmY2Q9MCZucGE9MCZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnN6PTEwMDF4MTAwMSZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmNtc2lkPTI1NDEyOTgmdmlkPTk2OTQyNiIsImtleVZhbHVlcyI6eyJzdHlwZSI6WyJuZXdzIl0sInB0eXBlIjoidmlkZW8tY2xpcCIsImMiOlsibmV3cyIsInNlZW4tb24tdHYiLCJkb25hbGQtai10cnVtcCIsInBvbGl0aWNzIl0sImQiOiJ3ZWIiLCJ1c19wcml2YWN5IjoiMS0tLSJ9fX0sImhlYWx0aEFuYWx5dGljcyI6e319LCJodG1sNSI6dHJ1ZSwiZm9ybWF0IjoibTN1OCIsInRva2VuIjoiZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SjJhV1FpT2lJNU5qazBNallpTENKcGMzTWlPaUl3Y2xGd1lURmtiVUpoVkcxTGJuaG9aRlV5TTJKWllVaHNkbnBTUWtGUWNDSXNJbVY0Y0NJNk1UWXlPVGd5T1RReU9Td2lhV0YwSWpveE5qSTVPREkxT0RJNWZRLkN1SGtHM25oSmJGTGF6b3pURWhicjdTYzZPd1JuV05YaXBLZ001cHJvZXMifQ%3D%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

x-guploader-uploadid: ADPycdtI-uKcHwymWJGUnNCRn3vvJWD34I5z0dmPZJvkCmX7nXSw37Q1kA_sKW4VtnraUJXGdUKG0CEqbMpb-MlAJ6I
date: Fri, 15 Oct 2021 11:59:24 GMT
expires: Fri, 15 Oct 2021 17:59:24 GMT
last-modified: Wed, 11 Aug 2021 07:18:38 GMT
etag: "bdf6c73a0ab611e04c399a54219b30fa"
x-goog-generation: 1628666318564426
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 305
content-type: text/html
content-encoding: gzip
x-goog-hash: crc32c=xXAFcQ== md5=vfbHOgq2EeBMOZpUIZsw+g==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 305
access-control-allow-origin: *
server: UploadServer
age: 17153
cache-control: public, max-age=21600,no-transform
alt-svc: clear

GET
H2 200 anvplayer.min.js Show response
w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/scripts/ Frame A5E4 2 MB
639 KB 12ms
11ms Script
application/javascript 35.241.40.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/scripts/anvplayer.min.js
Requested by: Host: w3.cdn.anvato.net
URL: https://w3.cdn.anvato.net/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiOTY5NDI2IiwiYW52YWNrIjoiMHJRcGExZG1CYVRtS254aGRVMjNiWWFIbHZ6UkJBUHAiLCJzaGFyZUxpbmsiOiJodHRwczovL3d3dy5rdHZ1LmNvbS92aWRlby85Njk0MjYiLCJwbHVnaW5zIjp7ImN1c3RvbUNvbXNjb3JlUGx1Z2luIjp7ImMzIjoiS1RWVSBGT1ggMiIsImM2IjoiZnRzIiwic2NyaXB0IjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvQ3VzdG9tQ29tc2NvcmVQbHVnaW4uanMiLCJzZGsiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9jb21zY29yZS9jb21zY29yZS5qcyIsImNsaWVudElkIjoiNjA0MjkwMSIsIm5zX3N0X3N0IjoiS1RWVSIsInRpdGxlIjoiRm9ybWVyIHByZXNpZGVudCBEb25hbGQgVHJ1bXAgaG9sZHMgYSByYWxseSBpbiBDdWxsbWFuLCBBbGFiYW1hIiwibnNfc3RfY2kiOiI5Njk0MjYifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJrdHZ1IiwiYXBwX25hbWUiOiJrdHZ1LmNvbSIsImFwcF9wbGF0Zm9ybSI6IndlYiIsImFwcF92ZXJzaW9uIjoiMS4wLjAiLCJzZWdtZW50SWQiOiJvZ1hUZndpSzhUQXJsSFF6cEFBNmN5MmcySEp4bHUzTyIsInBsYXllclVuaXF1ZUlkIjoicGxheWVyLTEzNTBhY2UwLTg3NGQtNGZlZC1hMmE4LWU0MGMzYTY5NDhhNiJ9LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2FaXU9LzYzNzkwNTY0L2t0dnVfZm94MiZkZXNjcmlwdGlvbl91cmw9W3BsYWNlaG9sZGVyXSZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9JnRmY2Q9MCZucGE9MCZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnN6PTEwMDF4MTAwMSZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmNtc2lkPTI1NDEyOTgmdmlkPTk2OTQyNiIsImtleVZhbHVlcyI6eyJzdHlwZSI6WyJuZXdzIl0sInB0eXBlIjoidmlkZW8tY2xpcCIsImMiOlsibmV3cyIsInNlZW4tb24tdHYiLCJkb25hbGQtai10cnVtcCIsInBvbGl0aWNzIl0sImQiOiJ3ZWIiLCJ1c19wcml2YWN5IjoiMS0tLSJ9fX0sImhlYWx0aEFuYWx5dGljcyI6e319LCJodG1sNSI6dHJ1ZSwiZm9ybWF0IjoibTN1OCIsInRva2VuIjoiZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SjJhV1FpT2lJNU5qazBNallpTENKcGMzTWlPaUl3Y2xGd1lURmtiVUpoVkcxTGJuaG9aRlV5TTJKWllVaHNkbnBTUWtGUWNDSXNJbVY0Y0NJNk1UWXlPVGd5T1RReU9Td2lhV0YwSWpveE5qSTVPREkxT0RJNWZRLkN1SGtHM25oSmJGTGF6b3pURWhicjdTYzZPd1JuV05YaXBLZ001cHJvZXMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.69 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.40.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 22b7334dd7b53cf9a7df2b4c98260fa4a5416383be27c6f3c85ffa9f8eebec7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiOTY5NDI2IiwiYW52YWNrIjoiMHJRcGExZG1CYVRtS254aGRVMjNiWWFIbHZ6UkJBUHAiLCJzaGFyZUxpbmsiOiJodHRwczovL3d3dy5rdHZ1LmNvbS92aWRlby85Njk0MjYiLCJwbHVnaW5zIjp7ImN1c3RvbUNvbXNjb3JlUGx1Z2luIjp7ImMzIjoiS1RWVSBGT1ggMiIsImM2IjoiZnRzIiwic2NyaXB0IjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvQ3VzdG9tQ29tc2NvcmVQbHVnaW4uanMiLCJzZGsiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9jb21zY29yZS9jb21zY29yZS5qcyIsImNsaWVudElkIjoiNjA0MjkwMSIsIm5zX3N0X3N0IjoiS1RWVSIsInRpdGxlIjoiRm9ybWVyIHByZXNpZGVudCBEb25hbGQgVHJ1bXAgaG9sZHMgYSByYWxseSBpbiBDdWxsbWFuLCBBbGFiYW1hIiwibnNfc3RfY2kiOiI5Njk0MjYifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJrdHZ1IiwiYXBwX25hbWUiOiJrdHZ1LmNvbSIsImFwcF9wbGF0Zm9ybSI6IndlYiIsImFwcF92ZXJzaW9uIjoiMS4wLjAiLCJzZWdtZW50SWQiOiJvZ1hUZndpSzhUQXJsSFF6cEFBNmN5MmcySEp4bHUzTyIsInBsYXllclVuaXF1ZUlkIjoicGxheWVyLTEzNTBhY2UwLTg3NGQtNGZlZC1hMmE4LWU0MGMzYTY5NDhhNiJ9LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2FaXU9LzYzNzkwNTY0L2t0dnVfZm94MiZkZXNjcmlwdGlvbl91cmw9W3BsYWNlaG9sZGVyXSZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9JnRmY2Q9MCZucGE9MCZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnN6PTEwMDF4MTAwMSZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmNtc2lkPTI1NDEyOTgmdmlkPTk2OTQyNiIsImtleVZhbHVlcyI6eyJzdHlwZSI6WyJuZXdzIl0sInB0eXBlIjoidmlkZW8tY2xpcCIsImMiOlsibmV3cyIsInNlZW4tb24tdHYiLCJkb25hbGQtai10cnVtcCIsInBvbGl0aWNzIl0sImQiOiJ3ZWIiLCJ1c19wcml2YWN5IjoiMS0tLSJ9fX0sImhlYWx0aEFuYWx5dGljcyI6e319LCJodG1sNSI6dHJ1ZSwiZm9ybWF0IjoibTN1OCIsInRva2VuIjoiZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SjJhV1FpT2lJNU5qazBNallpTENKcGMzTWlPaUl3Y2xGd1lURmtiVUpoVkcxTGJuaG9aRlV5TTJKWllVaHNkbnBTUWtGUWNDSXNJbVY0Y0NJNk1UWXlPVGd5T1RReU9Td2lhV0YwSWpveE5qSTVPREkxT0RJNWZRLkN1SGtHM25oSmJGTGF6b3pURWhicjdTYzZPd1JuV05YaXBLZ001cHJvZXMifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:44:23 GMT
content-encoding: gzip
age: 3654
x-guploader-uploadid: ADPycdtBdOhbPxbT3plhJlGG5huYcMD8ahMwruZXFfvu_uARymtl4rOxzViyW9ybvm29Ui9Vf5phvba0MI63ZkKAMo2iZl17Lg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 653691
last-modified: Wed, 11 Aug 2021 07:18:18 GMT
server: UploadServer
etag: "69f3a0513fe96ec575e895471d5fb6f9"
x-goog-hash: crc32c=7tRWpQ==, md5=afOgUT/pbsV16JVHHV+2+Q==
x-goog-generation: 1628666298155983
access-control-allow-origin: *
cache-control: public, max-age=21600,no-transform
x-goog-stored-content-length: 653691
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 15 Oct 2021 21:44:23 GMT

GET
H2 200 anvhtml5.css
w3.cdn.anvato.net/player/prod/v3/ Frame A5E4 47 KB
9 KB 9ms
9ms Stylesheet
text/css 35.241.40.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.cdn.anvato.net/player/prod/v3/anvhtml5.css
Requested by: Host: w3.cdn.anvato.net
URL: https://w3.cdn.anvato.net/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiOTY5NDI2IiwiYW52YWNrIjoiMHJRcGExZG1CYVRtS254aGRVMjNiWWFIbHZ6UkJBUHAiLCJzaGFyZUxpbmsiOiJodHRwczovL3d3dy5rdHZ1LmNvbS92aWRlby85Njk0MjYiLCJwbHVnaW5zIjp7ImN1c3RvbUNvbXNjb3JlUGx1Z2luIjp7ImMzIjoiS1RWVSBGT1ggMiIsImM2IjoiZnRzIiwic2NyaXB0IjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvQ3VzdG9tQ29tc2NvcmVQbHVnaW4uanMiLCJzZGsiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9jb21zY29yZS9jb21zY29yZS5qcyIsImNsaWVudElkIjoiNjA0MjkwMSIsIm5zX3N0X3N0IjoiS1RWVSIsInRpdGxlIjoiRm9ybWVyIHByZXNpZGVudCBEb25hbGQgVHJ1bXAgaG9sZHMgYSByYWxseSBpbiBDdWxsbWFuLCBBbGFiYW1hIiwibnNfc3RfY2kiOiI5Njk0MjYifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJrdHZ1IiwiYXBwX25hbWUiOiJrdHZ1LmNvbSIsImFwcF9wbGF0Zm9ybSI6IndlYiIsImFwcF92ZXJzaW9uIjoiMS4wLjAiLCJzZWdtZW50SWQiOiJvZ1hUZndpSzhUQXJsSFF6cEFBNmN5MmcySEp4bHUzTyIsInBsYXllclVuaXF1ZUlkIjoicGxheWVyLTEzNTBhY2UwLTg3NGQtNGZlZC1hMmE4LWU0MGMzYTY5NDhhNiJ9LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2FaXU9LzYzNzkwNTY0L2t0dnVfZm94MiZkZXNjcmlwdGlvbl91cmw9W3BsYWNlaG9sZGVyXSZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9JnRmY2Q9MCZucGE9MCZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnN6PTEwMDF4MTAwMSZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmNtc2lkPTI1NDEyOTgmdmlkPTk2OTQyNiIsImtleVZhbHVlcyI6eyJzdHlwZSI6WyJuZXdzIl0sInB0eXBlIjoidmlkZW8tY2xpcCIsImMiOlsibmV3cyIsInNlZW4tb24tdHYiLCJkb25hbGQtai10cnVtcCIsInBvbGl0aWNzIl0sImQiOiJ3ZWIiLCJ1c19wcml2YWN5IjoiMS0tLSJ9fX0sImhlYWx0aEFuYWx5dGljcyI6e319LCJodG1sNSI6dHJ1ZSwiZm9ybWF0IjoibTN1OCIsInRva2VuIjoiZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SjJhV1FpT2lJNU5qazBNallpTENKcGMzTWlPaUl3Y2xGd1lURmtiVUpoVkcxTGJuaG9aRlV5TTJKWllVaHNkbnBTUWtGUWNDSXNJbVY0Y0NJNk1UWXlPVGd5T1RReU9Td2lhV0YwSWpveE5qSTVPREkxT0RJNWZRLkN1SGtHM25oSmJGTGF6b3pURWhicjdTYzZPd1JuV05YaXBLZ001cHJvZXMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.69 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.40.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 859986c6ca2bee4f39918f17a31763de8819fbd59dd75014a30631b0683e5b9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiOTY5NDI2IiwiYW52YWNrIjoiMHJRcGExZG1CYVRtS254aGRVMjNiWWFIbHZ6UkJBUHAiLCJzaGFyZUxpbmsiOiJodHRwczovL3d3dy5rdHZ1LmNvbS92aWRlby85Njk0MjYiLCJwbHVnaW5zIjp7ImN1c3RvbUNvbXNjb3JlUGx1Z2luIjp7ImMzIjoiS1RWVSBGT1ggMiIsImM2IjoiZnRzIiwic2NyaXB0IjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvQ3VzdG9tQ29tc2NvcmVQbHVnaW4uanMiLCJzZGsiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9jb21zY29yZS9jb21zY29yZS5qcyIsImNsaWVudElkIjoiNjA0MjkwMSIsIm5zX3N0X3N0IjoiS1RWVSIsInRpdGxlIjoiRm9ybWVyIHByZXNpZGVudCBEb25hbGQgVHJ1bXAgaG9sZHMgYSByYWxseSBpbiBDdWxsbWFuLCBBbGFiYW1hIiwibnNfc3RfY2kiOiI5Njk0MjYifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJrdHZ1IiwiYXBwX25hbWUiOiJrdHZ1LmNvbSIsImFwcF9wbGF0Zm9ybSI6IndlYiIsImFwcF92ZXJzaW9uIjoiMS4wLjAiLCJzZWdtZW50SWQiOiJvZ1hUZndpSzhUQXJsSFF6cEFBNmN5MmcySEp4bHUzTyIsInBsYXllclVuaXF1ZUlkIjoicGxheWVyLTEzNTBhY2UwLTg3NGQtNGZlZC1hMmE4LWU0MGMzYTY5NDhhNiJ9LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2FaXU9LzYzNzkwNTY0L2t0dnVfZm94MiZkZXNjcmlwdGlvbl91cmw9W3BsYWNlaG9sZGVyXSZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9JnRmY2Q9MCZucGE9MCZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnN6PTEwMDF4MTAwMSZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmNtc2lkPTI1NDEyOTgmdmlkPTk2OTQyNiIsImtleVZhbHVlcyI6eyJzdHlwZSI6WyJuZXdzIl0sInB0eXBlIjoidmlkZW8tY2xpcCIsImMiOlsibmV3cyIsInNlZW4tb24tdHYiLCJkb25hbGQtai10cnVtcCIsInBvbGl0aWNzIl0sImQiOiJ3ZWIiLCJ1c19wcml2YWN5IjoiMS0tLSJ9fX0sImhlYWx0aEFuYWx5dGljcyI6e319LCJodG1sNSI6dHJ1ZSwiZm9ybWF0IjoibTN1OCIsInRva2VuIjoiZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SjJhV1FpT2lJNU5qazBNallpTENKcGMzTWlPaUl3Y2xGd1lURmtiVUpoVkcxTGJuaG9aRlV5TTJKWllVaHNkbnBTUWtGUWNDSXNJbVY0Y0NJNk1UWXlPVGd5T1RReU9Td2lhV0YwSWpveE5qSTVPREkxT0RJNWZRLkN1SGtHM25oSmJGTGF6b3pURWhicjdTYzZPd1JuV05YaXBLZ001cHJvZXMifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 14:54:37 GMT
content-encoding: gzip
age: 6640
x-guploader-uploadid: ADPycduftjB-P19UUCkVy7wpjjDgVi0X8V-pSJAtDCMm4vRtx4QsbKff2uJ9qfeVh-Un2_YdzMQ9pJ2GF3lGMnjRwC4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 9174
last-modified: Wed, 11 Aug 2021 07:18:17 GMT
server: UploadServer
etag: "0a49fa03a778e52b3c0f53da2d9e8d47"
x-goog-hash: crc32c=Ill5Tg==, md5=Ckn6A6d45Ss8D1PaLZ6NRw==
x-goog-generation: 1628666296908176
access-control-allow-origin: *
cache-control: public, max-age=21600,no-transform
x-goog-stored-content-length: 9174
accept-ranges: bytes
content-type: text/css
expires: Fri, 15 Oct 2021 20:54:37 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
1005 B 78ms
58ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1634316317704463160804
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 885dc7e3a89e098b42885ec5f917ae4c077e4e0f2e4b49a5615606a5e62c87fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 69ea8459ce450621-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/5ba7be96/ Frame 3A31 335 KB
46 KB 316ms
13ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5ba7be96/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HNSnlQVj29E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dac942658e3a9b40bbaff74c7e33c28e09099a2d1bcc771197c1dc48b1691aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HNSnlQVj29E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 15:53:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46937
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 00:15:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Oct 2022 15:53:52 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/5ba7be96/www-embed-player.vflset/ Frame 3A31 210 KB
69 KB 325ms
23ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5ba7be96/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HNSnlQVj29E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04dd264dbd77c61a40ed0583c57692d62147d727d296cbe2881a41b7fc9c18d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HNSnlQVj29E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 15:54:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70161
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 00:15:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Oct 2022 15:54:27 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/5ba7be96/player_ias.vflset/de_DE/ Frame 3A31 2 MB
513 KB 330ms
28ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5ba7be96/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HNSnlQVj29E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72b6821ab46e95ff2f25659cf5d7aed2d738ed4bc3c237ea0bd7ae5828f785f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HNSnlQVj29E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 15:53:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 524971
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 00:15:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Oct 2022 15:53:52 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/5ba7be96/fetch-polyfill.vflset/ Frame 3A31 8 KB
3 KB 329ms
28ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5ba7be96/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HNSnlQVj29E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HNSnlQVj29E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 15:54:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 00:15:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Oct 2022 15:54:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3A31 15 KB
15 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HNSnlQVj29E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 334024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 19:58:13 GMT

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 930D 19 B
238 B 61ms
59ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1634316317753453691085
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 69ea8459fe950621-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 0rQpa1dmBaTmKnxhdU23bYaHlvzRBAPp Show response
access-prod.apis.anvato.net/anvacks/ Frame A5E4 974 B
1 KB 62ms
29ms XHR
application/json 35.190.16.125
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://access-prod.apis.anvato.net/anvacks/0rQpa1dmBaTmKnxhdU23bYaHlvzRBAPp?apikey=3hwbSuqqT690uxjNYBktSQpa5ZrpYYR0Iofx7NcJHyA
Requested by: Host: w3.cdn.anvato.net
URL: https://w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.16.125 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 125.16.190.35.bc.googleusercontent.com
Software: / Express
Resource Hash: ea2e50b13fd391bf47f8b38ff7071a68019eb3ef59dba4acdd5ba7839703a267

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-response-time: 0.323ms
date: Fri, 15 Oct 2021 16:45:17 GMT
via: 1.1 google
etag: W/"3ce-8vhj6vSpS3wZKk5SAhZXKI3fedA"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://w3.cdn.anvato.net
alt-svc: clear
content-length: 974

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1546
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

64ms
10ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1634316317704463160804
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
ETag: "403b8-119-5cd3a8e7e6a80"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 15 Oct 2021 16:45:18 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Fri, 15 Oct 2021 16:45:17 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame EA92 1 KB
885 B 141ms
34ms Document
text/html 2a0c:5c81:5139::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1634316317704463160804
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

Server: VertaMedia 1.0
Date: Fri, 15 Oct 2021 16:45:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 600
Access-Control-Allow-Origin: https://beforeitsnews.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=5e0e09ee-6c85-42cb-b55d-ee2b3edac06a

43 B
465 B

81ms
81ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=665953&c=5e0e09ee-6c85-42cb-b55d-ee2b3edac06a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 69ea845b7b761f25-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=5e0e09ee-6c85-42cb-b55d-ee2b3edac06a
date: Fri, 15 Oct 2021 16:45:17 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l9fgyRh_ycJ9
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=

0
239 B

62ms
18ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:45:17 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=90f0e81e-3914-4763-a0bb-f1b4e2094168&ttl=1636908318

43 B
481 B

75ms
75ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=90f0e81e-3914-4763-a0bb-f1b4e2094168&ttl=1636908318
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 69ea845c0c781f25-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=90f0e81e-3914-4763-a0bb-f1b4e2094168&ttl=1636908318
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
412 B 114ms
58ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l9fgyRh_ycJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69ea845b3a720eb7-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l9fgyRh_ycJ9
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l9fgyRh_ycJ9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a897d2b1-829c-460f-960e-cee6dd9ef342&gdpr=&gdpr_consent=&gdpr_pd=

1 B
492 B

100ms
23ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a897d2b1-829c-460f-960e-cee6dd9ef342&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:16 GMT
cache-control: no-store, no-cache, private
x-lat: amspug020:0:355
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a897d2b1-829c-460f-960e-cee6dd9ef342&gdpr=&gdpr_consent=&gdpr_pd=
Date: Fri, 15 Oct 2021 16:45:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDlmZ3lSaF95Y0o5&muidn=l9fgyRh_ycJ9
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDlmZ3lSaF95Y0o5&muidn=l9fgyRh_ycJ9&google_tc=
https://cm.mgid.com/google?muidn=l9fgyRh_ycJ9&google_ula={guid},5&google_gid=CAESECVtUYSrVOByCHUStXcuqCw&google_cver=1

0
376 B

72ms
71ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l9fgyRh_ycJ9&google_ula={guid},5&google_gid=CAESECVtUYSrVOByCHUStXcuqCw&google_cver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69ea845b7b841f25-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l9fgyRh_ycJ9&google_ula={guid},5&google_gid=CAESECVtUYSrVOByCHUStXcuqCw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
495 B 114ms
59ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l9fgyRh_ycJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69ea845b3a032b59-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=IKNqnOFMJ4o2AJvKzdqg&pi=mgid&tc=1

43 B
465 B

76ms
76ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=IKNqnOFMJ4o2AJvKzdqg&pi=mgid&tc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 69ea845b7b6d1f25-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=IKNqnOFMJ4o2AJvKzdqg&pi=mgid&tc=1
pragma: no-cache
date: Fri, 15 Oct 2021 16:45:17 GMT, Fri, 15 Oct 2021 16:45:17 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=70&user_id=4369468153446208702&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=a897d2b1-829c-460f-960e-cee6dd9ef342&gdpr=&gdpr_consent=&us_privacy=

43 B
481 B

72ms
72ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=a897d2b1-829c-460f-960e-cee6dd9ef342&gdpr=&gdpr_consent=&us_privacy=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 69ea845c6cff1f25-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location: //cm.mgid.com/m?cdsp=433145&c=a897d2b1-829c-460f-960e-cee6dd9ef342&gdpr=&gdpr_consent=&us_privacy=
Date: Fri, 15 Oct 2021 16:45:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=c9161312-269c-4e04-860d-cea6977229ba

43 B
497 B

68ms
68ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=c9161312-269c-4e04-860d-cea6977229ba
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 69ea845f692e1f25-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=c9161312-269c-4e04-860d-cea6977229ba
date: Fri, 15 Oct 2021 16:45:18 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame 74BA 68 KB
25 KB 113ms
112ms Script
application/javascript 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=275

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vl5ncf/?pub=hw409

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 Hamilton, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

7974342b7b53a5cdfc12da137faebd34006b2e7ddb444784b92a6e010adf623c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/vl5ncf/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
content-encoding: br
last-modified: Mon, 30 Aug 2021 23:14:21 GMT
server: nginx
etag: W/"612d664d-11190"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 5tuyc.OvCc.1-small-Whistleblower-FEMA-Is-Repla.jpg
sp.rmbl.ws/s8/1/5/t/u/y/ Frame 74BA 62 KB
63 KB 11ms
11ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/5/t/u/y/5tuyc.OvCc.1-small-Whistleblower-FEMA-Is-Repla.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vl5ncf/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: a7b2fab6cc6ffaf43b3d4cad54ca6b63f5e9c73af3fcbbe0fc5c501bfb46e92a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
last-modified: Fri, 15 Oct 2021 12:13:33 GMT
etag: "8c1642ab9211b120b665859dbaaff6ad"
x-hw: 1634316317.cds002.fr8.hn,1634316317.cds263.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=70166
accept-ranges: bytes
content-length: 63850

GET
H2 206 5tuyc.caa.rec.mp4
sp.rmbl.ws/s8/2/5/t/u/y/ Frame 74BA 4 MB
0 32ms
32ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/5/t/u/y/5tuyc.caa.rec.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vl5ncf/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://rumble.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
last-modified: Fri, 15 Oct 2021 11:49:49 GMT
access-control-allow-origin: *
etag: "73e7424f703c3da5883a3e294f7faf61-71"
x-hw: 1634316317.cds002.fr8.hn,1634316317.cds148.fr8.c
content-type: video/mp4
Content-Range: bytes 0-369878507/369878508
cache-control: max-age=68723
accept-ranges: bytes
Content-Length: 369878508

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 60ms
24ms Script
application/javascript 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 02:24:03 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 51707
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: QctKums9oMh8SpnsmZp_fypyTf9_ymzWlDBkjWK4Bh_RpKWl6K_bQg==

GET
H2 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 327ms
25ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:18 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 456
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 69ea845cfe3c6939-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 18 Oct 2021 16:45:18 GMT

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzdlOGI5NWVlYTM1MTdmOWNlOTVkMjYyZGRlMzQzYWQzLmpwZWc.webp
s-img.mgid.com/g/5097652/492x277/0x161x1024x682/ Frame 960E 18 KB
18 KB 35ms
20ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097652/492x277/0x161x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzdlOGI5NWVlYTM1MTdmOWNlOTVkMjYyZGRlMzQzYWQzLmpwZWc.webp?v=1634316317-EmPEpFFCUQonVtNfLLopZED-FtCJEIr2XTRUKj5SI1U
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99789e7d9c4e41890923605f01d5f04f687f4716b523e8bcf2a5e9ca41b0a8e6

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:23:09 GMT
x-mg-request-uuid: 003c8cbc-7f0c-4a50-b3c8-2b704fce2f84
age: 1216355
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69ea845b38ff4351-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18142
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp
s-img.mgid.com/g/3805603/492x277/0x63x1000x666/ Frame 960E 7 KB
7 KB 33ms
19ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805603/492x277/0x63x1000x666/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp?v=1634316317-NNaVnRYsUfShY_pnivEJe-tdMH-2JZ796nP-omm4r5Y
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bbdfac5d34390e019dcda310f45c524b4a303aa4db0f98e4d8b6ba442808148

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:23:41 GMT
x-mg-request-uuid: 62cf8422-c0ff-4375-988b-1ba0486d8cc4
age: 1216949
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69ea845b38fa4351-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6820
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE2N2M0OTZmNzkyOThhYzBlNGRhZDgwN2VhMGI2Y2U1LmpwZz90PTE0OTc5ODQwMTQ5NjU.webp
s-img.mgid.com/g/3805481/492x277/0x205x800x533/ Frame 960E 16 KB
16 KB 52ms
42ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805481/492x277/0x205x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE2N2M0OTZmNzkyOThhYzBlNGRhZDgwN2VhMGI2Y2U1LmpwZz90PTE0OTc5ODQwMTQ5NjU.webp?v=1634316317-NtaIWVfslKO2UqSL0W2F0QM-GA4qE2oJIWC19EsLaro
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 297489ccb667f6076f816e00c3664df68ca7b545910ee93191aa6dffa774062e

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:24:19 GMT
x-mg-request-uuid: 4f55e738-ca4c-4344-a5e6-41454cd20505
age: 1217332
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69ea845b38fe4351-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16252
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp
s-img.mgid.com/g/4023144/492x277/278x0x828x552/ Frame 960E 14 KB
15 KB 37ms
31ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4023144/492x277/278x0x828x552/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp?v=1634316317-s5ZsbwlYijUp0Q-IOzQOFeX1DceM7hYBtEiRad_L2kc
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 539215a62c4691bef106556dffea082d138c9e5b1a6de672fb608173f5bbba58

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:24:11 GMT
x-mg-request-uuid: 41d48416-567c-4f1a-a0b3-b8a4c88b0400
age: 1217468
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69ea845b39014351-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14786
server: cloudflare

GET
H2 200 server_time Show response
tkx.apis.anvato.net/rest/v2/ Frame A5E4 28 B
232 B 77ms
24ms XHR
application/json 107.178.255.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tkx.apis.anvato.net/rest/v2/server_time?anvack=0rQpa1dmBaTmKnxhdU23bYaHlvzRBAPp&anvtrid=wb768a311214eda7a4246ead11060051
Requested by: Host: w3.cdn.anvato.net
URL: https://w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.255.150 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 150.255.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd080b74e8929b4d7651365cc05f155b3bad0ee59d65d9333f7cd60511eeca42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:18 GMT
via: 1.1 google
server: nginx
content-type: application/json
access-control-allow-origin: https://w3.cdn.anvato.net
access-control-allow-credentials: true
x-onetkx-ver: onetkx-prod-2~4337263-1.0~98303a8-1.0~europe-west1-d~602941259
alt-svc: clear

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp
s-img.mgid.com/g/3805664/492x328/0x0x640x426/ Frame 0550 24 KB
24 KB 29ms
29ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805664/492x328/0x0x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp?v=1634316317-7UZpVjJAESC91eGL7-QdKsXJyI9eod8ZF4_5ii2yaOY
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b5304bc525ec5c2300964c1be915ad25a164a2d681ddc072f75ba922bd524b2

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:17 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:23:36 GMT
x-mg-request-uuid: ae07e502-0146-42df-a95f-53e302aaabe6
age: 361216
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69ea845b39024351-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24104
server: cloudflare

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1546 31 KB
9 KB 20ms
19ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:45:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=36699
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9275
Expires: Sat, 16 Oct 2021 02:56:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 74BA 48 KB
19 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 7101
date: Fri, 15 Oct 2021 14:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 15 Oct 2021 16:46:57 GMT

POST
H2 200 view...l5ncf.p6d5k4
rumble.com/l/ Frame 74BA 35 B
191 B 120ms
119ms Ping
image/gif 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...l5ncf.p6d5k4?p=2.3&r=89408159&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=275

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 Hamilton, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://rumble.com/embed/vl5ncf/?pub=hw409
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 15 Oct 2021 16:45:18 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A5E4 369 KB
123 KB 82ms
37ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: w3.cdn.anvato.net
URL: https://w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/scripts/anvplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2c3fee87756e3b9ec4d7e70bda112774ba857c5004b4a41a50fac001948c30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125411
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Fri, 15 Oct 2021 16:45:18 GMT

POST
H2 200 969426 Show response
tkx.apis.anvato.net/rest/v2/mcp/video/ Frame A5E4 15 KB
15 KB 34ms
33ms XHR
application/x-javascript 107.178.255.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tkx.apis.anvato.net/rest/v2/mcp/video/969426?anvack=0rQpa1dmBaTmKnxhdU23bYaHlvzRBAPp&anvtrid=wb768a31f53c0ac52fa30a2ef9f2c197&rtyp=fp&X-Anvato-Adst-Auth=76r7aBaTP0JldFdAoYWeZ37dL6OGwu4Og5ZyHYXeJQYK9o8CvUury070IgYgoxzHsRQe2BwAAGgPqRnX1WyxAw%3D%3D
Requested by: Host: w3.cdn.anvato.net
URL: https://w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.255.150 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 150.255.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 714c05a93c94fa389d4467378c09d187adb3701d832506352fef3576b7ff0969

Request headers

Referer: https://w3.cdn.anvato.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 15 Oct 2021 16:45:18 GMT
via: 1.1 google
server: nginx
content-type: application/x-javascript
access-control-allow-origin: https://w3.cdn.anvato.net
access-control-allow-credentials: true
x-onetkx-ver: onetkx-prod-2~4337263-1.0~98303a8-1.0~europe-west1-c~579615235
alt-svc: clear

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1546 284 B
536 B 105ms
24ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET csync
sync.adtelligent.com/ Frame EA92 0
0

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 74BA 4 B
85 B 34ms
34ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=970859142&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.vl5ncf%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Whistleblower%3A%20FEMA%20Is%20Replacing%20%22UnVaxxed%22%20Doctors%20%26%20Nurses%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&_u=YEBAAEABAAAAAC~&jid=1062480988&gjid=621644359&cid=1386414719.1634316318&tid=UA-44331619-1&_gid=671437570.1634316318&_r=1&_slc=1&z=357784220

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 74BA 35 B
132 B 24ms
24ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=970859142&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.vl5ncf%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Whistleblower%3A%20FEMA%20Is%20Replacing%20%22UnVaxxed%22%20Doctors%20%26%20Nurses%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&ec=Embed&ea=View&el=vl5ncf&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1386414719.1634316318&tid=UA-44331619-1&_gid=671437570.1634316318&z=1836529269

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vl5ncf/?pub=hw409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 17:37:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83281
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 master.m3u8 Show response
dcs-vod.apis.anvato.net/vod/p/ Frame A5E4 326 B
534 B 143ms
45ms XHR
application/json 35.186.200.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-vod.apis.anvato.net/vod/p/master.m3u8?encp=PLoHYQCTCw_drs1PDkKHFg:PCQ3IbiT-Tu6J1JSb0V8kmwOzDBMNmFD11tp5HoxayFKml59mPW03IvoLWjrVY6edLl7EDAg5hO31EwZFeIIKNr4PdCipm7rvgbKaRTvDKcAOnN5zyDBhyTBKVWO3wCfVNigmufCGYWbuSlVsyBSszbKAN3JEfwrZXzpcGmqUpAI_Munbb2KHpPL2C3xQPszb12nkv9rZBRvd0pAbj3HasZHbGIOWUVKJmatfjTmB7sFypgOmCEX40-t-U4QZSiGPrCrTg-RykvGW_9-rv9tc7fQB0GLjbHeNJnQOajxzD4Zqw6JJ8DrTJlDsi6BZ9TD5EKuJlzeZ6kIOWxU0NrUJYfkPEQAXCsUXjNEZx-liDw3OuXFP_2-Y3tnYHkqhIVK6SCWro70aQrGe_tQqRVXy__rdXfKiLM7_F4MQgFc2_-NkAI6su0BLNdE9Nj08lugHziEnZbsyceQrCuUhNXv2yJreElPp217RxIw-r62zB2KenjVY8Y5YRfvSR4KtcAXOmhksZlexV9i1eGj_d5y60sQm_0uV4_PYs4fJZ9R4pYnk5MSydUQGHXm6FGk5AZlQ3z8goQkg3-P5HmoaWdRFCFDykBBN9tQ3R2BsPzIBegT__pumZhRl_8NvXolEPHyqEf5g-hy6vqLGZGTy-YHS8RPC9zk5vPt9TV73PXjrYeTgrqtEqjwrSltvJWfgp_cCRSDM_1mbgBiF4rkS6IV5fw2MpKlWfvXhKY0Zt7TOIcEy1WvRODGgXiMYLf1pDql_wxnFT2zIZ-yctuygeyolplfzlNmSq4BV44gu46Cqck4KAW6qfNm-_RwhhHOJYUahB9-hxh-w_WZAZGl3CZW_8h66fN3cKbqLc7ntilpiu5f1rdINeJL937Zv_soEpg50g2hJFisOOP7M6werTxYsjpECfr8v3gvGZlAQKeG5vlaFchtTXN2bSIagfO7iUpLKCqmai9JbFPZnkSDSwR4VQ&anvtrid=wb768a31f53c0ac52fa30a2ef9f2c197&anvauth=tb=0~te=1634316408~sgn=f80ca2148fe3d7e258a2a58e8f8664899ec804107459aa46f0619278d2546e07&t=1634316318&_vpng=0
Requested by: Host: w3.cdn.anvato.net
URL: https://w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.200.149 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.200.186.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 19439c265a625ab421ec3945e2723f9dae79606226462ee5ea73a67589c37630

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:18 GMT
content-encoding: gzip
x-anv-auth-status: valid
server: nginx
access-control-allow-origin: https://w3.cdn.anvato.net
x-anv-ver: dcs-vod-prod~180ad83-1.0~~europe-west3-a~577441889
vary: Accept-Encoding
vmap-check-d-tracking: 0
vmap-check-t-tracking: 0
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 236
via: 1.1 google

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1634316318093&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634316318093&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=

64 B
328 B

30ms
29ms

Image
image/gif

13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634316318093&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:18 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: GwQoUTzLOJ920hxopvr_qcIo_k1E12kj0P_QNrqsUj-rnq63Inko7w==

Redirect headers

date: Fri, 15 Oct 2021 16:45:18 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634316318093&ns_c=UTF-8&cv=3.5&c8=Before%20It's%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
content-length: 217
x-amz-cf-id: IzXWAKmaMGQbe3ADKKLCZUgs95_Zycr7jBUBq6kN2whrZIL_39VfkQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 74BA 4 B
84 B 34ms
34ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-44331619-1&cid=1386414719.1634316318&jid=1062480988&gjid=621644359&_gid=671437570.1634316318&_u=YEBAAEAAAAAAAC~&z=1645222640

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 15 Oct 2021 16:45:18 GMT
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ Frame 74BA 42 B
107 B 36ms
34ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-44331619-1&cid=1386414719.1634316318&jid=1062480988&_u=YEBAAEAAAAAAAC~&z=1280855574

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame 74BA 42 B
107 B 34ms
33ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-44331619-1&cid=1386414719.1634316318&jid=1062480988&_u=YEBAAEAAAAAAAC~&z=1280855574

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:45:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 3A31 113 B
359 B 382ms
81ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5ba7be96/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4da4be236c0c65d6e54eef381dc4d485f246f0b0393f228272191b81e83f117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 3A31 29 B
609 B 48ms
10ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5ba7be96/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:38:00 GMT
x-content-type-options: nosniff
age: 438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Oct 2021 16:53:00 GMT

GET
H2 200 anvatoextension.js Show response
w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/lib/ Frame A5E4 288 B
481 B 12ms
12ms Script
application/javascript 35.241.40.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/lib/anvatoextension.js
Requested by: Host: w3.cdn.anvato.net
URL: https://w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.69 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.40.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b510a882c697c69a11442c364a3e878dd12729f27c01c3b8054c643456034932

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiOTY5NDI2IiwiYW52YWNrIjoiMHJRcGExZG1CYVRtS254aGRVMjNiWWFIbHZ6UkJBUHAiLCJzaGFyZUxpbmsiOiJodHRwczovL3d3dy5rdHZ1LmNvbS92aWRlby85Njk0MjYiLCJwbHVnaW5zIjp7ImN1c3RvbUNvbXNjb3JlUGx1Z2luIjp7ImMzIjoiS1RWVSBGT1ggMiIsImM2IjoiZnRzIiwic2NyaXB0IjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvQ3VzdG9tQ29tc2NvcmVQbHVnaW4uanMiLCJzZGsiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9jb21zY29yZS9jb21zY29yZS5qcyIsImNsaWVudElkIjoiNjA0MjkwMSIsIm5zX3N0X3N0IjoiS1RWVSIsInRpdGxlIjoiRm9ybWVyIHByZXNpZGVudCBEb25hbGQgVHJ1bXAgaG9sZHMgYSByYWxseSBpbiBDdWxsbWFuLCBBbGFiYW1hIiwibnNfc3RfY2kiOiI5Njk0MjYifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJrdHZ1IiwiYXBwX25hbWUiOiJrdHZ1LmNvbSIsImFwcF9wbGF0Zm9ybSI6IndlYiIsImFwcF92ZXJzaW9uIjoiMS4wLjAiLCJzZWdtZW50SWQiOiJvZ1hUZndpSzhUQXJsSFF6cEFBNmN5MmcySEp4bHUzTyIsInBsYXllclVuaXF1ZUlkIjoicGxheWVyLTEzNTBhY2UwLTg3NGQtNGZlZC1hMmE4LWU0MGMzYTY5NDhhNiJ9LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2FaXU9LzYzNzkwNTY0L2t0dnVfZm94MiZkZXNjcmlwdGlvbl91cmw9W3BsYWNlaG9sZGVyXSZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9JnRmY2Q9MCZucGE9MCZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnN6PTEwMDF4MTAwMSZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmNtc2lkPTI1NDEyOTgmdmlkPTk2OTQyNiIsImtleVZhbHVlcyI6eyJzdHlwZSI6WyJuZXdzIl0sInB0eXBlIjoidmlkZW8tY2xpcCIsImMiOlsibmV3cyIsInNlZW4tb24tdHYiLCJkb25hbGQtai10cnVtcCIsInBvbGl0aWNzIl0sImQiOiJ3ZWIiLCJ1c19wcml2YWN5IjoiMS0tLSJ9fX0sImhlYWx0aEFuYWx5dGljcyI6e319LCJodG1sNSI6dHJ1ZSwiZm9ybWF0IjoibTN1OCIsInRva2VuIjoiZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SjJhV1FpT2lJNU5qazBNallpTENKcGMzTWlPaUl3Y2xGd1lURmtiVUpoVkcxTGJuaG9aRlV5TTJKWllVaHNkbnBTUWtGUWNDSXNJbVY0Y0NJNk1UWXlPVGd5T1RReU9Td2lhV0YwSWpveE5qSTVPREkxT0RJNWZRLkN1SGtHM25oSmJGTGF6b3pURWhicjdTYzZPd1JuV05YaXBLZ001cHJvZXMifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 12:34:24 GMT
content-encoding: gzip
age: 15054
x-guploader-uploadid: ADPycduiVwvIYvYcwVeOyCamo2DYDFPdj0scTPhqrvFdVEcU0kmKDlaJBfsyWk72jpDCP_pDO46Jc9WvAdiFXozo7vA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 205
last-modified: Wed, 11 Aug 2021 07:18:04 GMT
server: UploadServer
etag: "c100fe91dfae886342ba1e0dc9bc9b8d"
x-goog-hash: crc32c=MuOyEQ==, md5=wQD+kd+uiGNCuh4NybybjQ==
x-goog-generation: 1628666284228095
access-control-allow-origin: *
cache-control: public, max-age=21600,no-transform
x-goog-stored-content-length: 205
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 15 Oct 2021 18:34:24 GMT

GET
H2 200 bridge3.485.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame A97F 577 KB
190 KB 12ms
11ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.485.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://w3.cdn.anvato.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 193945
date: Sat, 09 Oct 2021 00:30:48 GMT
expires: Sun, 09 Oct 2022 00:30:48 GMT
last-modified: Sat, 09 Oct 2021 00:23:47 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 576870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame A5E4 44 KB
17 KB 95ms
29ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Oct 2021 16:45:18 GMT

GET
H2 200 healthanalytics.js Show response
w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/experiments/ Frame A5E4 52 B
355 B 16ms
15ms Script
application/javascript 35.241.40.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/experiments/healthanalytics.js
Requested by: Host: w3.cdn.anvato.net
URL: https://w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.69 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.40.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e0c22c3a0050e50b95afee5c0dc7785e864d2500f1685aff40d200ab3f91df05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiOTY5NDI2IiwiYW52YWNrIjoiMHJRcGExZG1CYVRtS254aGRVMjNiWWFIbHZ6UkJBUHAiLCJzaGFyZUxpbmsiOiJodHRwczovL3d3dy5rdHZ1LmNvbS92aWRlby85Njk0MjYiLCJwbHVnaW5zIjp7ImN1c3RvbUNvbXNjb3JlUGx1Z2luIjp7ImMzIjoiS1RWVSBGT1ggMiIsImM2IjoiZnRzIiwic2NyaXB0IjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvQ3VzdG9tQ29tc2NvcmVQbHVnaW4uanMiLCJzZGsiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9jb21zY29yZS9jb21zY29yZS5qcyIsImNsaWVudElkIjoiNjA0MjkwMSIsIm5zX3N0X3N0IjoiS1RWVSIsInRpdGxlIjoiRm9ybWVyIHByZXNpZGVudCBEb25hbGQgVHJ1bXAgaG9sZHMgYSByYWxseSBpbiBDdWxsbWFuLCBBbGFiYW1hIiwibnNfc3RfY2kiOiI5Njk0MjYifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJrdHZ1IiwiYXBwX25hbWUiOiJrdHZ1LmNvbSIsImFwcF9wbGF0Zm9ybSI6IndlYiIsImFwcF92ZXJzaW9uIjoiMS4wLjAiLCJzZWdtZW50SWQiOiJvZ1hUZndpSzhUQXJsSFF6cEFBNmN5MmcySEp4bHUzTyIsInBsYXllclVuaXF1ZUlkIjoicGxheWVyLTEzNTBhY2UwLTg3NGQtNGZlZC1hMmE4LWU0MGMzYTY5NDhhNiJ9LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2FaXU9LzYzNzkwNTY0L2t0dnVfZm94MiZkZXNjcmlwdGlvbl91cmw9W3BsYWNlaG9sZGVyXSZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9JnRmY2Q9MCZucGE9MCZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnN6PTEwMDF4MTAwMSZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmNtc2lkPTI1NDEyOTgmdmlkPTk2OTQyNiIsImtleVZhbHVlcyI6eyJzdHlwZSI6WyJuZXdzIl0sInB0eXBlIjoidmlkZW8tY2xpcCIsImMiOlsibmV3cyIsInNlZW4tb24tdHYiLCJkb25hbGQtai10cnVtcCIsInBvbGl0aWNzIl0sImQiOiJ3ZWIiLCJ1c19wcml2YWN5IjoiMS0tLSJ9fX0sImhlYWx0aEFuYWx5dGljcyI6e319LCJodG1sNSI6dHJ1ZSwiZm9ybWF0IjoibTN1OCIsInRva2VuIjoiZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SjJhV1FpT2lJNU5qazBNallpTENKcGMzTWlPaUl3Y2xGd1lURmtiVUpoVkcxTGJuaG9aRlV5TTJKWllVaHNkbnBTUWtGUWNDSXNJbVY0Y0NJNk1UWXlPVGd5T1RReU9Td2lhV0YwSWpveE5qSTVPREkxT0RJNWZRLkN1SGtHM25oSmJGTGF6b3pURWhicjdTYzZPd1JuV05YaXBLZ001cHJvZXMifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:31:51 GMT
content-encoding: gzip
age: 807
x-guploader-uploadid: ADPycduNb4LpemLiRWhMA0wt_txNcvUN4h4idA6rZKYBIMqVZrrmXUwSuJsFbImgb9VUP4CNo9FNh0yapKkZoToMxcM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 82
last-modified: Wed, 11 Aug 2021 07:18:05 GMT
server: UploadServer
etag: "caadd0ac3096a6a1f8a2a478a7a80fcd"
x-goog-hash: crc32c=l8dSvg==, md5=yq3QrDCWpqH4oqR4p6gPzQ==
x-goog-generation: 1628666285289529
access-control-allow-origin: *
cache-control: public, max-age=21600,no-transform
x-goog-stored-content-length: 82
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 15 Oct 2021 22:31:51 GMT

GET
DATA 200
OK truncated
/ Frame A5E4 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame A5E4 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 993c58ad3f0e7d5344de2eb67b12ea9b747a6200c990b88e0b7922a211966bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 F72C4A18408F408CA67F7D0EE794D563.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/iupl/F72/C4A/ Frame A5E4 155 KB
155 KB 76ms
13ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/iupl/F72/C4A/F72C4A18408F408CA67F7D0EE794D563.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=SMqGHV9kgrn2H4e1eCZTB08CFKQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c5367117f6644ddc7dc8b2849fed6a4fea0d15871326384f011711e4f0df2b40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:43 GMT
age: 2375
x-guploader-uploadid: ADPycduJOb2i13-9N90hjjVQGDeDedq-gGdQLxKvnrNxYv9Fd7ana1BOKxrK8-fOip2-OGL_Aqsad_lBt9m770RQci4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 158399
last-modified: Sun, 22 Aug 2021 02:31:33 GMT
server: UploadServer
etag: "14cc00cfc815dbc784e2e396ef4407ab"
x-goog-hash: crc32c=WSBFZw==, md5=FMwAz8gV28eE4uOW70QHqw==
x-goog-generation: 1629599493663414
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=315360000
x-goog-stored-content-length: 158399
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 15 Oct 2022 16:05:43 GMT

GET
H2 200 remote.js Show response
www.youtube.com/s/player/5ba7be96/player_ias.vflset/de_DE/ Frame 3A31 93 KB
29 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5ba7be96/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5ba7be96/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb1385e0d695aca41f8823c35a408992fc2920ddf9e4176e96c600c722800f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HNSnlQVj29E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 15:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29585
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 00:15:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Oct 2022 15:53:55 GMT

GET
H2 200 oxEUphArY6bu9FpCZ-BKOupU0z8DO5_RvvYOZsNpTY8.js Show response
www.google.com/js/th/ Frame 3A31 35 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/oxEUphArY6bu9FpCZ-BKOupU0z8DO5_RvvYOZsNpTY8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5ba7be96/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a31114a6102b63a6eef45a4267e04a3aea54d33f033b9fd1bef60e66c3694d8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13392
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:30:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 14 Oct 2022 05:04:50 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/5ba7be96/player_ias.vflset/de_DE/ Frame 3A31 25 KB
7 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5ba7be96/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5ba7be96/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa072339bbda2deff03ba6043a182680644ff416d1f9aa090a93ca8fe1804c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HNSnlQVj29E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 15:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7365
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 00:15:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Oct 2022 15:55:14 GMT

GET
DATA 200
OK truncated
/ Frame 3A31 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLT-JaNxt7HGMDE7VpjoUJLM1VJs9_m-Br2T0tQ9=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3A31 3 KB
3 KB 57ms
10ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLT-JaNxt7HGMDE7VpjoUJLM1VJs9_m-Br2T0tQ9=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HNSnlQVj29E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a143c42f95095aca97582a245c7f7d776bebeebd0dd137806d34677e83845ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 14:06:23 GMT
x-content-type-options: nosniff
age: 9535
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2793
x-xss-protection: 0
server: fife
etag: "v15"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 21 Sep 2021 13:05:51 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/HNSnlQVj29E/ Frame 3A31 41 KB
41 KB 324ms
23ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/HNSnlQVj29E/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HNSnlQVj29E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26b25390571b42b7ebda78da3874a04e00100a2f03cdc632e583ed7afc01b583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:40:48 GMT
x-content-type-options: nosniff
age: 270
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42293
x-xss-protection: 0
server: sffe
etag: "1634267098"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 15 Oct 2021 16:45:48 GMT

GET
H2 200 CustomComscorePlugin.js Show response
static.foxtv.com/static/orion/scripts/core/utils/comscore/ Frame A5E4 6 KB
2 KB 138ms
28ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.foxtv.com/static/orion/scripts/core/utils/comscore/CustomComscorePlugin.js
Requested by: Host: w3.cdn.anvato.net
URL: https://w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0cfc4faa02093bc73a43a91a4b39b8e8d446d9f0fbd5b2d2233f3738545db20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:18 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 15:10:06 GMT
server: AmazonS3
x-amz-request-id: 10WPA7CY86SE9FM6
etag: "8a2a9a3862cf47492531ae97956c7230"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=198932
server-timing: cdn-cache; desc=HIT, edge; dur=8
accept-ranges: bytes
content-length: 1872
x-amz-id-2: 21WCIDwhYXrjuCUWefpTp7oZdHHM7EjBZVe5COY+s5f75AmYdQKNFtPq3JfCUHGxmKa/uwyYBdA=
expires: Mon, 18 Oct 2021 00:00:50 GMT

GET
H2 200 F72C4A18408F408CA67F7D0EE794D563.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/iupl/F72/C4A/ Frame A5E4 155 KB
155 KB 10ms
10ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/iupl/F72/C4A/F72C4A18408F408CA67F7D0EE794D563.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=SMqGHV9kgrn2H4e1eCZTB08CFKQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c5367117f6644ddc7dc8b2849fed6a4fea0d15871326384f011711e4f0df2b40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:43 GMT
age: 2375
x-guploader-uploadid: ADPycduJOb2i13-9N90hjjVQGDeDedq-gGdQLxKvnrNxYv9Fd7ana1BOKxrK8-fOip2-OGL_Aqsad_lBt9m770RQci4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 158399
last-modified: Sun, 22 Aug 2021 02:31:33 GMT
server: UploadServer
etag: "14cc00cfc815dbc784e2e396ef4407ab"
x-goog-hash: crc32c=WSBFZw==, md5=FMwAz8gV28eE4uOW70QHqw==
x-goog-generation: 1629599493663414
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=315360000
x-goog-stored-content-length: 158399
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 15 Oct 2022 16:05:43 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3A31 4 KB
2 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5ba7be96/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Oct 2021 16:45:18 GMT

GET
H2 204 generate_204
www.youtube.com/ Frame 3A31 0
39 B 17ms
17ms Image
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?9sOBYA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/HNSnlQVj29E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HNSnlQVj29E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/93/ Frame 3A31 52 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/93/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 07:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15346
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 17:05:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Sat, 16 Oct 2021 07:03:57 GMT

GET
H2 200 CustomSegmentPlugin.js Show response
static.foxtv.com/static/orion/scripts/core/utils/ Frame A5E4 19 KB
5 KB 16ms
16ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.foxtv.com/static/orion/scripts/core/utils/CustomSegmentPlugin.js
Requested by: Host: w3.cdn.anvato.net
URL: https://w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5967628d2d5bb6822e1124dcca900a93c80075e33c8040940790b2f46b20de8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:18 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 15:09:57 GMT
server: AmazonS3
x-amz-request-id: XZ00FJ7KPSHN2DZA
etag: "add90ef054c86edc4a9b76441a6b57bb"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=366005
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 4612
x-amz-id-2: IypCRDLF0noLJmFUpCr4sh9PsRTW5BjM4oxaGpzrpKtTIap9ORF9CUr4ROYre+R0mkQ5zQVirYc=
expires: Tue, 19 Oct 2021 22:25:23 GMT

GET
H2 200 icon Show response
onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/ 44 B
628 B 353ms
320ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c657b2a1-78f5-44e4-ba70-80cf6ef17897
x-runtime: 0.006683
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e51140cdcd044ad76335646936ec5319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7200
cf-ray: 69ea845faa934345-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 15 Oct 2021 18:45:18 GMT

GET
H2 200 comscore.js Show response
static.foxtv.com/static/orion/scripts/core/utils/comscore/ Frame A5E4 168 KB
49 KB 354ms
354ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.foxtv.com/static/orion/scripts/core/utils/comscore/comscore.js
Requested by: Host: w3.cdn.anvato.net
URL: https://w3.cdn.anvato.net/player/prod/v3/45CMh4fp0a/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36ce9b6c42175b2847fa523ba900e340af3c252b783107a03de061d4420dcd97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:18 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 15:10:11 GMT
server: AmazonS3
x-amz-request-id: MW56S6PG0E491Q3Y
etag: "31e5df3929057220a34878cd12db5b52"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=543426
server-timing: cdn-cache; desc=HIT, edge; dur=327
accept-ranges: bytes
x-amz-id-2: kaD/EQ7cmNFq58Dh01FF200CwP21vITpg2u2DPmLGUfQYjVXbDRl5lKrbgl+UcBaB8u1mQYyhsY=
expires: Thu, 21 Oct 2021 23:42:24 GMT

GET
H2 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
2 KB 38ms
37ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/v3/top-logo.png
pragma: no-cache
cookie: SERVERID=s3; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H; b4in-uuid=15d04827-f336-4c94-b6ae-aaf7f86d9dcf; _ga=GA1.2.815576447.1634316317; _gid=GA1.2.872783037.1634316317; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317473%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317476%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:45:19 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 395965
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 02:45:54 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 69ea8461bf594e80-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M0.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 105 KB
105 KB 12ms
12ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M0.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=HpaWL1jOp88_JGcKudK-5mxFTw0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fab98c261194786fd92814924e1902b935c50769312f5cc698d16e669d021563

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdsv24GMEw-_7ys45Lw53UgQAiHqdzzdt9JfNj8ISLjCOJBT84Fi2b1SXw5sdESXryoKqvHphXfEwSHOcWqDOlY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 107088
last-modified: Sun, 22 Aug 2021 02:46:01 GMT
server: UploadServer
etag: "bf4985b317c8ec3b9cc1b85ad5b2300a"
x-goog-hash: crc32c=IcZYtw==, md5=v0mFsxfI7Ducwbha1bIwCg==
x-goog-generation: 1629600361895358
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 107088
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M1.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 117 KB
117 KB 9ms
8ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M1.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=RYAkNBIivkEtWJzPqiK0DRC9WnA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 933241352813cea4388a61fa5c5e527a43b0700e6fc7861c2c122478b9bc1112

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:29:51 GMT
age: 928
x-guploader-uploadid: ADPycds8mpwg4s8Fj95BJP1vnhtNAPq7mnIx852QPB-sPHvwZ14sVATkxiv3RKy3xUop3ojFKVS2zJbEISP3_ZuKbVc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 119475
last-modified: Sun, 22 Aug 2021 02:46:02 GMT
server: UploadServer
etag: "6538509ea8761b88914cded44a67d9d0"
x-goog-hash: crc32c=AHbrvg==, md5=ZThQnqh2G4iRTN7USmfZ0A==
x-goog-generation: 1629600362027220
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 119475
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:29:51 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M2.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 116 KB
117 KB 26ms
26ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M2.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=hF_lX21H6AF5hZFWxiOPPxVLTqM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bb87e924704dd5655251ee84e0d98d92513191a4c3f14bbb0ae735022d7852e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:43:58 GMT
age: 81
x-guploader-uploadid: ADPycdvtDrbP9EAA2iE2-lQYjPfz-n7SgVokQ2EK1Nyeh6GQbAO_tcguIxmVvIXOyB6GfoYPABg9tXFlD7t9WB7NwjLK4gI7VQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 119084
last-modified: Sun, 22 Aug 2021 02:46:02 GMT
server: UploadServer
etag: "9949c457e46512f1a0f76dee853ba9ee"
x-goog-hash: crc32c=so9frQ==, md5=mUnEV+RlEvGg923uhTup7g==
x-goog-generation: 1629600362186556
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 119084
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:43:58 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M3.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 116 KB
116 KB 23ms
23ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M3.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=PBTgJFuAjnysNpLr87H_dbHojdY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2dc756fde9b873e2b7ce378823812559afa5a8f2663afec5d937ebd32772d3ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdscD0x-Bt9tkGoyMjSMrLmXGzKgedgk8bQaBOznvs4i0AtQ3fjFfP5enmbzcbMQ2doCKt8q-leFT6-drnhspQA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 118736
last-modified: Sun, 22 Aug 2021 02:46:02 GMT
server: UploadServer
etag: "89ac07c5cdbbc3da62ac99ca62248644"
x-goog-hash: crc32c=CLXBUQ==, md5=iawHxc27w9pirJnKYiSGRA==
x-goog-generation: 1629600362350186
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 118736
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M4.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 118 KB
118 KB 57ms
57ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M4.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=CesMQ9uSxr9Ma28zsZb8-KWdHY8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d21fb0b5c1bdd8e14bd0af05f442b8f7d5171548aefaffe7d76cc521f579ee55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdt8CN-DjacVTAUUvJ5Z7YAh-DDn59zF-8FAVEAUsospq8UMSpRDCU4fJu0K0v37I-LSrG6iP0h9qbYIMSSNlARXqZyWaw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 120818
last-modified: Sun, 22 Aug 2021 02:46:02 GMT
server: UploadServer
etag: "937057e4f747f8315a6654599bba5d2e"
x-goog-hash: crc32c=A98jpQ==, md5=k3BX5PdH+DFaZlRZm7pdLg==
x-goog-generation: 1629600362479964
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 120818
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M5.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 119 KB
119 KB 20ms
20ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M5.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=5rG5h4TVXxXd3i6M6pujfCrFGX0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0bd0f485abdfacea49805c430f93021ba49ff5d34fb1637f112a66a2c7ae766e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdtzW3gt9AXn6ADMA6YB6ZoM5AKl9E1FTwNgN35Kkd5IApGSQB0Z4dHq4TVIKoqnDk43NTQjOV5zKHzjENkEQio
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 121804
last-modified: Sun, 22 Aug 2021 02:46:02 GMT
server: UploadServer
etag: "1b5b4819eafa5cda21f3360972a85f6f"
x-goog-hash: crc32c=tvIC9w==, md5=G1tIGer6XNoh8zYJcqhfbw==
x-goog-generation: 1629600362598527
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 121804
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M6.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 118 KB
118 KB 53ms
53ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M6.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=R_sVzhbRfkUOM528ParJJnxUmTA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b03ceb31729d92ab64d2bbffe9effada79296dcdc2af0f9e9f2a6ce810d47837

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycds1KqE46fSr8GQksJsrdnBmDak7XzjN_o2MSaW_KXh-Q1bkUbfqHsxv-9xmnir4F-wRxGM8Kk6rSyX0egVXSu0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 120378
last-modified: Sun, 22 Aug 2021 02:46:02 GMT
server: UploadServer
etag: "cda6c9a28ae28da44e8daa8e74b8529d"
x-goog-hash: crc32c=CjVCew==, md5=zabJoorijaROjaqOdLhSnQ==
x-goog-generation: 1629600362758485
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 120378
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M7.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 117 KB
117 KB 47ms
47ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M7.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=tT5TtTbTcVv3fpZnbQKNEqWoWQY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 36c9211b74cd2826b96aec9b873fd10991d5df0450761dfccef2e8099ade8ccd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdv392xdVh0ApkTabhuq_99x1OBTayq5S-47FPIxaC72Ux83OTV2B3OpH8iDsFM46twIAF6BTzx_KJrGYSe_huU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 119783
last-modified: Sun, 22 Aug 2021 02:46:02 GMT
server: UploadServer
etag: "90e19dd0fce3db928784ce8103943ce0"
x-goog-hash: crc32c=TLq0zQ==, md5=kOGd0Pzj25KHhM6BA5Q84A==
x-goog-generation: 1629600362870564
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 119783
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M8.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 115 KB
115 KB 49ms
49ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M8.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=_TekGMouE2sEZ3TWGUwgEYQQcDU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2441d6b6213d79a5f60dcf39c30c45acff60aa7a8fdd6142410d572ef5341ce2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdt2QEU1VN8qCMx6CdCuM4_S1dmr_m0uMkgVfD2qRI8bJojcqGeoQ0Ac8vWQflaEz-xJBDT4Tkgfy5STpanzv9s
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 117918
last-modified: Sun, 22 Aug 2021 02:46:03 GMT
server: UploadServer
etag: "f0e3ecc28a30f89a781631d3503d4146"
x-goog-hash: crc32c=VY608A==, md5=8OPswoow+Jp4FjHTUD1BRg==
x-goog-generation: 1629600363004797
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 117918
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M9.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 115 KB
116 KB 28ms
27ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M9.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=py9UnUf6KPGduCUzrdsiqKFV5Yw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 577700ff34c34cd8f0452ffc0628e45b26dabf75819ef814077a3d61a8a8e694

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:52:41 GMT
age: 3158
x-guploader-uploadid: ADPycdvwHw2l3OENm275be3JdbH1qOGyz4wV9T6BJYjFXJk3SEzcYr0-BxO5qbhzrpWv1jAmZ0ABR-rwVdvhNKxA3QE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 117963
last-modified: Sun, 22 Aug 2021 02:46:03 GMT
server: UploadServer
etag: "02e9bd1ca9cf14633127542342308a9a"
x-goog-hash: crc32c=54WHhw==, md5=Aum9HKnPFGMxJ1QjQjCKmg==
x-goog-generation: 1629600363130135
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 117963
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 15:52:41 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M10.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 115 KB
115 KB 30ms
30ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M10.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=W2bAefNlZxWD9P4awYWL5Q-czTI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a5272dee7041e759d7228981ab5137623de1d03a858f0ea4a337afa63c1a3cfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycduatAaJZ28HwHjtFLv3shdkpCS8f50t-QtwUSxbv1GlsBQyDW-FuR0vzGemGPJu1IaviljwF1PjL4nJEBd1vEs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 117509
last-modified: Sun, 22 Aug 2021 02:46:03 GMT
server: UploadServer
etag: "e1f2beea2e187de933b9f69e248764bd"
x-goog-hash: crc32c=YKbmfQ==, md5=4fK+6i4YfekzufaeJIdkvQ==
x-goog-generation: 1629600363267093
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 117509
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M11.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 114 KB
115 KB 33ms
33ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M11.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=0u1vXsIi3e9Pxo6EiVAL93jicgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 70e917bd06783306b3318dbaeeb9100a88a3af46711791787808d6cdad4cb43e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdvV_r5QWIjL14DpOjVfsRDwKxMdJDT0Xt3wIk_X1r3TmD8OCBmn6Ulkv1oMxb5y24Kc-USyNmQg1Gzgmj8-zlkOL1qs0w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 116971
last-modified: Sun, 22 Aug 2021 02:46:03 GMT
server: UploadServer
etag: "95fb88adc483dae00feed507cdb2e812"
x-goog-hash: crc32c=e6BUoA==, md5=lfuIrcSD2uAP7tUHzbLoEg==
x-goog-generation: 1629600363387644
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 116971
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M12.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 115 KB
115 KB 36ms
35ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M12.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=vK7I_9SHZWctjtQjkYRc1VFySl4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b1406d6be64a707ba1513c391c456da06e82a312febd2ea20ded6993b99c709

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdsm-u98uZKpYxbUUfRqIdaLIukwr-9DuF6H4HJW0Ep_C7ZUWPMnDjAaOuaf4VqyeaurETMUV772a8-rl3suzfw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 117633
last-modified: Sun, 22 Aug 2021 02:46:03 GMT
server: UploadServer
etag: "983b41a7d03861e78dc0835767e29aea"
x-goog-hash: crc32c=CGq6Ww==, md5=mDtBp9A4YeeNwINXZ+Ka6g==
x-goog-generation: 1629600363559655
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 117633
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M13.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 115 KB
115 KB 57ms
56ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M13.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=c2MDmG4bj_9cj0k6zuCpyg41r2I
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b6dfb0d8457b773eb012351665a08467fed6153f6102e737f2ac326f7effb294

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdsHp_1jLvl64gvqiddmQbgVCRnZ-6W57Amxg1Kpzb7R0h5SKuzYN2ywlfGzxaROihAhgM6MUzDotOeRM3HvihY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 117282
last-modified: Sun, 22 Aug 2021 02:46:03 GMT
server: UploadServer
etag: "930b1283d767ea704e57236710ea5f88"
x-goog-hash: crc32c=94zELw==, md5=kwsSg9dn6nBOVyNnEOpfiA==
x-goog-generation: 1629600363686801
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 117282
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M14.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 115 KB
115 KB 60ms
59ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M14.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=WxltdDVMz7ganwI0qB0ioVeuarw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d10e3ebc6a353966012f5302b24cb61f670491737e0c6912ce8f0082c88b74c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdtoc7Tk_lXF4WqnDjBNGx7DvH5epMIiQrSZ1Z-Lyt4G3AU1FyOOFKKqDi9B_AB3V-h0DZsHwZ8KzW3bOADUj1A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 117896
last-modified: Sun, 22 Aug 2021 02:46:03 GMT
server: UploadServer
etag: "6785f1fc87c5e94735882e5e22b264f8"
x-goog-hash: crc32c=vN2rsw==, md5=Z4Xx/IfF6Uc1iC5eIrJk+A==
x-goog-generation: 1629600363798795
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 117896
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M15.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 105 KB
105 KB 63ms
62ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M15.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=NCInRjlJ8oDLfifGmWgviAEhW3I
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7e06c9bf7856c957b6d1f07a9b9f8ec45fe123b955c2936ac59fe63550782137

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdt0t1oCg13GqDQMu5_R0kymRTvJZ7cBsNF2VODnKiOLCA3zjNwxUozdG4so_c_QzT05jhQw6XOe4KZyBPwxR1A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 107616
last-modified: Sun, 22 Aug 2021 02:46:03 GMT
server: UploadServer
etag: "5978589d3f4eb781ae3e3a353271410b"
x-goog-hash: crc32c=GccdiA==, md5=WXhYnT9Ot4GuPjo1MnFBCw==
x-goog-generation: 1629600363923591
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 107616
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M00.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 148 KB
148 KB 66ms
65ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M00.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=AsWlprMDhmHqlOUwJyJS7gl3yVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 562258ef1d950184fabd1b575b9ea4bff58515cf172bf3a213893bbf6cf93ae5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:04:32 GMT
age: 2447
x-guploader-uploadid: ADPycdubuqYFs-0klQn8u4vTL_9c0YhDrzsiTX0dQQjLZKQ4iwIZc8AFWC9cpYCeMtLvd9gXj7ZxOkGjXazBF4fiLFE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 151158
last-modified: Sun, 22 Aug 2021 02:46:04 GMT
server: UploadServer
etag: "500719f2b66391f9c88b3a6af1dd4b28"
x-goog-hash: crc32c=aJxFXg==, md5=UAcZ8rZjkfnIizpq8d1LKA==
x-goog-generation: 1629600364054267
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 151158
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:04:32 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M01.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 152 KB
152 KB 69ms
68ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M01.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=FdVSdeECzhfRBozi2RvvENL0OHg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8f6359b88778808952e853bf3d733bf1cbeaa54b4b24b26482d6ff2508ee057b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdsFpxwDl1eKaERO0LPANMYgbftobmlmk3ewv7HEmzis0US80BTzUzsw4KQ8nihc4mAaHXN0QtJV5czK1VNBcQw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 155173
last-modified: Sun, 22 Aug 2021 02:46:04 GMT
server: UploadServer
etag: "51b048354f55f22aded51f7aa7df14e2"
x-goog-hash: crc32c=pefo7g==, md5=UbBINU9V8ire1R96p98U4g==
x-goog-generation: 1629600364170335
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 155173
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M02.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 148 KB
149 KB 84ms
83ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M02.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=ZvnJpn08zgwAXhdTOg9GCkxyNcs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 99f2683789fb798c3bda3f89b0ac4fcbdaac0d786303a27b94cc8ea962a64e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdukwxxT2lg0egkNhQhl1eEvFMO22z1hlSSkgcrG3WI288IaxJgIEBpJjxhXCKJLF-9JUL1W6TFDAxfs4RTcvOU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 151922
last-modified: Sun, 22 Aug 2021 02:46:04 GMT
server: UploadServer
etag: "45b178c8aff60bd69c8409dffde1d1e2"
x-goog-hash: crc32c=Q700MQ==, md5=RbF4yK/2C9achAnf/eHR4g==
x-goog-generation: 1629600364296956
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 151922
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-M03.jpg
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 145 KB
145 KB 86ms
85ms Image
image/jpeg 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-M03.jpg?Expires=1634319918&KeyName=mcpkey1&Signature=vH7XYJo-kawac6iMU8DoWbnHq9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 845ed5d5516754fab4edc23781a617ce150248cb9bef3962dcc964087029c317

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdsz3yCHmhIi4yUjllFixIBcUJMorR5ZGr1cvEUdzd8VP9iARpamRuHvwmB1JCw39lokofnlxKit-onBT63ana4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 148456
last-modified: Sun, 22 Aug 2021 02:46:04 GMT
server: UploadServer
etag: "d8273921ed9012a8c352c920e5cbb4d7"
x-goog-hash: crc32c=P6FI/w==, md5=2Cc5Ie2QEqjDUskg5cu01w==
x-goog-generation: 1629600364450487
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 148456
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-hi.bif
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 16 KB
16 KB 286ms
286ms Image
binary/octet-stream 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-hi.bif?Expires=1634319918&KeyName=mcpkey1&Signature=ulHmbw2yNF3TnQVhAz8wE2SGSjo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdu5a4zM8tlSyeLHS6Yw91Igx56ggEQKm6ae6b2AMIziVdlkiVUuGbQNsw0uu-nZqHX8C8G1Tl8xrmKrpOvmyKI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 26551670
last-modified: Sun, 22 Aug 2021 02:46:04 GMT
server: UploadServer
etag: "7901c1943d2f488b74c16c847d36842d"
x-goog-hash: crc32c=iqD4Zg==, md5=eQHBlD0vSIt0wWyEfTaELQ==
x-goog-generation: 1629600364857773
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 26551670
accept-ranges: bytes
content-type: binary/octet-stream
expires: Sat, 16 Oct 2021 16:05:45 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-med.bif
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 16 KB
16 KB 286ms
286ms Image
binary/octet-stream 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-med.bif?Expires=1634319918&KeyName=mcpkey1&Signature=4dwP2jmGoC7yBMVSM1QoiXIPFBI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:29:51 GMT
age: 928
x-guploader-uploadid: ADPycdufxvinxhDFE1G48omiSoaHR5FtPM6VG7YApv3D02woZ2pcmz6_sITfD-cdjcoQBGFtgK3zqOQGlgtjAsU3M_0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 10059040
last-modified: Sun, 22 Aug 2021 02:46:05 GMT
server: UploadServer
etag: "46dbc1dd85c2bb186b175b8fa6177340"
x-goog-hash: crc32c=YwXnuQ==, md5=RtvB3YXCuxhrF1uPphdzQA==
x-goog-generation: 1629600365108661
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 10059040
accept-ranges: bytes
content-type: binary/octet-stream
expires: Sat, 16 Oct 2021 16:29:51 GMT

GET
H2 200 528446D27D8C4DD2BD92A5375A7A0F60_pvw-lo.bif
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/ Frame A5E4 48 KB
48 KB 282ms
281ms Image
binary/octet-stream 35.241.22.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net/pvw/528/446/528446D27D8C4DD2BD92A5375A7A0F60_pvw-lo.bif?Expires=1634319918&KeyName=mcpkey1&Signature=CcsuX19gBFEFsidGxTmNiCSV3Aw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.22.139 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.22.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.cdn.anvato.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:05:45 GMT
age: 2374
x-guploader-uploadid: ADPycdudrKqgKYepmI8iPZVjnHN1ncxO1vb13b9T5lTrPDQr4WsHDaPT0zr0z6PXmkTRxcK2lYSo472DlfhroMCZeVIeZ48ypA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 3496114
last-modified: Sun, 22 Aug 2021 02:46:05 GMT
server: UploadServer
etag: "99d6edac9517c170319849a8466cf76e"
x-goog-hash: crc32c=dP5jDQ==, md5=mdbtrJUXwXAxmEmoRmz3bg==
x-goog-generation: 1629600365302319
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 3496114
accept-ranges: bytes
content-type: binary/octet-stream
expires: Sat, 16 Oct 2021 16:05:45 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3A31 28 B
321 B 31ms
30ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5ba7be96/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/HNSnlQVj29E
X-YouTube-Client-Version: 1.20211012.1.0
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtsLThIb3JKbDZSVSid4KaLBg%3D%3D
X-YouTube-Ad-Signals: dt=1634316318076&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C367%2C245&vis=1&wgl=true&ca_type=image&bid=ANyPxKoYTgDfeHASR2Ui7igbL65o0537MA5n0CNKRzRGDr6MJWGOw4PIwBe69c3gDoXcuFjpSduAjqt0XmZulCyptKttYu9DYg

Response headers

date: Fri, 15 Oct 2021 16:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 15 Oct 2021 16:45:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Verdicts & Comments Add Verdict or Comment

274 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s3
beforeitsnews.com/	1970-01-19 21:58:44	Name: __cflb Value: 04dToerZmTfQcfwEHt8ULGdndf17BZ47PcdgkWSV5H
beforeitsnews.com/	1970-01-20 21:58:36	Name: b4in-uuid Value: 15d04827-f336-4c94-b6ae-aaf7f86d9dcf
.mgid.com/	1970-01-19 21:58:38	Name: __cf_bm Value: BygT8AHVCsnCuFUt1SNnIk6tkFMVTVOyhGzTZW3a_GE-1634316316-0-Af2ja/M168MefieR2re/D/Np45DCMMZEwX1PUK8jYBkw8tCGvtE0kr4nRn0HIfcm8TITjV7slLtNxB2hPk/G1Pg=
.beforeitsnews.com/	1970-01-20 15:29:48	Name: _ga Value: GA1.2.815576447.1634316317
.beforeitsnews.com/	1970-01-19 22:00:02	Name: _gid Value: GA1.2.872783037.1634316317
.beforeitsnews.com/	1970-01-19 21:58:36	Name: _gat_gtag_UA_16055024_1 Value: 1
.google.com/	1970-01-20 02:22:07	Name: NID Value: 511=vbGNSvNk6Oa_YPrFeyVmnSL-MleM8z3Y2MmvJuHu0EqrSXGY1rhC-6vAH2-BJV6bM5OMN8vJILNIKXhlAuBagw561PrjM8ojF7KJf7BKT_qZEk0tcJe6okZfWeY1lRkYDPXXn09zjtIJFiBScAc2T5yfh5Z1PEBb-RwDqRVhOJ0
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: l9fgyRh_ycJ9
servicer.mgid.com/	1970-01-19 21:58:37	Name: __mglb Value: 2b804be0d04e992ad0d5ca78c8f32d46
beforeitsnews.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317473%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634316317476%7D%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ZOoyQXEqaXA
.youtube.com/	1970-01-20 02:17:48	Name: VISITOR_INFO1_LIVE Value: l-8HorJl6RU
.bidswitch.net/	1970-01-20 06:44:12	Name: c Value: 1634316317
.bidswitch.net/	1970-01-20 06:44:12	Name: tuuid_lu Value: 1634316317
.bidswitch.net/	1970-01-20 06:44:12	Name: tuuid Value: a897d2b1-829c-460f-960e-cee6dd9ef342
.e-volution.ai/	1970-01-19 22:18:45	Name: v_usr Value: b628be21-58ca-4885-b21d-9a0c0d34e96a
.creativecdn.com/	1970-01-20 06:44:12	Name: u Value: IKNqnOFMJ4o2AJvKzdqg
.creativecdn.com/	1970-01-20 06:44:12	Name: ts Value: 1634316317
.360yield.com/	1970-01-20 00:08:12	Name: tuuid Value: 5e0e09ee-6c85-42cb-b55d-ee2b3edac06a
.360yield.com/	1970-01-20 00:08:12	Name: tuuid_lu Value: 1634316317
.doubleclick.net/	1970-01-20 07:20:12	Name: IDE Value: AHWqTUk56I7BCuM4ckebApB5j1HWAdb4S1iHC3lYlVk79zO4d178OvYy5BZTFtJoRsM
.idealmedia.io/	1970-01-25 20:31:23	Name: muidn Value: l9fgyRh_ycJ9
.lentainform.com/	1970-01-25 20:31:23	Name: muidn Value: l9fgyRh_ycJ9
.adsrvr.org/	1970-01-20 06:44:12	Name: TDID Value: 90f0e81e-3914-4763-a0bb-f1b4e2094168
.adform.net/	1970-01-19 22:43:14	Name: C Value: 1
.adsrvr.org/	1970-01-20 06:44:12	Name: TDCPM Value: CAEYBSABKAIyCwjmr8PqvIGIOhAFOAE.
.pubmatic.com/	1970-01-20 00:08:12	Name: KRTBCOOKIE_466 Value: 16530-a897d2b1-829c-460f-960e-cee6dd9ef342
.pubmatic.com/	1970-01-19 22:41:48	Name: PugT Value: 1634316316
.pubmatic.com/	1970-01-20 00:08:12	Name: PUBMDCID Value: 3
.rumble.com/	1970-01-20 15:29:48	Name: _ga Value: GA1.2.1386414719.1634316318
.rumble.com/	1970-01-19 22:00:02	Name: _gid Value: GA1.2.671437570.1634316318
.rumble.com/	1970-01-19 21:58:36	Name: _gat_rumble Value: 1
.adform.net/	1970-01-19 23:25:00	Name: uid Value: 4369468153446208702
.scorecardresearch.com/	1970-01-20 15:15:24	Name: UID Value: 1IZXWAKMAMGQBE3ADKKLCZg1634316318
.mfadsrvr.com/	1970-01-20 15:29:48	Name: tuuid Value: c9161312-269c-4e04-860d-cea6977229ba
.mfadsrvr.com/	1970-01-20 15:29:48	Name: c Value: 1634316318
.mfadsrvr.com/	1970-01-20 15:29:48	Name: tuuid_lu Value: 1634316318
.mfadsrvr.com/	1970-01-20 15:29:48	Name: ssh Value: !mgid,1634316318
cm.mgid.com/	1970-01-19 22:41:48	Name: mg_sync Value: {"287839":1634316318,"433145":1634316318,"665953":1634316318}

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js Message: Allow attribute will take precedence over 'allowfullscreen'.
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/819011/images/rap%20revenge.JPG'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 76) Message: Origin trial controlled feature not enabled: 'trust-token-redemption'.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 76) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
deprecation	warning	Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21stcenturywire.com
a1.beforeitsnews.com
access-prod.apis.anvato.net
ad.360yield.com
ajax.beforeitsnews.com
amg-news.com
beforeitsnews.com
c.mgid.com
c1.adform.net
calabeshes.xyz
cdn.mgid.com
cdn.onesignal.com
cdn2.lockerdomecdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
dcs-vod.apis.anvato.net
eus.rubiconproject.com
external-content.duckduckgo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgflip.com
i.ytimg.com
i0.wp.com
i2.wp.com
imasdk.googleapis.com
img.beforeitsnews.com
img.youtube.com
jamesredpillsamerica.com
jsc.mgid.com
lockerdome.com
match.adsrvr.org
nmvxdvra2muiv2amejorzkvqgg.gcdn.anvato.net
onesignal.com
pagead2.googlesyndication.com
photos.brighteon.com
pixel.rubiconproject.com
rddywd.com
rtb-usw.mfadsrvr.com
rumble.com
s-img.mgid.com
s.adtelligent.com
s.tradingview.com
s0.2mdn.net
s3-symbol-logo.tradingview.com
s3.tradingview.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secureservercdn.net
servicer.mgid.com
simage2.pubmatic.com
sp.rmbl.ws
static-3.bitchute.com
static.doubleclick.net
static.foxtv.com
stats.g.doubleclick.net
sync.adtelligent.com
sync.e-volution.ai
tapnewswire.com
thewashingtonstandard.com
tkx.apis.anvato.net
token.rubiconproject.com
translate.google.com
translate.googleapis.com
w3.cdn.anvato.net
www.conservativedailynews.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.naturalnews.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
sync.adtelligent.com
104.109.78.125
104.154.142.214
104.16.199.73
104.18.255.14
104.19.133.78
104.19.135.78
104.19.217.61
104.26.11.239
107.178.255.150
109.206.161.21
13.248.242.197
13.35.253.111
13.35.253.42
151.139.128.11
151.139.242.29
169.55.146.12
172.217.16.130
18.195.106.43
185.184.8.65
185.64.189.110
192.0.77.2
2.19.35.65
209.58.165.79
2600:9000:2057:2600:1f:2f70:3e80:93a1
2600:9000:206f:9600:1:93c2:a1c0:93a1
2606:4700:10::6816:4a8a
2606:4700:10::6816:4b8a
2606:4700:3031::ac43:a025
2606:4700:3035::6815:40f1
2606:4700:3035::6815:4e23
2606:4700:3035::ac43:b7d9
2606:4700:3036::ac43:d037
2606:4700::6810:8746
2606:4700::6812:e134
2606:4700::6812:e234
2a00:1450:4001:801::2002
2a00:1450:4001:802::200e
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:813::2006
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2006
2a00:1450:4001:830::2016
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9b
2a02:26f0:6c00::210:ba1a
2a02:fe80:1010::16
2a0c:5c81:5139::2
35.186.200.149
35.190.16.125
35.212.212.222
35.241.22.139
35.241.40.69
37.157.4.25
40.114.178.124
52.29.14.143
65.9.71.121
69.173.144.138
69.173.144.139
89.187.169.15
89.40.36.137
03c67ff4db87708e1a941689a6db2cdd968e59b3d7bd1c6e7a94148eb6105688
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
04dd264dbd77c61a40ed0583c57692d62147d727d296cbe2881a41b7fc9c18d4
0713f728b0eaeb4f0cf215fdc5073cead7097d6e63ef3aecc78928333b3544f6
09ab0e09a94016fd87bdbec6cbb5318f6077b123ae4092313394fed3b6629d95
0a2e010259dfd57a0a1425478fd2227881750a537da2338e7dbd69b002b4232c
0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8
0bd0f485abdfacea49805c430f93021ba49ff5d34fb1637f112a66a2c7ae766e
0c47254cfd694fea4b7d862d4b2faa0212440a592f164956b5104c49c3c61948
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
1092c98d043e25085b48f8668b55723ac319c88df422e07e0aaaa5c53bb72377
12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
135d33fda618989589e4d6f2d10fd7febe414dc38724db75a3c92710ccb9a1dc
13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1
143c6420887630424992a884abf8eb1514c373b3bcd4d57d59f2c215364e632f
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
18bb1f2e95d4bca0f3e3d3c77d13db73cb3fe23bdbe7931dd58ca55270fabc1b
18eccfbae9f4260c067005bcc6a030b5d2f8b33b825bd8f63b53c7723d4c09fb
19439c265a625ab421ec3945e2723f9dae79606226462ee5ea73a67589c37630
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1dd0897e0986f727472c9a8bcc742f732d50ea87cf6d64b5c27a3eba659d1e8e
1ddb1385e0d695aca41f8823c35a408992fc2920ddf9e4176e96c600c722800f
22b7334dd7b53cf9a7df2b4c98260fa4a5416383be27c6f3c85ffa9f8eebec7b
23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b
2441d6b6213d79a5f60dcf39c30c45acff60aa7a8fdd6142410d572ef5341ce2
256a515cbe73f6c194b502c5497242f15ac6c33a81bfca7d433b8d738dd3fee9
26b25390571b42b7ebda78da3874a04e00100a2f03cdc632e583ed7afc01b583
27ade501ed1979a72641c4341d674b0ac8268a928ab4f256f55603fef19dc7ea
282ee1dc1110f5bf8192975d9489db5345e5d8f20e97cb1e0de7c4f7ec16c3aa
297489ccb667f6076f816e00c3664df68ca7b545910ee93191aa6dffa774062e
29ebf8694ee72ff4d6a97c8a69c040c8702192089df78d20bb19fff7289d2d8f
2c2520bff591b925d456fa010c41b64995fbd9931892e4eb473ad9cd37ddc0c6
2cf371cde7e8ad64956ae9eede9f0f8f8a1b35081f2a80308a5d46c8274184bf
2dc756fde9b873e2b7ce378823812559afa5a8f2663afec5d937ebd32772d3ec
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
2f07ceaa2c8d954c2f584188ae462a518760dfe25e3f6e0efc3d57df61cd3fd7
318031252ad84165978bffe9823ebd9f39fd73219086f79a0f3fe1f5585a5828
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d
36ab78759192db0f5350163eaf3750527a967d7b7137483b29fa3c5436ad86a4
36c9211b74cd2826b96aec9b873fd10991d5df0450761dfccef2e8099ade8ccd
36ce9b6c42175b2847fa523ba900e340af3c252b783107a03de061d4420dcd97
3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde
3b1406d6be64a707ba1513c391c456da06e82a312febd2ea20ded6993b99c709
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fb470af8e2e82f0cddd7f387665efbf51e03c13fbc66119c968735c7d555c20
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
43ba6b0c9d4df0d0475b0edbd8b682f597e0d475545725297ff316d55f8c58f0
44048535de81b7a3309d0fdffe816de5fbd19d82629956d9fb2a70f051261a4f
45509e50c859d0496a77e9a18fff42075135ef708c981c7e7cded1eea0408200
46c9b9ea4ae28dbd5effbfe582ed3e873262994e7cff82b627bd19a78d632843
4720928be8c0b0ceb6c5c395a9a5e3074229df1b56f874347732561abf40586f
4727c236a79590156e2b25d8bd8ece765550e11055191092b3f4632446dbcfe9
48385b4687bce7d8a8fcfee2c8ac1f90791fb90c07672cb851352269a7a0327a
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4bee09fc277d6ccee88223868eb868bb9fd9166e2d6163df385ddc4c07628bcc
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
539215a62c4691bef106556dffea082d138c9e5b1a6de672fb608173f5bbba58
56211ae71a980d896bf59af0a91407b3e29d93ec9567564798ebba5fd30f485f
562258ef1d950184fabd1b575b9ea4bff58515cf172bf3a213893bbf6cf93ae5
577700ff34c34cd8f0452ffc0628e45b26dabf75819ef814077a3d61a8a8e694
5967628d2d5bb6822e1124dcca900a93c80075e33c8040940790b2f46b20de8d
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5b997bcff91f40fdd88dfa17feadca80bc7029e99e6dcbe6d78f3a1e210a9432
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5eb3ad1dc64d18b21f026e0b6c3bd3535da6c8f0e4fe3f63f60503508baef2aa
61272354c450141b08dfb8d1bf7cb6d67e8e4236f605074ccc86c89749f7249a
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
66306de6b327cbfa2b8bd1494b6d06ba6e97f6bfbb5e7e2d860741b3e4fae089
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
693fa6655498a104846c9de10867aaed0b9d4104c7e24ae3f1b3e6bb2363ee97
69542bfd55b09397c9eae1997a4dddb975024f8a74465647a63423f50090d9be
6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
6c5472b311cc5cb731d6d9ded2dc1ef1143e97e79a444dd85e58cbb199f1fe62
6cab9f44156fa2f5bd5a49775f40ea75d5b4d917c713a341267d48cbed0b725e
6d860c52cf1f7e76357d3fb68fa89d85eb798c6a0979dc42b344b98d2814b2a1
6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965
6e5885cb048ca400e25c37ab41913ba7a288c31c5bf571e19b40e4366e17cd9f
6ea7ee33d1938b358fc2ced12d721cdc70e312357326095ed37afbd4f3a37a18
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122
6f4c7baf55e7c028d298c83e4a92e38dd451d5c025ed77ddc4703f4e0fb66253
6fba3de368fd1cdbf65b5c4f74d49960a452db46e4b795f2da91fac813f1f050
708e15f646a4a88e3398f55ae92a59a527aeeff35f3a801ba5e575aa1a2ea038
70e917bd06783306b3318dbaeeb9100a88a3af46711791787808d6cdad4cb43e
714c05a93c94fa389d4467378c09d187adb3701d832506352fef3576b7ff0969
72627ff2facf83bb7a03434a571d4741d9beba2085c3ccc2c1492120e84d33f9
72b6821ab46e95ff2f25659cf5d7aed2d738ed4bc3c237ea0bd7ae5828f785f3
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7441859e3bafa78b2f9350a25a47810628081b87b77db99c1c68419b9af48289
7455224aba593f4a964f9da3d83e14553fa4b2c85d124b10eaf6c677d5194596
76844492baae9acad7de5a10b830bc7a22e97852a4a4859866104e84cf973b05
786ddd2561ffec477a046b9ab05c9245515015226e1f40daf392b34874f786dd
7974342b7b53a5cdfc12da137faebd34006b2e7ddb444784b92a6e010adf623c
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7b0d48c3f2fe64b36b8e693a9e3784d0e3756efd6d621690f502fcdc3a0b561f
7b45da36302b1875d7e6dd6a31f010b0b06fc6c1b6ba2fbf4d756f18dcddf3e8
7e06c9bf7856c957b6d1f07a9b9f8ec45fe123b955c2936ac59fe63550782137
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7f597c64f4c462fe4371ff01b1b5f243c951ec28b6930490ec325b51ae9dde4a
812bba97a1dc7c3bdc6fa391f382114a3a9dadb182505ee8b9013b4218011c58
81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7
826e2d5dea755940eb6e891ecb1ed092850fbde074bb7b2a846e4a1b9efd4815
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
845ed5d5516754fab4edc23781a617ce150248cb9bef3962dcc964087029c317
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859986c6ca2bee4f39918f17a31763de8819fbd59dd75014a30631b0683e5b9c
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
885dc7e3a89e098b42885ec5f917ae4c077e4e0f2e4b49a5615606a5e62c87fc
8a46105885c5a86da7684c935f2647f6dd95b168d24968484041c704525fbd31
8a4c9c332d04b02b4487bf244a6e9d074e3ec336a24788981f04cc43fa348847
8bbdfac5d34390e019dcda310f45c524b4a303aa4db0f98e4d8b6ba442808148
8c2c3fee87756e3b9ec4d7e70bda112774ba857c5004b4a41a50fac001948c30
8c6b9a83f42cb144aa389cd13ebf0d3349818b28170449f11813094ae2492c21
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
8f6359b88778808952e853bf3d733bf1cbeaa54b4b24b26482d6ff2508ee057b
8f9a86bdccc391efd2b573328013ea9bdfe182d2e123e8f8049bb7c1c681b5f2
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
917a0412c2c8c49e2b54520422835b16700fa43a6cd7a389a726f95e2d5d41e5
91bf36977033d1006fe405e0e51e1729e70e03f9ffff635efc32292fbaed6379
92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc
933241352813cea4388a61fa5c5e527a43b0700e6fc7861c2c122478b9bc1112
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
9763c501581060b53aba9fa6128c140de3c9befa7a770bba6dc71309c4d1a342
978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54
9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f
9882a7ebe8c6ae37a7b2d95cf7f4a37821176f576f8d3f99a37dc09d32923133
98ec49e2ded344c2dfaea627532d40cb6b3bb86c40aed39117abebf51538c93d
993c58ad3f0e7d5344de2eb67b12ea9b747a6200c990b88e0b7922a211966bc4
99789e7d9c4e41890923605f01d5f04f687f4716b523e8bcf2a5e9ca41b0a8e6
99f2683789fb798c3bda3f89b0ac4fcbdaac0d786303a27b94cc8ea962a64e49
9b5304bc525ec5c2300964c1be915ad25a164a2d681ddc072f75ba922bd524b2
9cddacd31b67bdd4defac835f959b663d44a637b5608081b54717154c711ad4a
9e60a41d7cc3c8c642a61b4707f23017f99d4ed04a5a4c91682d7b3c1cdc76b6
a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a
a143c42f95095aca97582a245c7f7d776bebeebd0dd137806d34677e83845ea9
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a31114a6102b63a6eef45a4267e04a3aea54d33f033b9fd1bef60e66c3694d8f
a4da4be236c0c65d6e54eef381dc4d485f246f0b0393f228272191b81e83f117
a5272dee7041e759d7228981ab5137623de1d03a858f0ea4a337afa63c1a3cfb
a57fbcd5222f2ad85bff6adbea147fd03df4ca1759e34ae437e29051c43dd5cc
a7b2fab6cc6ffaf43b3d4cad54ca6b63f5e9c73af3fcbbe0fc5c501bfb46e92a
a81122150ce75b5626fe2405a887dc54ba50546e7d07fed4626a5e94fe38deb8
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae75b11dbc95a65ff077f80d2d39984d8e0bfff94b1a9eac5c70655d279fa68
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
acf3a01aa1b63a4ab6cca270b4fa30cb7c574166ac4897b25dfa71117cecc637
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b03ceb31729d92ab64d2bbffe9effada79296dcdc2af0f9e9f2a6ce810d47837
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
b510a882c697c69a11442c364a3e878dd12729f27c01c3b8054c643456034932
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2
b6dfb0d8457b773eb012351665a08467fed6153f6102e737f2ac326f7effb294
b8ad4fb10bfe2f13ccb2ce071f7181463e1c0e360fa340e1028df60e96883aa8
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
ba2ec1f0e483b39c4f96db14778f55eceafa2ef67aa2b49c532a2cb24a52377b
bb87e924704dd5655251ee84e0d98d92513191a4c3f14bbb0ae735022d7852e6
bd080b74e8929b4d7651365cc05f155b3bad0ee59d65d9333f7cd60511eeca42
bdac3b2e717d6b9c56e993749d915b26847520b8bd7dfb90d1f9089fffe09e29
be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c
c34cee0da05b75843de9f5e5d030ef80bd19b062e8a504a5269e510aea389ca5
c5367117f6644ddc7dc8b2849fed6a4fea0d15871326384f011711e4f0df2b40
c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb158292c1e00f2a542a6db98b2fb425da7c68dfbc924d68ac09681b93a2e272
cc2b47120e24c011dbc609d7415e213cb3614a16e9317f94d3b25e147be3d539
cd3979106582f4ef0fa30069969aa045254e0956a1e89b90f09a97d902a48b66
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d10e3ebc6a353966012f5302b24cb61f670491737e0c6912ce8f0082c88b74c4
d21fb0b5c1bdd8e14bd0af05f442b8f7d5171548aefaffe7d76cc521f579ee55
d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619
d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3
d638b11074de56b32af5239619ea24cd960f1cd3f8e991545507de95747ef4db
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da3e40e104373e943d6fba921bc12cd96ca9bf8b735af66b08135b3809a6ce27
da8688a50b98af6cfcb106a460d4371795eed39b580da7672083e79149c6f3f9
dac942658e3a9b40bbaff74c7e33c28e09099a2d1bcc771197c1dc48b1691aa5
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391
ddae72582af05f215c51a3c088c3d7aa50c7fc83d45f8008ad162110b808dcc5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e01f6f5f154a03959c0a29473510453dcd9960bb64419235c40722ad1290a479
e037e67fb84b34c21f02f7daba5f42421ddba2a6d83ca5aeeccad53c6d795aef
e0c22c3a0050e50b95afee5c0dc7785e864d2500f1685aff40d200ab3f91df05
e0cfc4faa02093bc73a43a91a4b39b8e8d446d9f0fbd5b2d2233f3738545db20
e3a7060843b2adf1775e4e6345f0c0089037746f2643934a7ca11f1e8987e735
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4848c1220210017fc059081ccafde7832d950e02ce946df7492dc78d9fbc204
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e79522da1bfba3d9e473e89c22acc561990785d6c5628f3ca41dc4e7dc05fcdb
ea2e50b13fd391bf47f8b38ff7071a68019eb3ef59dba4acdd5ba7839703a267
ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770
ebd92051af81a19e841e82770de8af0f54c1320388dfb6813ab31f075914e3fd
ed390e84c9cbc129328c6da9ead576f839b6fec67eb9ace1b32740f4641953a5
ed8e36b2a5eaed65bd49b5340b1c8978daa11720ee8a3ce1b25da4b34ac770ad
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5584c07d408079dd7cfd529b0a9fa727380789bcc5efbf2283cd0c3937c4ad
f454dd190dcfdeb36b600bd4ad9e5cdf8773bae3d04312c745f46e53062926ca
f785ad56ccd948b3be8bc3fc810e51ccd0cbb9f4da47100300b25797e9ffb8ad
f810b28de9346b9574fca0b9a15f4acc101e7f20d6863fe3ff86f3badf1f1a45
fa072339bbda2deff03ba6043a182680644ff416d1f9aa090a93ca8fe1804c06
fab98c261194786fd92814924e1902b935c50769312f5cc698d16e669d021563
fc11d2ab4ad186693e03e7a1b27f0fcc6ac27f74dda2bb86b57dff812ce91abb
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

beforeitsnews.com Open in urlscan Pro 2606:4700:10::6816:4b8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

257 Requests

100 %HTTPS

49 %IPv6

50 Domains

79 Subdomains

63 IPs

10 Countries

11019 kBTransfer

21987 kBSize

40 Cookies

32 Outgoing links

Redirected requests

257 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Screenshot
Live screenshot

Full Image

257
Requests

100 %
HTTPS

49 %
IPv6

50
Domains

79
Subdomains

63
IPs

10
Countries

11019 kB
Transfer

21987 kB
Size

40
Cookies

257 HTTP transactions
5 data transactions