gettr.com Open in urlscan Pro
13.224.193.114  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request petebn7cdb Show response gettr.com/post/	7 KB 3 KB	250ms 222ms	Document text/html	13.224.193.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gettr.com/post/petebn7cdb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.193.114 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-114.fra2.r.cloudfront.net Software nginx/1.19.1 / Express Resource Hash e7ba2c9468b16881437d7fa0126b0f71420552972e431020f9ec9e3d7a5a83de Request headers :method GET :authority gettr.com :scheme https :path /post/petebn7cdb pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html; charset=utf-8 server nginx/1.19.1 date Thu, 21 Oct 2021 06:43:52 GMT x-powered-by Express etag W/"1b6a-UvyiS98d85oZmB0Bd8QR7+e19vA" content-encoding gzip vary Accept-Encoding x-cache Miss from cloudfront via 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 x-amz-cf-id XsyqFYQ5zj07feYMb0U8zfmz4wjTCtWFo9OzLY0r09EQk2BbBwR9ow==
GET H2	200	4.2a825cc1.chunk.css gettr.com/static/css/	77 KB 77 KB	9ms 8ms	Stylesheet text/css	13.224.193.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gettr.com/static/css/4.2a825cc1.chunk.css Requested by Host: gettr.com URL: https://gettr.com/post/petebn7cdb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.193.114 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-114.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 91b0fe7cc0f0dbc1fe1d23db30dcb3a8f58eea52e6d61d2ffcc5799979c81c86 Request headers :path /static/css/4.2a825cc1.chunk.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority gettr.com referer https://gettr.com/post/petebn7cdb :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/post/petebn7cdb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 22:53:55 GMT via 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront) last-modified Wed, 20 Oct 2021 22:28:10 GMT server AmazonS3 age 28198 etag "fb519e10b2731bbe025a51d35a88296f" x-cache Hit from cloudfront content-type text/css cache-control max-age=31536000,public x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 78571 x-amz-cf-id yqwRa7Tn9QpzIB_-tMqFy8VL0c0NBW71TElVECWozQJtunIEhNaYWw==
GET H2	200	4.a6540ead.chunk.js Show response gettr.com/static/js/	7 MB 7 MB	17ms 17ms	Script application/javascript	13.224.193.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gettr.com/static/js/4.a6540ead.chunk.js Requested by Host: gettr.com URL: https://gettr.com/post/petebn7cdb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.193.114 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-114.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 7aeec0a3935a1fa972846066fcaac5c8c89d84787c0e47459460c8655e13fddd Request headers :path /static/js/4.a6540ead.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority gettr.com referer https://gettr.com/post/petebn7cdb :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/post/petebn7cdb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 22:53:55 GMT via 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront) last-modified Wed, 20 Oct 2021 22:28:10 GMT server AmazonS3 age 28198 etag "645f05576eb5c7fb2e8ee6e6b9604a34" x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000,public x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 7127236 x-amz-cf-id Qi4nmLar4WLYnxawLakgFSU-5WZpdEDZqShcoZ5LmVwEG6t1D7KrHA==
GET H2	200	main.5fb3abd3.chunk.js Show response gettr.com/static/js/	3 MB 3 MB	42ms 41ms	Script application/javascript	13.224.193.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gettr.com/static/js/main.5fb3abd3.chunk.js Requested by Host: gettr.com URL: https://gettr.com/post/petebn7cdb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.193.114 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-114.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 15dfb5bf6be901f52272cef479d8dfd052f9e96b7b7b409b2f3c9757c9b1fabf Request headers :path /static/js/main.5fb3abd3.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority gettr.com referer https://gettr.com/post/petebn7cdb :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/post/petebn7cdb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 22:53:55 GMT via 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront) last-modified Wed, 20 Oct 2021 22:28:10 GMT server AmazonS3 age 28198 etag "4a39369fae3fa7487290b399d04e7b25" x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000,public x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 2698979 x-amz-cf-id XifLP2Tg0RSnTntcWy9oEqxqaC_J93UHgDN5CBxTSzwP8lmEAvLJqw==
OPTIONS H2	204	petebn7cdb api.gettr.com/u/post/	0 0	278ms 241ms	Preflight text/plain	104.18.20.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.gettr.com/u/post/petebn7cdb?incl=%22poststats|userinfo|shared|liked%22 Protocol H2 Server 104.18.20.236 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers ver,x-app-auth Origin https://gettr.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Thu, 21 Oct 2021 06:43:53 GMT content-type text/plain charset=UTF-8 content-length 0 access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Accept-Encoding,Accept-Language,Content-Length,Referer,TE,x-app-auth,x-app-url,x-app-lang,sec-ch-ua,sec-ch-ua-mobile,enctype,vc,av,ver access-control-max-age 1728000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains server cloudflare cf-ray 6a1883a41e2d4120-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
OPTIONS H2	204	suggest api.gettr.com/s/hashtag/	0 0	231ms 231ms	Preflight text/plain	104.18.20.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.gettr.com/s/hashtag/suggest?max=5 Protocol H2 Server 104.18.20.236 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers ver,x-app-auth Origin https://gettr.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Thu, 21 Oct 2021 06:43:53 GMT content-type text/plain charset=UTF-8 content-length 0 access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Accept-Encoding,Accept-Language,Content-Length,Referer,TE,x-app-auth,x-app-url,x-app-lang,sec-ch-ua,sec-ch-ua-mobile,enctype,vc,av,ver access-control-max-age 1728000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains server cloudflare cf-ray 6a1883a46ebc4120-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	petebn7cdb Show response api.gettr.com/u/post/	3 KB 2 KB	275ms 253ms	XHR application/json	104.18.20.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.gettr.com/u/post/petebn7cdb?incl=%22poststats|userinfo|shared|liked%22 Requested by Host: gettr.com URL: https://gettr.com/static/js/4.a6540ead.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.20.236 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 86c4b4eeb1f698273396bd7a44f63f3a65d07dbd9b90d9ab73554726679d17ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://gettr.com/ Accept-Language de-DE,de;q=0.9 ver 2.6.0 x-app-auth {"user": null, "token": null} User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:43:54 GMT content-encoding gzip cf-cache-status DYNAMIC x-powered-by Express alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 server cloudflare etag W/"b62-/VHno9NZODAqbrGu61VnE2YMbUo" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers Authorization access-control-allow-credentials true cf-ray 6a1883a5cff327c0-PRG access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Accept-Encoding,Accept-Language,Content-Length,Referer,TE,x-app-auth,x-app-url,x-app-lang,sec-ch-ua,sec-ch-ua-mobile,enctype,vc,av,ver
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	22ms 7ms	Script application/x-javascript	185.60.216.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: gettr.com URL: https://gettr.com/static/js/4.a6540ead.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-frx5.fbcdn.net Software / Resource Hash 4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 25969 x-xss-protection 0 pragma public x-fb-debug 1/hdOLfrjM6OklhXNZXpNzxEQp32I/A3Kq3xgtFh75JkSHbPjEx9sYyMp8EjgARjf1wv+6/E6RTQtMzbj9XrNA== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Thu, 21 Oct 2021 06:43:53 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	suggest Show response api.gettr.com/s/hashtag/	3 KB 2 KB	240ms 240ms	XHR application/json	104.18.20.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.gettr.com/s/hashtag/suggest?max=5 Requested by Host: gettr.com URL: https://gettr.com/static/js/4.a6540ead.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.20.236 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 2bf9065b22df9be3899766a61dc24f17c3779d1a0ee2c9a4f10a0de62b03200d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://gettr.com/ Accept-Language de-DE,de;q=0.9 ver 2.6.0 x-app-auth {"user": null, "token": null} User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:43:54 GMT content-encoding gzip cf-cache-status DYNAMIC x-powered-by Express alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 server cloudflare etag W/"da3-fh7IW4+56oDPV2euqBl4tYEtAio" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers Authorization access-control-allow-credentials true cf-ray 6a1883a5d82027c0-PRG access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Accept-Encoding,Accept-Language,Content-Length,Referer,TE,x-app-auth,x-app-url,x-app-lang,sec-ch-ua,sec-ch-ua-mobile,enctype,vc,av,ver
GET DATA	200 OK	truncated /	66 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/webp
GET H/1.1	200 OK	i Show response gettr.count.ly/	20 B 341 B	363ms 129ms	XHR application/json	35.223.82.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://gettr.count.ly/i?begin_session=1&metrics=%7B%22_app_version%22%3A%220.0%22%2C%22_ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36%22%2C%22_resolution%22%3A%221600x1200%22%2C%22_density%22%3A1%2C%22_locale%22%3A%22en-US%22%7D&app_key=e5981ddee1f82d7f0e2591defb529f948af08804&device_id=c52c2e2d-27a2-4ec1-bcca-e99dc9324bfe&sdk_name=javascript_native_web&sdk_version=20.11.3&timestamp=1634798633666&hour=6&dow=4 Requested by Host: gettr.com URL: https://gettr.com/static/js/4.a6540ead.chunk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.223.82.96 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.82.223.35.bc.googleusercontent.com Software / Resource Hash 83786d6ca95e7099b09dda2f11b25e7ac860caf70ec87fd35f520fbb58d8a296 Security Headers Name Value X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Thu, 21 Oct 2021 06:43:54 GMT Content-Encoding gzip Vary Accept-Encoding X-Frame-Options deny Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive X-XSS-Protection 1; mode=block
GET H2	200	1271570993296195 Show response connect.facebook.net/signals/config/	490 KB 144 KB	8ms 8ms	Script application/x-javascript	185.60.216.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1271570993296195?v=2.9.47&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-frx5.fbcdn.net Software / Resource Hash 279a810057a57bfd52df6367c5ddb4762c95b24a810ec82c130ee2a03df85723 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 146745 x-xss-protection 0 pragma public x-fb-debug TwZ6fJJdwcKb4XqwaEjeHQqQbFI7TTfvTLBLnMx4IJbemVPLA3BjYQkKraiIqNvro8P0jA9JOziPe9wPm2PoCA== x-fb-trip-id 917726464 x-frame-options DENY date Thu, 21 Oct 2021 06:43:53 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
OPTIONS H3	204	comments api.gettr.com/u/post/petebn7cdb/	0 0	234ms 234ms	Preflight text/plain	104.18.20.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.gettr.com/u/post/petebn7cdb/comments?offset=0&max=20&dir=rev&incl=posts%7Cstats%7Cuserinfo%7Cshared%7Cliked Protocol H3 Server 104.18.20.236 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers ver,x-app-auth Origin https://gettr.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Thu, 21 Oct 2021 06:43:54 GMT content-type text/plain charset=UTF-8 content-length 0 access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Accept-Encoding,Accept-Language,Content-Length,Referer,TE,x-app-auth,x-app-url,x-app-lang,sec-ch-ua,sec-ch-ua-mobile,enctype,vc,av,ver access-control-max-age 1728000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains server cloudflare cf-ray 6a1883a81b4c27c0-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
OPTIONS H3	204	comments api.gettr.com/u/post/petebn7cdb/	0 0	236ms 236ms	Preflight text/plain	104.18.20.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.gettr.com/u/post/petebn7cdb/comments?offset=0&max=20&dir=rev&incl=posts%7Cstats%7Cuserinfo%7Cshared%7Cliked Protocol H3 Server 104.18.20.236 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers ver,x-app-auth Origin https://gettr.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Thu, 21 Oct 2021 06:43:54 GMT content-type text/plain charset=UTF-8 content-length 0 access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Accept-Encoding,Accept-Language,Content-Length,Referer,TE,x-app-auth,x-app-url,x-app-lang,sec-ch-ua,sec-ch-ua-mobile,enctype,vc,av,ver access-control-max-age 1728000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains server cloudflare cf-ray 6a1883a81b4f27c0-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	64.png unpkg.com/emoji-datasource-twitter@5.0.1/img/twitter/sheets-256/	2 MB 2 MB	76ms 28ms	Image image/png	104.16.124.175 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://unpkg.com/emoji-datasource-twitter@5.0.1/img/twitter/sheets-256/64.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.124.175 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b51e6af865dc1be24b80c3ab76118c5f2353abb5afa36123f5158f67da2cb3e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:43:54 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 15642650 fly-request-id 01F3YKER46P55830GN47S5FTSX vary Accept-Encoding content-length 2502605 last-modified Wed, 15 Jan 2020 00:54:11 GMT server cloudflare etag "262fcd-AueZufrdjQADl8GE+OD6IHAkwm8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 6a1883a819b32790-PRG
GET H3	200	comments Show response api.gettr.com/u/post/petebn7cdb/	169 B 722 B	241ms 240ms	XHR application/json	104.18.20.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.gettr.com/u/post/petebn7cdb/comments?offset=0&max=20&dir=rev&incl=posts%7Cstats%7Cuserinfo%7Cshared%7Cliked Requested by Host: gettr.com URL: https://gettr.com/static/js/4.a6540ead.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.20.236 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 371755cae0a82ba51bd76900870ecd06fda569326039ae8531bd03600a98232a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://gettr.com/ Accept-Language de-DE,de;q=0.9 ver 2.6.0 x-app-auth {"user": null, "token": null} User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:43:54 GMT content-encoding gzip cf-cache-status DYNAMIC x-powered-by Express alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 server cloudflare etag W/"a9-725nN25EbFmD8jZBUkKH1fjxOPc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers Authorization access-control-allow-credentials true cf-ray 6a1883a99d6b27c0-PRG access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Accept-Encoding,Accept-Language,Content-Length,Referer,TE,x-app-auth,x-app-url,x-app-lang,sec-ch-ua,sec-ch-ua-mobile,enctype,vc,av,ver
GET H3	200	comments Show response api.gettr.com/u/post/petebn7cdb/	169 B 722 B	241ms 240ms	XHR application/json	104.18.20.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.gettr.com/u/post/petebn7cdb/comments?offset=0&max=20&dir=rev&incl=posts%7Cstats%7Cuserinfo%7Cshared%7Cliked Requested by Host: gettr.com URL: https://gettr.com/static/js/4.a6540ead.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.20.236 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash da0e37f5ff0528ff40c6b8d5cd8eca8009bde9419194c82d651184749f3f9a98 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://gettr.com/ Accept-Language de-DE,de;q=0.9 ver 2.6.0 x-app-auth {"user": null, "token": null} User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:43:54 GMT content-encoding gzip cf-cache-status DYNAMIC x-powered-by Express alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 server cloudflare etag W/"a9-ZA+8eFPfNFibYsRPL1H74vcszoU" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers Authorization access-control-allow-credentials true cf-ray 6a1883a99d6d27c0-PRG access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Accept-Encoding,Accept-Language,Content-Length,Referer,TE,x-app-auth,x-app-url,x-app-lang,sec-ch-ua,sec-ch-ua-mobile,enctype,vc,av,ver
GET H2	200	6ac1496bcb09ad4d101f27ed225529f6_144x0.jpg media.gettr.com/group41/getter/2021/07/04/23/e6a60129-eb70-e8d7-0e69-c25b7ac47610/	4 KB 5 KB	951ms 896ms	Image image/jpeg	18.66.112.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.gettr.com/group41/getter/2021/07/04/23/e6a60129-eb70-e8d7-0e69-c25b7ac47610/6ac1496bcb09ad4d101f27ed225529f6_144x0.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Gettr Media / Resource Hash 3082057f70832689d4e11c05f6f2dad9e0bbddaf66afe1bbda6701e41df0683a Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:43:55 GMT via 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront) last-modified Thu, 09 Sep 2021 19:31:38 GMT server Gettr Media x-amz-cf-pop FRA56-P5 access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE content-type image/jpeg access-control-allow-origin * access-control-expose-headers Authorization x-cache Miss from cloudfront accept-ranges bytes access-control-allow-headers Authorization, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, X-Requested-By, If-Modified-Since, X-File-Name, X-File-Type, Cache-Control, Origin, Location content-length 4151 x-amz-cf-id LOFna7BfbIoGQGCiuZS0E1EGPtET8rufNtGRUHAoMd6DKRmLzH2RRw==
GET H2	200	0628d2c47b3978a688d882654b89e274_500x0.jpg media.gettr.com/group26/getter/2021/10/21/06/42/d1908e32-aeff-047e-2583-5b03ed890fea/	556 KB 557 KB	387ms 332ms	Image image/jpeg	18.66.112.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.gettr.com/group26/getter/2021/10/21/06/42/d1908e32-aeff-047e-2583-5b03ed890fea/0628d2c47b3978a688d882654b89e274_500x0.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Gettr Media / Resource Hash 9f498ed4a34f0f97c19e7eb7d44b0b6048e03c862bb28eb8fbabc82b08e7bdcf Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:43:54 GMT via 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront) last-modified Thu, 21 Oct 2021 06:42:39 GMT server Gettr Media x-amz-cf-pop FRA56-P5 access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE content-type image/jpeg access-control-allow-origin * access-control-expose-headers Authorization x-cache Miss from cloudfront accept-ranges bytes access-control-allow-headers Authorization, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, X-Requested-By, If-Modified-Since, X-File-Name, X-File-Type, Cache-Control, Origin, Location content-length 569354 x-amz-cf-id 8VK12hkGsXvfQElWxeST4tFLb4aupD7gPWVl7IFKT0QNwBZ5FBjJRA==
GET H2	200	f93632b916321727106d4fd3b99d4e76_500x0.jpg media.gettr.com/group26/getter/2021/10/21/06/42/5a2c311c-a579-d087-3755-9361c8393319/	583 KB 584 KB	546ms 491ms	Image image/jpeg	18.66.112.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.gettr.com/group26/getter/2021/10/21/06/42/5a2c311c-a579-d087-3755-9361c8393319/f93632b916321727106d4fd3b99d4e76_500x0.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Gettr Media / Resource Hash 8a86df74cc26f18f4df3a7c28325ffa2ca31636eb804d8d6a8d1eedf8f4d8d11 Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:43:54 GMT via 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront) last-modified Thu, 21 Oct 2021 06:42:45 GMT server Gettr Media x-amz-cf-pop FRA56-P5 access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE content-type image/jpeg access-control-allow-origin * access-control-expose-headers Authorization x-cache Miss from cloudfront accept-ranges bytes access-control-allow-headers Authorization, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, X-Requested-By, If-Modified-Since, X-File-Name, X-File-Type, Cache-Control, Origin, Location content-length 596767 x-amz-cf-id azTti9GxG1WhFXuFrfg6Jse4gKJcFhGIhDjTy-D1kNkcNXLcBfuJUA==
GET H2	200	GetFile.aspx www.newsmax.com/CMSPages/	44 KB 45 KB	77ms 22ms	Image image/webp	2.16.186.177 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.newsmax.com/CMSPages/GetFile.aspx?guid=757a9edc-e601-4fcc-b732-0e86290f1fb3&SiteName=Newsmax Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.177 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-177.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash c0879ab3fa687c1acf74f8c9005b9f02880da72ff8479997e61cb97940925daa Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:43:54 GMT last-modified Wed, 20 Oct 2021 18:26:57 GMT server Akamai Image Manager etag "en-us|757a9edc-e601-4fcc-b732-0e86290f1fb3|10/20/2021 6:26:25 PM|LiveSite" content-type image/webp access-control-allow-origin * cache-control private, no-transform, max-age=43200 server-timing cdn-cache; desc=HIT, edge; dur=6 content-length 45286 expires Thu, 21 Oct 2021 18:43:54 GMT
GET H2	200	GettyImages-1234847003.jpg justthenews.com/sites/default/files/styles/social_media_share/public/2021-08/	62 KB 63 KB	42ms 19ms	Image image/jpeg	23.185.0.3 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://justthenews.com/sites/default/files/styles/social_media_share/public/2021-08/GettyImages-1234847003.jpg?h=e672b42a&itok=9nFiS_ti Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.185.0.3 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 7e767cf4a9d570c080a52d3afad6cf03c6bf0683e780a311c44a19cf4ec9da73 Security Headers Name Value Strict-Transport-Security max-age=31622400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31622400 via 1.1 varnish, 1.1 varnish etag "61255235-f8f3" age 42372 x-cache HIT, HIT x-cache-hits 1, 9 content-length 63731 x-served-by cache-mdw17356-MDW, cache-hhn4023-HHN last-modified Tue, 24 Aug 2021 20:10:29 GMT server nginx x-timer S1634798634.296334,VS0,VE0 date Thu, 21 Oct 2021 06:43:54 GMT content-type image/jpeg x-styx-req-id 06b10660-269a-11ec-bf5d-762bd69ca18a expires Fri, 07 Oct 2022 11:39:12 GMT cache-control max-age=31622400 accept-ranges bytes x-pantheon-styx-hostname styx-fe3-b-78d85bfd54-7vzn7
GET H2	200	vaccination%20card.png assets.zerohedge.com/s3fs-public/styles/16_9_max_700/public/2021-10/	489 KB 490 KB	40ms 9ms	Image image/png	34.117.224.44 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://assets.zerohedge.com/s3fs-public/styles/16_9_max_700/public/2021-10/vaccination%20card.png?itok=GJOo3M_H Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.224.44 , United States, ASN15169 (GOOGLE, US), Reverse DNS 44.224.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash e68f524a93b1702a7f3f1fb8b734c426f2502837f4a56efed233252fc3608cbe Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:34:40 GMT age 554 x-guploader-uploadid ADPycdtfUQTViibh4t2mF65v2HxfJCX5iIhxIZ6UXPcrVEFWBz-hdNtkGPVPfGNov6SUm1sUsG8Uv7IxBzbDMnGbYhEK87v3WA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc clear content-length 500953 last-modified Wed, 20 Oct 2021 16:46:33 GMT server UploadServer etag "c0421228c44c33bb9918a63819f53bc4" vary Origin x-goog-hash crc32c=F7tSug==, md5=wEISKMRMM7uZGKY4GfU7xA== x-goog-generation 1634748393898042 cache-control public,max-age=3600 x-goog-stored-content-length 500953 accept-ranges bytes content-type image/png
GET H2	200	merlin_196244415_4d1a8948-045c-449b-b6ca-d4655bc57724-superJumbo.jpg static01.nyt.com/images/2021/10/20/business/19netflix-walkout-print/	172 KB 173 KB	42ms 8ms	Image image/webp	151.101.193.164 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://static01.nyt.com/images/2021/10/20/business/19netflix-walkout-print/merlin_196244415_4d1a8948-045c-449b-b6ca-d4655bc57724-superJumbo.jpg?quality=75&auto=webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.193.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 027efd81bc48459f7027d8dec7ea39dc62c8d018b8871a1401c8000fe5478a0c Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:43:54 GMT via 1.1 varnish, 1.1 varnish age 116180 x-guploader-uploadid ADPycdsyrp6n5vsqt17w5Kcc4pvqKYiVaHmPaj_eNKrkkXU6uGKOYHf5v_u2ZGz_3sCcjhDK_fqvUPdEzUFWiyuTFb0gChdqkA x-cache HIT, HIT fastly-io-info ifsz=379904 idim=2048x1365 ifmt=jpeg ofsz=176082 odim=2048x1365 ofmt=webp x-goog-storage-class MULTI_REGIONAL fastly-stats io=1 content-length 176082 x-served-by cache-bwi5183-BWI, cache-fra19142-FRA x-nyt-gcs-bucket cms-gke-prd-publish-images-storage server UploadServer x-timer S1634798634.299922,VS0,VE1 etag "2JkDRWEwAqwC1Y8XmLxM17XCQUb8Y2S8MnUUfsGB7lg" vary Accept x-goog-hash crc32c=qdQh+g==, md5=tr/jaNoe3QbAkAIPOVAYeA== content-type image/webp access-control-allow-origin * expires Tue, 19 Oct 2021 22:27:33 GMT cache-control max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public accept-ranges bytes timing-allow-origin * x-cache-hits 2, 1
GET H2	200	enes-kanter images.complex.com/complex/images/c_fill,dpr_auto,f_auto,q_90,w_1400/fl_lossy,pg_1/mownseqhq4gfsdspnoxu/	87 KB 88 KB	38ms 7ms	Image image/webp	151.101.66.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.complex.com/complex/images/c_fill,dpr_auto,f_auto,q_90,w_1400/fl_lossy,pg_1/mownseqhq4gfsdspnoxu/enes-kanter Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cloudinary / Resource Hash 2d82b7022939bb5d7121dc243b4ffabfd5928be976f592067d6140cb0e89268b Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:43:54 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish age 456881 edge-cache-tag 222880731365522238728340045626525465961,457142582673938410330877927156134639662,4b8bafdec076f25030c303049f4e6586 x-cache MISS, HIT, HIT content-length 89350 x-served-by cache-dca17751-DCA, cache-dca17731-DCA, cache-fra19150-FRA last-modified Sun, 03 Oct 2021 20:02:28 GMT server cloudinary x-timer S1634798634.296786,VS0,VE1 etag "3272d9be3873c707a0344277cf9fb0fc" content-type image/webp content-disposition inline; filename="mownseqhq4gfsdspnoxu.webp" cache-control private, max-age=31968000 accept-ranges bytes timing-allow-origin * x-cache-hits 0, 1, 1
GET H/1.1	200 OK	i Show response gettr.count.ly/	20 B 341 B	114ms 114ms	XHR application/json	35.223.82.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://gettr.count.ly/i?events=%5B%7B%22key%22%3A%22%5BCLY%5D_orientation%22%2C%22count%22%3A1%2C%22segmentation%22%3A%7B%22mode%22%3A%22landscape%22%7D%2C%22timestamp%22%3A1634798633665%2C%22hour%22%3A6%2C%22dow%22%3A4%7D%5D&app_key=e5981ddee1f82d7f0e2591defb529f948af08804&device_id=c52c2e2d-27a2-4ec1-bcca-e99dc9324bfe&sdk_name=javascript_native_web&sdk_version=20.11.3&timestamp=1634798633667&hour=6&dow=4 Requested by Host: gettr.com URL: https://gettr.com/static/js/4.a6540ead.chunk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.223.82.96 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.82.223.35.bc.googleusercontent.com Software / Resource Hash 83786d6ca95e7099b09dda2f11b25e7ac860caf70ec87fd35f520fbb58d8a296 Security Headers Name Value X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Thu, 21 Oct 2021 06:43:54 GMT Content-Encoding gzip Vary Accept-Encoding X-Frame-Options deny Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive X-XSS-Protection 1; mode=block
GET H2	200	enes-kanter images.complex.com/complex/images/c_fill,dpr_auto,f_auto,q_90,w_1400/fl_lossy,pg_1/mownseqhq4gfsdspnoxu/	87 KB 87 KB	9ms 7ms	Image image/webp	151.101.66.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.complex.com/complex/images/c_fill,dpr_auto,f_auto,q_90,w_1400/fl_lossy,pg_1/mownseqhq4gfsdspnoxu/enes-kanter Requested by Host: gettr.com URL: https://gettr.com/static/js/4.a6540ead.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cloudinary / Resource Hash 2d82b7022939bb5d7121dc243b4ffabfd5928be976f592067d6140cb0e89268b Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:43:54 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish age 456881 edge-cache-tag 222880731365522238728340045626525465961,457142582673938410330877927156134639662,4b8bafdec076f25030c303049f4e6586 x-cache MISS, HIT, HIT content-length 89350 x-served-by cache-dca17751-DCA, cache-dca17731-DCA, cache-fra19150-FRA last-modified Sun, 03 Oct 2021 20:02:28 GMT server cloudinary x-timer S1634798634.316205,VS0,VE0 etag "3272d9be3873c707a0344277cf9fb0fc" content-type image/webp content-disposition inline; filename="mownseqhq4gfsdspnoxu.webp" cache-control private, max-age=31968000 accept-ranges bytes timing-allow-origin * x-cache-hits 0, 1, 2
GET H2	200	GettyImages-1234847003.jpg justthenews.com/sites/default/files/styles/social_media_share/public/2021-08/	62 KB 62 KB	8ms 7ms	Image image/jpeg	23.185.0.3 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://justthenews.com/sites/default/files/styles/social_media_share/public/2021-08/GettyImages-1234847003.jpg?h=e672b42a&itok=9nFiS_ti Requested by Host: gettr.com URL: https://gettr.com/static/js/4.a6540ead.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.185.0.3 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 7e767cf4a9d570c080a52d3afad6cf03c6bf0683e780a311c44a19cf4ec9da73 Security Headers Name Value Strict-Transport-Security max-age=31622400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31622400 via 1.1 varnish, 1.1 varnish etag "61255235-f8f3" age 42373 x-cache HIT, HIT x-cache-hits 1, 10 content-length 63731 x-served-by cache-mdw17356-MDW, cache-hhn4023-HHN last-modified Tue, 24 Aug 2021 20:10:29 GMT server nginx x-timer S1634798634.321061,VS0,VE0 date Thu, 21 Oct 2021 06:43:54 GMT content-type image/jpeg x-styx-req-id 06b10660-269a-11ec-bf5d-762bd69ca18a expires Fri, 07 Oct 2022 11:39:12 GMT cache-control max-age=31622400 accept-ranges bytes x-pantheon-styx-hostname styx-fe3-b-78d85bfd54-7vzn7
GET H2	200	GetFile.aspx www.newsmax.com/CMSPages/	44 KB 45 KB	227ms 227ms	Image image/webp	2.16.186.177 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.newsmax.com/CMSPages/GetFile.aspx?guid=757a9edc-e601-4fcc-b732-0e86290f1fb3&SiteName=Newsmax Requested by Host: gettr.com URL: https://gettr.com/static/js/4.a6540ead.chunk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.177 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-177.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash c0879ab3fa687c1acf74f8c9005b9f02880da72ff8479997e61cb97940925daa Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:43:54 GMT last-modified Wed, 20 Oct 2021 18:26:57 GMT server Akamai Image Manager etag "en-us|757a9edc-e601-4fcc-b732-0e86290f1fb3|10/20/2021 6:26:25 PM|LiveSite" content-type image/webp access-control-allow-origin * cache-control private, no-transform, max-age=43200 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 45286 expires Thu, 21 Oct 2021 18:43:54 GMT
GET H2	200	merlin_196244415_4d1a8948-045c-449b-b6ca-d4655bc57724-superJumbo.jpg static01.nyt.com/images/2021/10/20/business/19netflix-walkout-print/	172 KB 172 KB	215ms 215ms	Image image/webp	151.101.193.164 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://static01.nyt.com/images/2021/10/20/business/19netflix-walkout-print/merlin_196244415_4d1a8948-045c-449b-b6ca-d4655bc57724-superJumbo.jpg?quality=75&auto=webp Requested by Host: gettr.com URL: https://gettr.com/static/js/4.a6540ead.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.193.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 027efd81bc48459f7027d8dec7ea39dc62c8d018b8871a1401c8000fe5478a0c Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:43:54 GMT via 1.1 varnish, 1.1 varnish age 116180 x-guploader-uploadid ADPycdsyrp6n5vsqt17w5Kcc4pvqKYiVaHmPaj_eNKrkkXU6uGKOYHf5v_u2ZGz_3sCcjhDK_fqvUPdEzUFWiyuTFb0gChdqkA x-cache HIT, HIT fastly-io-info ifsz=379904 idim=2048x1365 ifmt=jpeg ofsz=176082 odim=2048x1365 ofmt=webp x-goog-storage-class MULTI_REGIONAL fastly-stats io=1 content-length 176082 x-served-by cache-bwi5183-BWI, cache-fra19142-FRA x-nyt-gcs-bucket cms-gke-prd-publish-images-storage server UploadServer x-timer S1634798635.599106,VS0,VE0 etag "2JkDRWEwAqwC1Y8XmLxM17XCQUb8Y2S8MnUUfsGB7lg" vary Accept x-goog-hash crc32c=qdQh+g==, md5=tr/jaNoe3QbAkAIPOVAYeA== content-type image/webp access-control-allow-origin * expires Tue, 19 Oct 2021 22:27:33 GMT cache-control max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public accept-ranges bytes timing-allow-origin * x-cache-hits 2, 2
GET H2	200	vaccination%20card.png assets.zerohedge.com/s3fs-public/styles/16_9_max_700/public/2021-10/	489 KB 490 KB	9ms 8ms	Image image/png	34.117.224.44 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://assets.zerohedge.com/s3fs-public/styles/16_9_max_700/public/2021-10/vaccination%20card.png?itok=GJOo3M_H Requested by Host: gettr.com URL: https://gettr.com/static/js/4.a6540ead.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.224.44 , United States, ASN15169 (GOOGLE, US), Reverse DNS 44.224.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash e68f524a93b1702a7f3f1fb8b734c426f2502837f4a56efed233252fc3608cbe Request headers Accept-Language de-DE,de;q=0.9 Referer https://gettr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:34:40 GMT age 554 x-guploader-uploadid ADPycdtfUQTViibh4t2mF65v2HxfJCX5iIhxIZ6UXPcrVEFWBz-hdNtkGPVPfGNov6SUm1sUsG8Uv7IxBzbDMnGbYhEK87v3WA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc clear content-length 500953 last-modified Wed, 20 Oct 2021 16:46:33 GMT server UploadServer etag "c0421228c44c33bb9918a63819f53bc4" vary Origin x-goog-hash crc32c=F7tSug==, md5=wEISKMRMM7uZGKY4GfU7xA== x-goog-generation 1634748393898042 cache-control public,max-age=3600 x-goog-stored-content-length 500953 accept-ranges bytes content-type image/png

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| webpackJsonpgetter-fe object| regeneratorRuntime function| setImmediate function| clearImmediate object| model function| _ object| __core-js_shared__ object| core number| 2f1acc6c3a606b082e5eef5e54414ffb object| Base64 object| vttjs function| WebVTT object| _GIPHY_SDK_HEADERS_ string| giphyRandomId object| _tfengine function| getter-i18n-t function| fbq function| _fbq object| JSON3

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gettr.com/	1970-01-19 22:49:50	Name: local Value: 9b871dc755ded7e946e32674ab382e31bb82a1d560347f55c955b65737d2f0c44ba569cc9af03e1a998fb22877aeddaaSGaevTkw/hpYLVy9GU88sw==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.gettr.com
assets.zerohedge.com
connect.facebook.net
gettr.com
gettr.count.ly
images.complex.com
justthenews.com
media.gettr.com
static01.nyt.com
unpkg.com
www.newsmax.com
104.16.124.175
104.18.20.236
13.224.193.114
151.101.193.164
151.101.66.133
18.66.112.28
185.60.216.19
2.16.186.177
23.185.0.3
34.117.224.44
35.223.82.96
027efd81bc48459f7027d8dec7ea39dc62c8d018b8871a1401c8000fe5478a0c
0b51e6af865dc1be24b80c3ab76118c5f2353abb5afa36123f5158f67da2cb3e
15dfb5bf6be901f52272cef479d8dfd052f9e96b7b7b409b2f3c9757c9b1fabf
279a810057a57bfd52df6367c5ddb4762c95b24a810ec82c130ee2a03df85723
2bf9065b22df9be3899766a61dc24f17c3779d1a0ee2c9a4f10a0de62b03200d
2d82b7022939bb5d7121dc243b4ffabfd5928be976f592067d6140cb0e89268b
3082057f70832689d4e11c05f6f2dad9e0bbddaf66afe1bbda6701e41df0683a
371755cae0a82ba51bd76900870ecd06fda569326039ae8531bd03600a98232a
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
7aeec0a3935a1fa972846066fcaac5c8c89d84787c0e47459460c8655e13fddd
7e767cf4a9d570c080a52d3afad6cf03c6bf0683e780a311c44a19cf4ec9da73
83786d6ca95e7099b09dda2f11b25e7ac860caf70ec87fd35f520fbb58d8a296
86c4b4eeb1f698273396bd7a44f63f3a65d07dbd9b90d9ab73554726679d17ce
8a86df74cc26f18f4df3a7c28325ffa2ca31636eb804d8d6a8d1eedf8f4d8d11
91b0fe7cc0f0dbc1fe1d23db30dcb3a8f58eea52e6d61d2ffcc5799979c81c86
9f498ed4a34f0f97c19e7eb7d44b0b6048e03c862bb28eb8fbabc82b08e7bdcf
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
c0879ab3fa687c1acf74f8c9005b9f02880da72ff8479997e61cb97940925daa
da0e37f5ff0528ff40c6b8d5cd8eca8009bde9419194c82d651184749f3f9a98
e68f524a93b1702a7f3f1fb8b734c426f2502837f4a56efed233252fc3608cbe
e7ba2c9468b16881437d7fa0126b0f71420552972e431020f9ec9e3d7a5a83de