beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://beforeitsnews.com/
Submission: On November 16 via manual (November 16th 2022, 5:44:31 am UTC) from IN — Scanned from DE

Summary HTTP 269 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 43 IPs in 7 countries across 26 domains to perform 269 HTTP transactions. The main IP is 2606:4700:10::6816:4b8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com. The Cisco Umbrella rank of the primary domain is 173214.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2022. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
46	2606:4700:10:... 2606:4700:10::6816:4b8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.97.113 18.66.97.113	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::2016	15169 (GOOGLE) (GOOGLE)
18	2606:4700:1::... 2606:4700:1::6813:864e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
15	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
12	104.18.64.15 104.18.64.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2400:52e0:1e0... 2400:52e0:1e00::722:1	200325 (BUNNYCDN) (BUNNYCDN)
3	162.241.30.109 162.241.30.109	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:5c00:18:9413:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:4a8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.147.12 18.66.147.12	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
25	52.222.214.117 52.222.214.117	16509 (AMAZON-02) (AMAZON-02)
2 5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	35.190.30.115 35.190.30.115	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
25	2600:9000:225... 2600:9000:225e:8800:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3038::6815:eb8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.98.59.22 172.98.59.22	399647 (RUMBLE) (RUMBLE)
16	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:908	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
3	2001:41d0:701... 2001:41d0:701:1000::2fb3	16276 (OVH) (OVH)
3	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
269	43

46 2606:4700:10::6816:4b8a (United States)

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-113.fra56.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

borirait.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.64.15 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e00::722:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.241.30.109 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5924.bluehost.com

www.ournewearthnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:5c00:18:9413:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4a8a (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-12.fra60.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 52.222.214.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-117.fra56.r.cloudfront.net

static.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.30.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.30.190.35.bc.googleusercontent.com

customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:225e:8800:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3038::6815:eb8a (United States)

ASN13335 (CLOUDFLARENET, US)

img.rtbsystem.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.98.59.22 (Canada)

ASN399647 (RUMBLE, CA)

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:908 (United States)

ASN13335 (CLOUDFLARENET, US)

eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:41d0:701:1000::2fb3 (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	tradingview.com s3.tradingview.com — Cisco Umbrella Rank: 17759 s.tradingview.com — Cisco Umbrella Rank: 23169 static.tradingview.com — Cisco Umbrella Rank: 16481 s3-symbol-logo.tradingview.com — Cisco Umbrella Rank: 17245	251 KB
48	beforeitsnews.com beforeitsnews.com — Cisco Umbrella Rank: 173214 img.beforeitsnews.com — Cisco Umbrella Rank: 364716 m.beforeitsnews.com — Cisco Umbrella Rank: 470681 ajax.beforeitsnews.com — Cisco Umbrella Rank: 212257 a1.beforeitsnews.com — Cisco Umbrella Rank: 349088	905 KB
19	youtube.com img.youtube.com — Cisco Umbrella Rank: 3305 www.youtube.com — Cisco Umbrella Rank: 94	2 MB
19	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8149 c.mgid.com — Cisco Umbrella Rank: 5819 cdn.mgid.com — Cisco Umbrella Rank: 10764 servicer.mgid.com — Cisco Umbrella Rank: 8339 s-img.mgid.com — Cisco Umbrella Rank: 4757 cm.mgid.com — Cisco Umbrella Rank: 1253	260 KB
15	rmbl.ws sp.rmbl.ws — Cisco Umbrella Rank: 25688	507 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	139 KB
13	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 www.googleapis.com — Cisco Umbrella Rank: 34 translate.googleapis.com — Cisco Umbrella Rank: 858 jnn-pa.googleapis.com — Cisco Umbrella Rank: 261	143 KB
12	imgflip.com i.imgflip.com — Cisco Umbrella Rank: 27656	910 KB
11	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 static.doubleclick.net — Cisco Umbrella Rank: 309	39 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	59 KB
7	eu-1-id5-sync.com eu-1-id5-sync.com — Cisco Umbrella Rank: 1130 lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1158 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1326	19 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 translate.google.com — Cisco Umbrella Rank: 1251	55 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3175 onesignal.com — Cisco Umbrella Rank: 1205	83 KB
4	rtbsystem.org img.rtbsystem.org — Cisco Umbrella Rank: 22423	297 KB
4	bitchute.com static-3.bitchute.com — Cisco Umbrella Rank: 97265	91 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 479	2 KB
3	rumble.com rumble.com — Cisco Umbrella Rank: 17568	35 KB
3	customads.co cdn2.customads.co — Cisco Umbrella Rank: 159888 customads.co — Cisco Umbrella Rank: 121470	6 KB
3	ournewearthnews.com www.ournewearthnews.com — Cisco Umbrella Rank: 413023	276 KB
3	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 115	102 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5922	564 B
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 113971	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	87 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	49 KB
1	borirait.site borirait.site — Cisco Umbrella Rank: 340099	41 KB
269	26

	Domain	Requested by
30	beforeitsnews.com	beforeitsnews.com
25	s3-symbol-logo.tradingview.com	static.tradingview.com
25	static.tradingview.com	s.tradingview.com static.tradingview.com
18	www.youtube.com	beforeitsnews.com www.youtube.com
15	sp.rmbl.ws	beforeitsnews.com rumble.com
14	img.beforeitsnews.com	beforeitsnews.com
12	i.imgflip.com	beforeitsnews.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com beforeitsnews.com s.tradingview.com rumble.com
8	jnn-pa.googleapis.com	www.youtube.com
7	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
6	www.gstatic.com	translate.googleapis.com www.youtube.com www.gstatic.com
6	jsc.mgid.com	beforeitsnews.com jsc.mgid.com
5	www.google.com	beforeitsnews.com www.youtube.com
5	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com www.youtube.com
4	img.rtbsystem.org
4	cdn.mgid.com	jsc.mgid.com
4	stats.g.doubleclick.net	www.google-analytics.com customads.co
4	static-3.bitchute.com	beforeitsnews.com
3	id5-sync.com	eu-1-id5-sync.com
3	lbs.eu-1-id5-sync.com	eu-1-id5-sync.com
3	lb.eu-1-id5-sync.com	eu-1-id5-sync.com
3	rumble.com	beforeitsnews.com rumble.com
3	servicer.mgid.com	jsc.mgid.com
3	onesignal.com	cdn.onesignal.com
3	c.mgid.com	jsc.mgid.com
3	translate.googleapis.com	translate.googleapis.com
3	www.ournewearthnews.com	beforeitsnews.com
3	i.ytimg.com	beforeitsnews.com www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	cm.mgid.com	jsc.mgid.com
2	cdn.onesignal.com	beforeitsnews.com cdn.onesignal.com
2	www.google.de	beforeitsnews.com
2	customads.co	cdn2.customads.co
2	rddywd.com	beforeitsnews.com
2	m.beforeitsnews.com	beforeitsnews.com
2	www.googletagmanager.com	beforeitsnews.com static.tradingview.com
1	eu-1-id5-sync.com	jsc.mgid.com
1	s-img.mgid.com
1	a1.beforeitsnews.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	s.tradingview.com	s3.tradingview.com
1	ajax.beforeitsnews.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	cdn2.customads.co	beforeitsnews.com
1	img.youtube.com	beforeitsnews.com
1	borirait.site	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
269	50

This site contains links to these domains. Also see Links.

Domain
www.herbanomics.com
www.tradingview.com
69b3d4-ogey4faauklimid7y6d.hop.clickbank.net
7dd30c11lgm9et1b44uo542t4t.hop.clickbank.net
tinyurl.com
mitocopper.com
5f2fdk13ncob7k071lvbpbvp8z.hop.clickbank.net
telegram.org
forum.beforeitsnews.com
www.youtube.com
23b56uuehf-0jf6vgywrl0u60q.hop.clickbank.net
widgets.mgid.com
www.mgid.com
clck.mgid.com
c206dt1hkf52hb9pfn3hobak55.hop.clickbank.net
www.braintuner.com
www.fincabayano.net
raidshadowlegends
t.me
3f052l7-qgg88x59jqd24eoy97.hop.clickbank.net
4ae3c3vmlbxdr90eis3pnlfla4.hop.clickbank.net
8940ee6bchggao3arjqfty4m5p.hop.clickbank.net
62138b51nek2bycb0foa-rvl81.hop.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-14` - `2023-05-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.tradingview.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sp.rmbl.ws R3	`2022-09-29` - `2022-12-28`	3 months	crt.sh
static-3.bitchute.com R3	`2022-10-20` - `2023-01-18`	3 months	crt.sh
ournewearthnews.indianinthemachine.com R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.customads.co Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
tradingview.com Amazon	`2022-04-09` - `2023-05-08`	a year	crt.sh
static.tradingview.com Amazon	`2022-06-23` - `2023-07-22`	a year	crt.sh
customads.co GTS CA 1D4	`2022-10-22` - `2023-01-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.rumble.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-12` - `2023-12-09`	a year	crt.sh
*.eu-1-id5-sync.com E1	`2022-11-04` - `2023-02-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 2FC5425CF8DBA0E5CC8587A37E3AC93B
Requests: 150 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202210165
Frame ID: 6ACF82EA7965934383A9C0B50DF5BF9F
Requests: 4 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: 3D25527C6DA6CF164046ADD8AC6E68EC
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: FA30EC4084C6E582DC27D5EDC5E9A5BC
Requests: 1 HTTP requests in this frame

Frame: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 5BF7A1AD579658234390B79F06F15A2F
Requests: 2 HTTP requests in this frame

Frame: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: EFCC41F77FDE78DDCF2087DA48F71567
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1C84FC252FE5048E99497B6CD0092932
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 88950D2FFD4973CAE46276A19F4BE24A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/YqCruUbpsk4
Frame ID: 31463292164223FA2656B5A00DF5D1AF
Requests: 21 HTTP requests in this frame

Frame: https://rumble.com/embed/v1s3ek8/?pub=hw409
Frame ID: B6F42F693602B0ED7337DF4F5E6FDD43
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jZl8N_dwOTc
Frame ID: 48D9B640FCADBC9DD3A659417DDA91CD
Requests: 21 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1668577464640821526753
Frame ID: 8E4D920701EC527D31F00000E8B745C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before It's News | People Powered News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

269
Requests

96 %
HTTPS

76 %
IPv6

26
Domains

50
Subdomains

43
IPs

7
Countries

6002 kB
Transfer

19598 kB
Size

13
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Ticker Tape

Search URL Search Domain Scan URL

URL: https://69b3d4-ogey4faauklimid7y6d.hop.clickbank.net/?tid=WATERFS_BIN_EMAIL
Title: Invention Makes Clean Drinking Water Out Of Thin Air - MUST SEE

Search URL Search Domain Scan URL

URL: https://7dd30c11lgm9et1b44uo542t4t.hop.clickbank.net/?tid=BINRTL81422
Title: Scientists Discover The Real Root Cause of Your Belly Fat - Hint! Not Diet or Exercise

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxwvh36c

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/hnex-hydronano-extracellular-oxygen-delivery-system/

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/detoxadine-organic-iodine-supplement/
Title: Your Body Needs Iodine! Here's What You Don't Know About Iodine and Your Health!

Search URL Search Domain Scan URL

URL: https://5f2fdk13ncob7k071lvbpbvp8z.hop.clickbank.net/?tid=BINRTL81422
Title: Women! STOP Spending a Fortune on Special Shampoos, Hair Creams and Potions. Instead… Do THIS

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: BEFORE IT'S NEWS ON TELEGRAM * GET THE TELEGRAM APP - https://telegram.org

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://23b56uuehf-0jf6vgywrl0u60q.hop.clickbank.net/?tid=BINPTL11722

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720413

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/d/10961461/i/22984/pp/1/1?h=NayDluiVqLxczfs6ukE9bP5G9fJ1CYAWRQFAmZIQcanmNivCouaJpuy1ePCKH1G4-HUzQDclPIcAA-xnuEwiiw**&rid=b9cfd6cb-6571-11ed-be3c-e43d1a2a04aa&u=qdcslSX3TxFX1JDukbtaMvQzXvUU1Wl2QMrsKl20vO2EiLVVL05OkzYCmXyvlkfpjNTf9tZEFfuiEdPGUwWxVFimLgYVPrEBO4fAJkLfQ4iulI0Yk2KurJiANuB2JhVPZHBVO2CNiHNNwyX67Nhpsyc-byltdZW45MIGcrSgtYWTPtMPdXrP90rP1Weaxq3DoPGl9dwZR8j3m5d4gBQV7VKEAmtPFr79LQ31HHXOTIoUfamzMTNuKWkSfIRxG5HPUci9Vx4Ep9NhHKz_wTY5dBwEfnnNHVeAjYSZJrEwcXVlc-50aiMBXQ93D9gzgD5t2LWYSMdnDJSym1TSN54ueg**&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1&gdprApplies=1&st=60&mp4=1

Search URL Search Domain Scan URL

URL: https://c206dt1hkf52hb9pfn3hobak55.hop.clickbank.net/?tid=BINRTL32021
Title: New Fat-Burning Formula Melts Off Fat While Enjoying The Best Sleep Of Your Life - Click Here For Details

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/products/humic-fulvic-liquid-trace-mineral-complex

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/d/10961461/i/30754/pp/1/1?h=NayDluiVqLxczfs6ukE9bJE59BOLcv5J6gChPeeUEanmNivCouaJpuy1ePCKH1G47cfHHjkZWzd99kctYFbSfQ**&rid=b9cfa9f9-6571-11ed-a33f-e43d1a2a96ec&u=9YxAkCXJ8nznJSvjVHNYDaCOgKYsY2ubw0vH_hZuFJjHbMeqVme-W584WZkw68u8-d8tGdBVn4OprZ8spiLnu4hSImZ08vZH3dzOTyHz5jOHfNnkUurumSQC9VVT606rAD8KTBXsL8zqlQUPSDKpOOg_Uy2WPJDkk-mYIpp1GhR-Nxy00dTa0hPBvnCf15u8bV5ZnzZclhKp2eg3Nihcm_Q34YofmDhGupRdE3IJCggdG_uNhIhuewNhF5yNPFzv-Usm8jd7jacHBRUhAPZlaaqSQP5sQIzpDvX72a67z68S9HCkWnMlkQKxa2eRG3rsmxGjG9qexnCcQUIbtt499g**&tt=Direct&att=3&gbpp=1&abd=1&iv=10&ct=1&gdprApplies=1&st=60&mp4=1

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/d/10961461/i/30754/pp/2/1?h=NayDluiVqLxczfs6ukE9bMQxgigqmdDPs_ZkKy3Ir-C3RVaPvv_x8QcS7RDqWVwPN4yQRbzOJruCAXdgMotRgw**&rid=b9cfa9f9-6571-11ed-a33f-e43d1a2a96ec&u=9YxAkCXJ8nznJSvjVHNYDUxUu46FGZe-t-gFIHTunC-53NUyaKMXArXnbCuOLDZe_RUsovpPHhWqMxzhYp3KR74zsvOwebnccaOoTVpc9ycDBhNug8rdD9AffYI-c7gwkvPPtneJta6_g3XuufMIcQ1-ovDfdIK-VpV1fnilXk4_TTMQhUs-domdaeSvmUBDMJ2e_REk0_T8cNEsmJL8A6x1_0012RB3kTCs5oFNPK54XH_Ef8YwahnQeQTzAsLag-gSEU-w5jvxaMHyTEnheYpLCF4lM-wEX331SKNpMgSh3Yj0RBmcpPiiZYcZVtd_&tt=Direct&att=3&gbpp=1&abd=1&iv=10&ct=1&gdprApplies=1&st=60&mp4=1

Search URL Search Domain Scan URL

URL: https://raidshadowlegends/Dieses_Spiel_ist_so_sch%C3%B6n_dass_es_sich_lohnt_es_zu_installieren

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/d/10961461/i/30754/pp/4/1?h=NayDluiVqLxczfs6ukE9bD-tBxv8Jwxh8GcC3RVNU5MBxfNF56-d_Gt759IGFZJbpvzCLVFjDUI7N4KVyrQCtA**&rid=b9cfa9f9-6571-11ed-a33f-e43d1a2a96ec&u=qdcslSX3TxFX1JDukbtaMvQzXvUU1Wl2QMrsKl20vO2EiLVVL05OkzYCmXyvlkfpjNTf9tZEFfuiEdPGUwWxVPGkm6cJNPql21TIwaYHcriulI0Yk2KurJiANuB2JhVPZHBVO2CNiHNNwyX67Nhps16igPhNbB2Vc0YrG5ndCM81oyJyarnZN7p-pItALLRb7-uFpHnw4BXrH6B-loQataszeYF2rLf7KWPjvIuoZmQ5ASWgLKUWYuUHJ36nNWMAUci9Vx4Ep9NhHKz_wTY5dBwEfnnNHVeAjYSZJrEwcXVlc-50aiMBXQ93D9gzgD5t2LWYSMdnDJSym1TSN54ueg**&tt=Direct&att=3&gbpp=1&abd=1&iv=10&ct=1&gdprApplies=1&st=60&mp4=1

Search URL Search Domain Scan URL

URL: https://tinyurl.com/28yb8h2s
Title: Real Online Social Media Jobs That Pay YOU $25 to $50 Per Hour - No Experience Required, Work From Home - Click Here for Details

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://3f052l7-qgg88x59jqd24eoy97.hop.clickbank.net/?tid=BINRTL81422
Title: Combine This With Coffee To Jump Start Your Metabolism

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/lions-mane-whole-mind-nootropic-blend-60-capsules/
Title: Learn How To Sharpen Your Focus, Improve Mental Clarity and Enhance Mood Functions

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/
Title: The Curcumin You Can Feel - UltraCür® - Fast Acting Natural Inflammation Support

Search URL Search Domain Scan URL

URL: https://4ae3c3vmlbxdr90eis3pnlfla4.hop.clickbank.net/?tid=BINRTL103122
Title: President Donald J. Trump Collectible Pocket Watch - Up To 80% Off!

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720415

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/d/10961461/i/23605/pp/1/1?h=NayDluiVqLxczfs6ukE9bAh5v7uUKM42nnXbe4Smmw_mNivCouaJpuy1ePCKH1G4WnvGBTtwdkB_SiDw2Y1kKA**&rid=b9cfe86b-6571-11ed-a33f-e43d1a2a96ec&u=qdcslSX3TxFX1JDukbtaMvQzXvUU1Wl2QMrsKl20vO2EiLVVL05OkzYCmXyvlkfpjNTf9tZEFfuiEdPGUwWxVEHpy5HTNZg4oL-ripHxcUeulI0Yk2KurJiANuB2JhVPZHBVO2CNiHNNwyX67Nhps6zaL2d9ZD0rA7QUH7RjKV7yOKpmX3dOtjUdxkqYmLnOila32lqxnjYeI2m3j3lYpKszeYF2rLf7KWPjvIuoZmQ5ASWgLKUWYuUHJ36nNWMAUci9Vx4Ep9NhHKz_wTY5dBwEfnnNHVeAjYSZJrEwcXVlc-50aiMBXQ93D9gzgD5t2LWYSMdnDJSym1TSN54ueg**&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1&gdprApplies=1&st=60&mp4=1

Search URL Search Domain Scan URL

URL: https://8940ee6bchggao3arjqfty4m5p.hop.clickbank.net/?tid=BINRTL81422
Title: Ancient Japanese Discovery Melts 54 LBS Of Fat. Hint: Drink Daily Before 10:00 AM

Search URL Search Domain Scan URL

URL: https://62138b51nek2bycb0foa-rvl81.hop.clickbank.net/?tid=BINRTL101322
Title: Brand New Probiotics Specially Designed For The Health Of Your Teeth And Gums

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 218

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 220

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

269 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
beforeitsnews.com/ 127 KB
24 KB 704ms
673ms Document
text/html 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

badb1e69876243774549ecc510360bd367c7e0a2155eda509437c01e14707ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-allow-origin: *
access-control-max-age: 3628800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 76adea136e5a9b83-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 16 Nov 2022 05:44:22 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 d0TEFA1ti-Js6iM74ltdqi389Jg.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 20ms
17ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/d0TEFA1ti-Js6iM74ltdqi389Jg.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d01eee8af54b3ea2049757a2f70dee96fa85fcc3e701a7ba0d4c5bd2fcd91e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:22 GMT
x-amz-version-id: X3HmeONKJ9H2z.qUWNLSZloFfmqkAw0k
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: 7NY1CTFCDRMDERGK
age: 13564868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: kYKNv09IsOjoRvWRKA1sAfTY/SHQQfe8Ae3m+7c2P8djoLgE8KWgic6hm5fgn8kWdbQw9bKH9Pg=
last-modified: Sun, 12 Jun 2022 05:41:00 GMT
server: cloudflare
etag: W/"7291ca9c7b46eeb160385263b9721596"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76adea17ae339b83-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

968223d9a08ecd504af62126c91de12e96fe95e2a3c00853d9b1a268dd6af653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 05:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 05:44:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 05:44:23 GMT

GET
H2 200 global-bin-rev-20221007.css
beforeitsnews.com/static/css-v3/ 16 KB
4 KB 31ms
28ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a194ace54f5bfe33571be8873a85b98bfa9f7e7b7e9afc9e6fd9a354b23dd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 809623
cf-polished: origSize=16027
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-3e9b"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76adea17ae359b83-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 13 Nov 2022 20:37:28 GMT

GET
H2 200 fancybox-bin-rev-20221007.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 43ms
40ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20221007.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 809623
cf-polished: origSize=8029
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-1f5d"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76adea17ae369b83-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 13 Nov 2022 20:37:28 GMT

GET
H2 200 home-bin-rev-20221007.css
beforeitsnews.com/static/css-v3/ 29 KB
7 KB 31ms
29ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20221007.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 809623
cf-polished: origSize=29354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-72aa"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76adea17ae379b83-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 31 Oct 2022 11:31:26 GMT

GET
H2 200 responsive-bin-rev-20221007.css
beforeitsnews.com/static/css-v3/ 20 KB
4 KB 32ms
30ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20221007.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ee5811c76d7723bfd84473090c1a356eaaf8e383d33dfc592275a375c9197fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 809623
cf-polished: origSize=21003
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-520b"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76adea17ae389b83-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 13 Nov 2022 20:37:28 GMT

GET
H2 200 web-responsive-bin-rev-20221007.css
beforeitsnews.com/static/css-v3/ 371 B
280 B 28ms
26ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/web-responsive-bin-rev-20221007.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 809623
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:35:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3c07-173"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76adea17ae399b83-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 13 Nov 2022 20:37:28 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
57 KB 36ms
34ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 938446
cf-polished: origSize=149701
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
cf-bgj: minify
server: cloudflare
etag: W/"5fe55cb3-248c5"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76adea17ae3a9b83-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 12 Nov 2022 08:13:11 GMT

GET
H2 200 global-bin-rev-20221007.js Show response
beforeitsnews.com/static/js-v3/ 12 KB
4 KB 27ms
26ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20221007.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 809623
cf-polished: origSize=12613
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:42 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be2-3145"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76adea17ae3b9b83-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 13 Nov 2022 20:37:25 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 58ms
29ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 14333615
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-8ab"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea183f1f9b83-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 03 Jun 2023 08:07:45 GMT

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 46ms
7ms Script
text/javascript 18.66.97.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4705df9f16a57401d59569ddb4032a6c352b5352353475f891e4c2673e4d21fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 10:28:15 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified: Tue, 15 Nov 2022 10:28:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 69369
etag: "d42d13a91df4e0d75ec097b71ad3f741"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 10929
x-amz-cf-id: AE80aI-WL_koDBQHxmjk-yxNt5v2FglkY-O7ZAiKbzUD0U1HTtg-wA==

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 64ms
36ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 3747443
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-95e7"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea183f1e9b83-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 19 Sep 2023 20:37:20 GMT

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
231 B 61ms
33ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 3642841
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-5f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea183f209b83-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 09 Sep 2023 11:03:15 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/Y1TXcknTsvs/ 14 KB
14 KB 50ms
22ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Y1TXcknTsvs/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb0d3c35b96a6dfe72903c0418f1e25b86049180bc5dddd7f8e695b69ab2e4e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14319
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 16 Nov 2022 07:44:23 GMT

GET
H2 200 beforeitsnews.com.720413.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 99ms
27ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f8f569f3da46c5354dd8440b64c0e4571fa37ecb6068a6bc4e1fc267a0aa830

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
x-amz-version-id: _IjWACW2rz5gM.NPdt_rrBLpCg6ZJeeT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: F29KMEC6NVNH8AE1
age: 6435
cf-polished: origSize=2376
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 5IEuo7WP8mNWzPjS7he/V0wzK1BVwNCAIy/tMD07P6U7A5LZ5q0LR9N6Gp1yrBX8fdxroHdJkQo=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:12:23 GMT
server: cloudflare
etag: W/"f41cef00050693285ec10a5948c060a4"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 76adea188ec288b3-LHR
expires: Wed, 16 Nov 2022 08:44:23 GMT

GET
H2 200 beforeitsnews.com.720415.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 104ms
33ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a1fc4a5719569d254b33f46fbdacd4458fb9b4bef7b151959a059331062fafd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
x-amz-version-id: HAQi2UdKEQRlYoAaYX51Boi0OejctpqJ
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 7TWKG42R8MSM65KG
age: 7009
cf-polished: origSize=2376
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 9qoHRaxDOeEd+h7hmOR6sXQ1jaRd2Py1QDSNzOI2ljPdgOJtQD+1+/Wy6OSWne0/+5nZ2+S+e5Q=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:12:36 GMT
server: cloudflare
etag: W/"270789efeda5c50c611c382c58cc944b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 76adea188ec388b3-LHR
expires: Wed, 16 Nov 2022 08:44:23 GMT

GET
H3 200 tabs-bin-rev-20221007.js Show response
beforeitsnews.com/static/js-v3/ 148 B
593 B 31ms
31ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20221007.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 809996
cf-polished: origSize=189
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:45 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be5-bd"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76adea17ffe09951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 13 Nov 2022 20:37:28 GMT

GET
H2 200 12098 Show response
borirait.site/easylist/ 203 KB
41 KB 200ms
166ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borirait.site/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bf33be17a5cadedd2667e48f475bc2a9a0de4726961dc7dbccb7f0c5befee48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 05:44:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c3ce40521f2fab66ce1eea4291e1d2e29acce9d2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9EGg6QCd3eRW8LA2EIt34UzWYnF1D20ewylDWsjWXwciVXkCjFDwaqyNz1XRKcBWzbwUWw7cug85OxG%2Bxr2KUDWrXsJVdIcmzBsozwLN507qvEljnXnDHgbBXbU%2FhAk3l5xf3%2B5cThjLuJb"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 76adea184f8a90b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jsDeferParsing-bin-rev-20221007.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 29ms
28ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20221007.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f3eba1194c88bed5aea71a0e612cac14a5f13af4b072395d3327a462a050325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 809996
cf-polished: origSize=6187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-182b"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76adea17ffe89951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 13 Nov 2022 20:37:25 GMT

GET
H3 200 uIS3tZuchjgsdVfZJ4tq9DNH3cA.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 20ms
19ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/uIS3tZuchjgsdVfZJ4tq9DNH3cA.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/d0TEFA1ti-Js6iM74ltdqi389Jg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea96fd7ce63932fbc9213224d869baa7def0ffbd857e9e49a810f1c7c85fae6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
x-amz-version-id: gaZSMZ.GDpEX.J6NBpTgInhRq7_87cCL
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: JZ1Q8A0NBJ8X7JEM
age: 13564970
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: GhJHZpZYbO9vq8NeypU09riojBQlWGuDgAPt/12qOj60AaSvXKxWb+SjYxyULNSh7jZ1eDjrTD0=
last-modified: Sun, 12 Jun 2022 05:41:00 GMT
server: cloudflare
etag: W/"9c4467cd9e662b0279cdde807d82daa1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76adea180fff9951-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
45 KB 53ms
25ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27b97fb195867cc4275bf8a7845a54e4c22bec08e0775a0946940ce50a8af1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45434
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Nov 2022 05:44:23 GMT

GET
H3 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
632 B 31ms
30ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 939681
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-a4"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea1808009951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 16 Oct 2023 02:37:57 GMT

GET
H3 200 search.png
beforeitsnews.com/img/b4in/ 686 B
1 KB 31ms
30ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 939680
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-325"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea1808029951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 02 Nov 2023 18:29:15 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 35ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:09:55 GMT
x-content-type-options: nosniff
age: 117268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 21:09:55 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v14/ 15 KB
15 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v14/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 12:50:48 GMT
x-content-type-options: nosniff
age: 492815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15104
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 12:50:48 GMT

GET
H2 200 OpKRg.oq1b-small-SITUATION-UPDATE-111522.jpg
sp.rmbl.ws/s8/1/O/p/K/R/ 27 KB
27 KB 124ms
61ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/O/p/K/R/OpKRg.oq1b-small-SITUATION-UPDATE-111522.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 9216263738afedb1ebd7d69e6c7b57146a1531dc3b2feb1a20811949ed9019e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
last-modified: Tue, 15 Nov 2022 22:12:19 GMT
server: nginx
etag: "a6321e0c4071c6183e7dd93cd40a2458"
x-hw: 1668577463.cds157.fr8.hn,1668577463.cds252.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=69013
accept-ranges: bytes
content-length: 27167

GET
H2 200 70xj1b.jpg
i.imgflip.com/ 76 KB
77 KB 73ms
26ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70xj1b.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c06e495f43829458c1154dcb847dccb258e2490fdc8022d80c8ee9410507fd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cf-cache-status: HIT
x-amz-request-id: CGGK5C6Y9QG77BCV
age: 11050
cf-polished: origSize=78906
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78223
x-amz-id-2: v8mk0Ajq/IOXFAhLnkdzF8G6z2Uou2smDxEZ26KHe2zZGpGi14/WQ6Vv3nWL9E+7Awyrr4VLuXo=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Nov 2022 02:31:30 GMT
server: cloudflare
etag: "cde62761e637c1f7e44432c9e4a217f2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76adea187de79ba1-FRA
expires: Sat, 13 Nov 2032 05:44:23 GMT

GET
H2 200 e5-Kg.oq1b.1.jpg
sp.rmbl.ws/s8/6/e/5/-/K/ 16 KB
16 KB 168ms
105ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/e/5/-/K/e5-Kg.oq1b.1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: e9d3e91c5c402ee3e44b8ccacf4e6b0693f34c892f54d2a3c9c228e784efe260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
last-modified: Sat, 12 Nov 2022 01:36:47 GMT
server: nginx
etag: "d2b8c655df203d4185b5eb6e3ae10ce1"
x-hw: 1668577463.cds157.fr8.hn,1668577463.cds227.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=48608
accept-ranges: bytes
content-length: 16380

GET
H2 200 logo_1_wg5s9f.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 70 KB
70 KB 27ms
26ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/logo_1_wg5s9f.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e39fbaf69594ed7df217d88b6e405c5c6497269f6a5becc04e6ca8078a57d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 433848
cf-polished: origSize=76041, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71384
last-modified: Tue, 22 Feb 2022 21:16:35 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "621552b3-12909"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea185f5a9b83-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 11 Nov 2023 01:29:53 GMT

GET
H2 200 70xqtc.jpg
i.imgflip.com/ 57 KB
57 KB 36ms
16ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70xqtc.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 773a4e7fbdc613d57c567b05721f87b7f7b97f0d58ad4e8c9e8531ebd46533c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cf-cache-status: HIT
x-amz-request-id: CRHXEGF72A0EKA0R
age: 7033
cf-polished: origSize=58891
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57918
x-amz-id-2: DFeF0/VTmMav8MKrIDOKNkSuWwL0kDjCx2EzWCB8zMBfa56wW+7ws4F8OUwBgQJtpL/WSboK5hc=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Nov 2022 03:41:22 GMT
server: cloudflare
etag: "42edf4f5ea9484b02d52ca6a92de6218"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76adea187dea9ba1-FRA
expires: Sat, 13 Nov 2032 05:44:23 GMT

GET
H2 200 EyROg.oq1b.2-small-Charlie-Ward-Dont-Worry-11..jpg
sp.rmbl.ws/s8/1/E/y/R/O/ 42 KB
42 KB 150ms
115ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/E/y/R/O/EyROg.oq1b.2-small-Charlie-Ward-Dont-Worry-11..jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 58aa67532ca92a7ba13ac2ce6e32af21801e891fda8d216a9fb05f0ba0f2837d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
last-modified: Mon, 14 Nov 2022 08:07:44 GMT
server: nginx
etag: "861ce733140760246b96b3d5a3d2694f"
x-hw: 1668577463.cds157.fr8.hn,1668577463.cds243.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14364
accept-ranges: bytes
content-length: 43339

GET
H2 200 70xkaq.jpg
i.imgflip.com/ 65 KB
65 KB 46ms
26ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70xkaq.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e278eba40e64f5adb34a4f691da536fd74c46550f4c8ed30a91ac394282ac0e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cf-cache-status: HIT
x-amz-request-id: 9ESJ1BSMKQN5JED9
age: 10582
cf-polished: origSize=66682
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66482
x-amz-id-2: eOSNoePneiTI6kAHSQ3IIxv96Up0NNqWyB+ikESDQKU1kXbSbN4siWUL5uhRAhqAYEU4AISgNAo=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Nov 2022 02:42:18 GMT
server: cloudflare
etag: "e5ad7758f35ce95401e328bfb6d8c89e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76adea187ded9ba1-FRA
expires: Sat, 13 Nov 2032 05:44:23 GMT

GET
H2 200 2wORg.oq1b-small-Ep.-2926b-What-Happens-If-B.jpg
sp.rmbl.ws/s8/1/2/w/O/R/ 37 KB
37 KB 159ms
123ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/2/w/O/R/2wORg.oq1b-small-Ep.-2926b-What-Happens-If-B.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 690822970b24b3265f5d24dc65920d4707909b62cd2101a05ccfa2204e744f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
last-modified: Tue, 15 Nov 2022 23:57:37 GMT
server: nginx
etag: "7845cee2b6b85e3a4a1cf41382615281"
x-hw: 1668577463.cds157.fr8.hn,1668577463.cds142.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=66731
accept-ranges: bytes
content-length: 37819

GET
H3 200 hqdefault(384).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 15 KB
15 KB 55ms
51ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/hqdefault(384).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c8288a0739ac7b9d71592f12c6da487bd2c63cc2657a561e6089f93ff1bfd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 126590
cf-polished: origSize=15544, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15130
last-modified: Mon, 24 Oct 2022 20:58:13 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6356fc65-3cb8"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea1878ce9951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 14 Nov 2023 12:12:16 GMT

GET
H2 200 70xotd.jpg
i.imgflip.com/ 57 KB
57 KB 30ms
26ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70xotd.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10a75711625e152e9e1de8b8e0605ee8d49cc7d2c264d38f87c1fdc84067268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cf-cache-status: HIT
x-amz-request-id: V8H17EMR8V38399A
age: 7447
cf-polished: origSize=58696
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58197
x-amz-id-2: 0TiKp3S9+k2E9LZ5LX6ISR6jRll2uLUY5UwlHCw9F4nt0I3r58+v7pSVBzBttjzUcMl6cZuSphA=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Nov 2022 03:21:57 GMT
server: cloudflare
etag: "533188ada39823647c15d806a85f1477"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76adea187df09ba1-FRA
expires: Sat, 13 Nov 2032 05:44:23 GMT

GET
H3 200 clif-high(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 26 KB
27 KB 57ms
54ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/clif-high(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0cc46fd307661ddfe1c8a4f05af453ce3c5c7641b22c4ce3e06ab690c99348b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 151406
cf-polished: origSize=27625, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26980
last-modified: Sun, 28 Mar 2021 16:38:12 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6060b0f4-6be9"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea1878cf9951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 13 Nov 2023 05:39:29 GMT

GET
H3 200 no-img.png
img.beforeitsnews.com/img/v3/ 1 KB
2 KB 61ms
58ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/no-img.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 12887773
cf-polished: origFmt=png, origSize=1604
content-disposition: inline; filename="no-img.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1298
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-644"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea1878d19951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 19 Jun 2023 13:51:04 GMT

GET
H2 200 70sj1h.jpg
i.imgflip.com/ 71 KB
71 KB 26ms
26ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70sj1h.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6d52f32eced2aea962b6a674009bd1be0ccf506af181a216384d25565a6ac31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cf-cache-status: HIT
x-amz-request-id: G0PKJD5HBPR6NJXS
age: 97284
cf-polished: origSize=72565
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72266
x-amz-id-2: yvPJ+WRpAvVnt9DOB34nAlECM8rZ8Wxns6MxWiWnWRleY+G5DErfILTs/cWQuRkKPE4xZLT4jBU=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 15 Nov 2022 02:37:54 GMT
server: cloudflare
etag: "017d45ca1a5f8798228145f93513b7e5"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76adea187df29ba1-FRA
expires: Sat, 13 Nov 2032 05:44:23 GMT

GET
H2 200 6eVMViSeK82k_640x360.jpg
static-3.bitchute.com/live/cover_images/hYAwjR83sVSl/ 24 KB
24 KB 69ms
6ms Image
image/jpeg 2400:52e0:1e00::722:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/hYAwjR83sVSl/6eVMViSeK82k_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::722:1 , Slovenia, ASN200325 (BUNNYCDN, DE),

Reverse DNS

Software

BunnyCDN-DE-722 /

Resource Hash

0bc671931d94766730f0ef8d31d927a524a9c4e68dce6947cc3c53e5878ee33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 1047
x-amz-request-id: tx00000000000002b65721e-00637340b7-21d2a51f-nyc3a
cdn-cachedat: 11/15/2022 07:33:11
cdn-pullzone: 89010
content-length: 24198
last-modified: Tue, 15 Nov 2022 06:08:30 GMT
server: BunnyCDN-DE-722
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 9f52160e213c0b207f0d167b48fba3ec
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 70kb29.jpg
i.imgflip.com/ 22 KB
22 KB 24ms
24ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70kb29.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e8afde24c9d1649679073c92e36842cc72831188aa26f043e21f4f67aa5aa38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cf-cache-status: HIT
x-amz-request-id: RNGHA9C7H3YTKJQS
age: 268044
cf-polished: origSize=23329
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22605
x-amz-id-2: 0OMTenqzdNHhVJsfmGfiKlei8FoPNGk387nYW6+BAKJOSrnBnm8qROBzcLadnyNEfa8QTL0RDCc=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 13 Nov 2022 03:03:22 GMT
server: cloudflare
etag: "c887675ce4093f3b76d10e8f93516e9d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76adea187df49ba1-FRA
expires: Sat, 13 Nov 2032 05:44:23 GMT

GET
H2 200 c0SRg.oq1b.2-small-The-Next-Phase-Has-Official.jpg
sp.rmbl.ws/s8/1/c/0/S/R/ 45 KB
45 KB 123ms
110ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/c/0/S/R/c0SRg.oq1b.2-small-The-Next-Phase-Has-Official.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 4cd9824716dded423848eb90b2c49504e0fee7152790113bd7c15d82dff4f104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
last-modified: Wed, 16 Nov 2022 01:44:59 GMT
server: nginx
etag: "edd5495d9e7330a182fef536ded6c43b"
x-hw: 1668577463.cds157.fr8.hn,1668577463.cds055.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=72199
accept-ranges: bytes
content-length: 46245

GET
H2 200 70xn2l.jpg
i.imgflip.com/ 66 KB
66 KB 23ms
22ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70xn2l.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c83946e175ac8f5be1ea46e5896c8a51ef4dfbbf75ce8f92a0b5f256c637bff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cf-cache-status: HIT
x-amz-request-id: AE7RNDK58JDJV172
age: 8743
cf-polished: origSize=67774
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67385
x-amz-id-2: RFBjXEpXhcKFncmMTfoQiyCqtBuPTSvvlRI7tt1R/3/7ofprdRUn8m0e5OaiovOTlWXTBQctboE=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Nov 2022 03:06:02 GMT
server: cloudflare
etag: "f7c1c879bedd068ea36b458ef82761ea"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76adea188e009ba1-FRA
expires: Sat, 13 Nov 2032 05:44:23 GMT

GET
H3 200 OIP%20(2)(176).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 23 KB
23 KB 55ms
54ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(2)(176).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fef9f5e0426db8783612d7cdecd671cb32de9e20b27d18f110512f5dfc1caadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 812574
cf-polished: origSize=32913, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23050
last-modified: Sun, 06 Nov 2022 19:46:58 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63680f32-8091"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea1888da9951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 06 Nov 2023 19:49:07 GMT

GET
H2 200 Screenshot-2022-11-15-111858.png
www.ournewearthnews.com/wp-content/uploads/2022/11/ 118 KB
119 KB 1183ms
188ms Image
image/png 162.241.30.109
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ournewearthnews.com/wp-content/uploads/2022/11/Screenshot-2022-11-15-111858.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.30.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5924.bluehost.com
Software: Apache /
Resource Hash: 5d9c258676dd7921f77411de9569d784cdaec92335493b8d1a7dfe8cabd5763b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
x-nginx-cache: WordPress
last-modified: Tue, 15 Nov 2022 17:23:24 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 120711
expires: Thu, 17 Nov 2022 05:44:24 GMT

GET
H3 200 photo_2022-11-14_14-34-26.jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 22 KB
22 KB 37ms
25ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/photo_2022-11-14_14-34-26.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cbf18959509bfbf96b60da1a4c7454e71c70d2d0761dbd5978a7dff02004d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 122022
cf-polished: origSize=26374, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22362
last-modified: Mon, 14 Nov 2022 19:42:07 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63729a0f-6706"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea1878c09951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 14 Nov 2023 19:42:59 GMT

GET
H2 200 OCJRg.oq1b.2-small-Dr.-David-Martin-CONTROLLED.jpg
sp.rmbl.ws/s8/1/O/C/J/R/ 57 KB
57 KB 113ms
109ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/O/C/J/R/OCJRg.oq1b.2-small-Dr.-David-Martin-CONTROLLED.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: feaeaf37ed3a2420ec0f0aeab23e9b0d5d2f5ae15bb21ae88c5ca2c5bf35f3d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
last-modified: Tue, 15 Nov 2022 21:51:59 GMT
server: nginx
etag: "73a95a3a08d9652de88eb58044aa0539"
x-hw: 1668577463.cds157.fr8.hn,1668577463.cds256.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=58187
accept-ranges: bytes
content-length: 58134

GET
H2 200 sB2Pg.oq1b-small-Ep.-2925b-Trump-Tomorrow-Wi.jpg
sp.rmbl.ws/s8/1/s/B/2/P/ 58 KB
58 KB 115ms
111ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/s/B/2/P/sB2Pg.oq1b-small-Ep.-2925b-Trump-Tomorrow-Wi.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: cb53cdf2605afe7aad9e1232ef7e4432ea4c485f32f1beb4a054b0d1504821cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
last-modified: Mon, 14 Nov 2022 23:25:06 GMT
server: nginx
etag: "36a13319fcab15cfb7613233d3c8d3d7"
x-hw: 1668577463.cds157.fr8.hn,1668577463.cds282.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=63886
accept-ranges: bytes
content-length: 59141

GET
H2 200 n9VjdFkCHfws_640x360.jpg
static-3.bitchute.com/live/cover_images/NYZMjDr6JOG3/ 28 KB
28 KB 50ms
16ms Image
image/jpeg 2400:52e0:1e00::722:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/NYZMjDr6JOG3/n9VjdFkCHfws_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::722:1 , Slovenia, ASN200325 (BUNNYCDN, DE),

Reverse DNS

Software

BunnyCDN-DE-722 /

Resource Hash

4e389218927c149529b667409ed22a2a56dd391d19a09b53415ada91bccea58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 1047
x-amz-request-id: tx00000000000002b8ec05d-006373b7fe-21d2756d-nyc3a
cdn-cachedat: 11/15/2022 16:02:06
cdn-pullzone: 89010
content-length: 28606
last-modified: Mon, 14 Nov 2022 22:54:04 GMT
server: BunnyCDN-DE-722
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 7e0181e937d7cfab9a3f8ba5543754f2
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 SdG40kfL4kqO_320x180.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 24 KB
24 KB 47ms
13ms Image
image/jpeg 2400:52e0:1e00::722:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/SdG40kfL4kqO_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::722:1 , Slovenia, ASN200325 (BUNNYCDN, DE),

Reverse DNS

Software

BunnyCDN-DE-722 /

Resource Hash

25baabde5ab48b2510f26d07101ef48899781ce1bfe1e2e5377796c9677b0dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 863
x-amz-request-id: tx00000000000002b8d189d-006373b6a5-21d2a51f-nyc3a
cdn-cachedat: 11/15/2022 15:56:21
cdn-pullzone: 89010
content-length: 24143
last-modified: Tue, 15 Nov 2022 15:27:42 GMT
server: BunnyCDN-DE-722
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: 556ab4b86383cc4bde61ee603d187f15
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 6zot0w.jpg
i.imgflip.com/ 84 KB
85 KB 60ms
46ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6zot0w.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.64.15 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd4fbd0b24d02a7f50a5de3238e4dc37ce315f157794d618b8536d6e4cf3788

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cf-cache-status: HIT
x-amz-request-id: S12BYXCT496T9846
age: 873695
cf-polished: origSize=86630
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86156
x-amz-id-2: PITQ/OcDngQVXnQ9WbD3atp3LuGpJyGsBbINBQ3wtqeibb9FH16gqpYwqsv5YIWYFIhdwaZf3Z4=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 06 Nov 2022 02:48:35 GMT
server: cloudflare
etag: "7df1049fd32b86835d4236bc7fb47670"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76adea18bf4992b7-FRA
expires: Sat, 13 Nov 2032 05:44:23 GMT

GET
H3 200 q-anon-heman-herman.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 19 KB
19 KB 52ms
41ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/q-anon-heman-herman.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b76b552b13c93e2de7031bd6a9f4e54f75d7abd1fe62c133a9948e3598d10e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 104465
cf-polished: origSize=24929, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19184
last-modified: Sat, 12 Nov 2022 23:08:21 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63702765-6161"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea1878c29951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 15 Nov 2023 00:38:42 GMT

GET
H2 200 IlFRg.oq1b.2-small-The-Storm-Has-Started-Be-Re.jpg
sp.rmbl.ws/s8/1/I/l/F/R/ 76 KB
76 KB 117ms
114ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/I/l/F/R/IlFRg.oq1b.2-small-The-Storm-Has-Started-Be-Re.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 1b612e628d1d0351f65d48d424f3ea015eb62103e1373b6ec255829e8feea1fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
last-modified: Tue, 15 Nov 2022 20:17:29 GMT
server: nginx
etag: "3500202c0b3543721741bb2ea24b59f3"
x-hw: 1668577463.cds157.fr8.hn,1668577463.cds015.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=52463
accept-ranges: bytes
content-length: 77938

GET
H2 200 Y8cRg.oq1b.jpg
sp.rmbl.ws/s8/6/Y/8/c/R/ 11 KB
12 KB 120ms
116ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/Y/8/c/R/Y8cRg.oq1b.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 6ba5ca184bfcf5b39713fadd7b1442fe53a9ae8ff2dfec3935fb3f86480fd5af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
last-modified: Tue, 15 Nov 2022 13:54:44 GMT
server: nginx
etag: "9ee692a9c518137c74286bc42eb2a776"
x-hw: 1668577463.cds157.fr8.hn,1668577463.cds148.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=29947
accept-ranges: bytes
content-length: 11761

GET
H2 200 IDYPg.oq1b-small-SITUATION-UPDATE-111422.jpg
sp.rmbl.ws/s8/1/I/D/Y/P/ 25 KB
25 KB 120ms
117ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/I/D/Y/P/IDYPg.oq1b-small-SITUATION-UPDATE-111422.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: e532252f98b6de1eb227f7e41734c67a5f0ffe91dd980876103d160e2ebed2dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
last-modified: Mon, 14 Nov 2022 21:53:33 GMT
server: nginx
etag: "9ca0e59ad649eaf1b0066ae666489e8b"
x-hw: 1668577463.cds157.fr8.hn,1668577463.cds248.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=70361
accept-ranges: bytes
content-length: 25675

GET
H3 200 70soks.jpg
i.imgflip.com/ 103 KB
104 KB 32ms
18ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70soks.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.64.15 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e07a66b177611ab4b2c62f18e7c10843100dabde3302a31dc9afd827ce2526f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cf-cache-status: HIT
x-amz-request-id: RV4JEVC3E2JK9WEE
age: 94022
cf-polished: origSize=106324
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105852
x-amz-id-2: NL+2Y9G+WUxEQB6Qy5ELc33axXAH5/iSv/CJmd4KpRMMG465aHBHuYyYvBveT0nnrVyxSC/uVaU=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 15 Nov 2022 03:31:35 GMT
server: cloudflare
etag: "6467bf7b945cf65d411e17984b516b50"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76adea18bf4892b7-FRA
expires: Sat, 13 Nov 2032 05:44:23 GMT

GET
H3 200 Dvaid-Wilcock-Predicts-Some-Very-Big-Events-2-1024x575(2).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 20 KB
21 KB 52ms
41ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Dvaid-Wilcock-Predicts-Some-Very-Big-Events-2-1024x575(2).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f10933a55ea376c3ae57000f6a7c410d52a2b45e0e8d404a0a7d1faa01ebe2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 227328
cf-polished: origSize=22017, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20949
last-modified: Mon, 23 Mar 2020 00:21:04 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5e7800f0-5601"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea1878c49951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 12 Nov 2023 02:08:43 GMT

GET
H3 200 70smwz.jpg
i.imgflip.com/ 87 KB
88 KB 37ms
24ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70smwz.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.64.15 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f07a6593d43c1ce90e3dce0f9bf32f33336a39e788bb0d37a18ece273463bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cf-cache-status: HIT
x-amz-request-id: FMMBA9H596BQSSWY
age: 94667
cf-polished: origSize=89955
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 89444
x-amz-id-2: RvaleN5+pgkWwl1ivhJXvaDzvebARMWN5z1dU5iK/fuOpd3JhzfccCMV+HhqE3xw/RTIbn5WyXg=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 15 Nov 2022 03:14:02 GMT
server: cloudflare
etag: "c2d8b909476585567aaf27fcbcc6cd61"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76adea18bf4592b7-FRA
expires: Sat, 13 Nov 2032 05:44:23 GMT

GET
H2 200 kMJMg.oq1b-small-SITUATION-UPDATE-111222.jpg
sp.rmbl.ws/s8/1/k/M/J/M/ 24 KB
24 KB 121ms
118ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/k/M/J/M/kMJMg.oq1b-small-SITUATION-UPDATE-111222.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 49392c2be71d4f5dc591e7315a4e0d851dbc2d84e698f5a2689c33371765f236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
last-modified: Sun, 13 Nov 2022 00:33:35 GMT
server: nginx
etag: "2c1d765c8dc41acd1b5b028607d029fd"
x-hw: 1668577463.cds157.fr8.hn,1668577463.cds141.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=73595
accept-ranges: bytes
content-length: 24923

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/o9LqZGr-z-I/ 44 KB
45 KB 59ms
7ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/o9LqZGr-z-I/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc4c8022b04641041bd28e86cca274c5339177ab035b3d1cb6bd7e34e8919540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:43:47 GMT
x-content-type-options: nosniff
age: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45034
x-xss-protection: 0
server: sffe
etag: "1668562901"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 16 Nov 2022 05:48:47 GMT

GET
H3 200 70kaok.jpg
i.imgflip.com/ 118 KB
119 KB 57ms
47ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70kaok.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.64.15 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 233eca5f4f7e19c25cc0f721efaad650525ce61f70a81770ada51d91227e21d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cf-cache-status: HIT
x-amz-request-id: EX8KCSTQN6F4KBGH
age: 268145
cf-polished: origSize=122351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 121062
x-amz-id-2: wsoVWtm9sPiyOPQ3NcokFPFFuo/3O5An0JZYU+1dFNPS9vJLePtdziTjnhqBJ7faRYwFekawiOE=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 13 Nov 2022 02:59:45 GMT
server: cloudflare
etag: "23263fccb18eef0725b1c9dd8cebcd4e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76adea18cf4b92b7-FRA
expires: Sat, 13 Nov 2032 05:44:23 GMT

GET
H2 200 BDus97OPnc68_320x180.jpg
static-3.bitchute.com/live/cover_images/Iw2kiviwZpwx/ 14 KB
14 KB 28ms
14ms Image
image/jpeg 2400:52e0:1e00::722:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/Iw2kiviwZpwx/BDus97OPnc68_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::722:1 , Slovenia, ASN200325 (BUNNYCDN, DE),

Reverse DNS

Software

BunnyCDN-DE-722 /

Resource Hash

8c488ca0ee9a0191a433c2676ac385400877a165e179ed0aaec5a408835631e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 860
x-amz-request-id: tx00000000000002abe169a-0063714430-21d2b5c8-nyc3a
cdn-cachedat: 11/13/2022 19:23:29
cdn-pullzone: 89010
content-length: 14282
last-modified: Sat, 12 Nov 2022 17:53:58 GMT
server: BunnyCDN-DE-722
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: e5153cd99057213f7ce1d9f565b2a95a
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 7160-tofmgxscqp(12).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 50 KB
50 KB 57ms
48ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/7160-tofmgxscqp(12).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f0593a5d13fb5749e110899dbe6e2e4e7d807f3958e15b937cc6f0001764f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 125456
cf-polished: origSize=53712, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51132
last-modified: Sun, 02 Jan 2022 17:59:08 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "61d1e7ec-d1d0"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea1878c79951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 01 Nov 2023 11:34:42 GMT

GET
H3 200 th(20)(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 15 KB
16 KB 56ms
49ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/th(20)(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56438a82fdbefb67d4a30afd1d839de246b0e56832be695ade6660bdb6c35507

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 197241
cf-polished: origSize=16641, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15721
last-modified: Sat, 13 Feb 2021 03:15:25 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6027444d-4101"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea1878ca9951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 13 Nov 2023 00:10:55 GMT

GET
H3 200 OIP%20(1)(87).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 28 KB
28 KB 39ms
33ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(87).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9d447abcc72abe7d4c47bbef66f0ce21b3a596e9713c650ff7fd84ce9c94986

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 471197
cf-polished: origSize=29997, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28581
last-modified: Sat, 11 Sep 2021 16:33:17 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "613cda4d-752d"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea1878cd9951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 24 Sep 2023 15:29:50 GMT

GET
H2 200 K7cOg.cq1b.2-small-Ep.-2924b-Civil-War-Has-Beg.jpg
sp.rmbl.ws/s8/1/K/7/c/O/ 35 KB
35 KB 101ms
98ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/K/7/c/O/K7cOg.cq1b.2-small-Ep.-2924b-Civil-War-Has-Beg.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: c1cb26beb27bc6b3fb7e9b223ed5e30e37fc226adfa62b366a5a664c4425dff2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
last-modified: Sun, 13 Nov 2022 22:38:10 GMT
server: nginx
etag: "2e454a62ae902542c386c5d6cf4317aa"
x-hw: 1668577463.cds157.fr8.hn,1668577463.cds166.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=61468
accept-ranges: bytes
content-length: 35515

GET
H3 200 70gykr.jpg
i.imgflip.com/ 100 KB
100 KB 50ms
46ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/70gykr.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.64.15 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e57077b7049f530c3a3b57e45ede080229e9b6132f111f276d7a5bcf1299f9df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cf-cache-status: HIT
x-amz-request-id: DBY0H6JRFW9GHYPK
age: 353825
cf-polished: origSize=102423
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 102216
x-amz-id-2: 5XSa0KFvbk9cakE08l0M8+SfbnErmt9TGvZ2uD0V9pTYhtQv0Xt8krmuMFngJRtSD9lPk5dT1cE=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 12 Nov 2022 03:15:49 GMT
server: cloudflare
etag: "79d869b8a09b4293a52ee8644cc5d6b4"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 76adea18cf5992b7-FRA
expires: Sat, 13 Nov 2032 05:44:23 GMT

GET
H2 200 cNGPg.oq1b.2-small-11.14.22-SPEAKER-SNL-Ta-Cat.jpg
sp.rmbl.ws/s8/1/c/N/G/P/ 31 KB
32 KB 102ms
98ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/c/N/G/P/cNGPg.oq1b.2-small-11.14.22-SPEAKER-SNL-Ta-Cat.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 89fc64965f25ad3124a7f8094fa0ac2296d4a4681362156d370b2db27ba248c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
last-modified: Mon, 14 Nov 2022 16:54:34 GMT
server: nginx
etag: "c60b2e16b52edd1577aa3724f8c9fa1f"
x-hw: 1668577463.cds157.fr8.hn,1668577463.cds246.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=40349
accept-ranges: bytes
content-length: 32192

GET
H2 200 IMG_20221111_135515_353.jpg
m.beforeitsnews.com/contributor/upload/819011/images/ 33 KB
33 KB 60ms
44ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20221111_135515_353.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29df878bc3b698e57dc1e08c12881ff1a640110f95f38a64137cdc1bb4300fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 371460
cf-polished: origSize=37242, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33702
last-modified: Fri, 11 Nov 2022 21:56:22 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "636ec506-917a"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea18e8749b83-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 11 Nov 2023 21:56:23 GMT

GET
H2 200 B65DC8FA-871B-4217-94AE-C1782877CB84.jpeg
m.beforeitsnews.com/contributor/upload/738377/images/ 51 KB
51 KB 42ms
42ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.beforeitsnews.com/contributor/upload/738377/images/B65DC8FA-871B-4217-94AE-C1782877CB84.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ba678007777c8f3da08b6fd7ed29b2245dec4f572bba3313c54766f17cbda1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 227222
cf-polished: origSize=56533, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51789
last-modified: Sun, 13 Nov 2022 14:20:51 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6370fd43-dcd5"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea18f8af9b83-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 13 Nov 2023 14:20:56 GMT

GET
H3 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 54ms
54ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 939680
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-3be6"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea1888dd9951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 05 Nov 2023 08:17:34 GMT

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame 6ACF 2 KB
1 KB 30ms
29ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202210165
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88deb6cca5f42a1b999d8d1a57ab4c4ca0c40753aed081fa66492d8d1797f1e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
x-amz-version-id: Pyg._uIsc5AQSNjNuGPay5ap_Yo6O9GK
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: DRFVNYF4P8N2HCDP
age: 545
cf-polished: origSize=2376
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: m0I/i+YtH9MstR8H5SZRYyQDDrVLYVxao1ZDSZk5LcjVu6mIohJNjoMuda01/L9jq2WVT5c5kyw=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:11:31 GMT
server: cloudflare
etag: W/"3fa7a22def0ef9ee9c381060c52eeb94"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 76adea189ed488b3-LHR
expires: Wed, 16 Nov 2022 08:44:23 GMT

GET
H2 200 ajs.js Show response
cdn2.customads.co/_js/ 7 KB
3 KB 71ms
9ms Script
application/javascript 2600:9000:2182:5c00:18:9413:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.customads.co/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5c00:18:9413:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 08:18:42 GMT
content-encoding: gzip
via: 1.1 google, 1.1 cddd3e95f67291463f7a95d065c7fcfe.cloudfront.net (CloudFront)
last-modified: Sun, 13 Nov 2022 23:08:11 GMT
x-amz-cf-pop: DUS51-C1
age: 77141
etag: W/"1a40-18473401b01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: farQY8KFTfN8Px4O7fvOOfNwAlKmXkzsYTG4j1gsyz_odyros075_w==

GET
H3 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
43 KB 43ms
42ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 936606
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-a834"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea1899029951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 05 Nov 2023 08:13:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 53ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7efaa08adcc8a1f397fb7d8a20cae25515ed7741cfefdfda56bfea3aff4b2412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49163
x-xss-protection: 0
server: cafe
etag: 16687523855758316810
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 05:44:23 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
529 B 51ms
20ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 00:27:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 19002
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaxzF6Flzy8KxqrBFeveSxp0XKJT6%2B6xwvw%2ByAzXXXnfIW%2BeFaN%2FUK8H9EM10yc4bTWgNrLN6bIICn%2BJMNcGegRgHAtEbXhEXixNtmCUMzdLExouVa574UmIkh6wVnpZBpkm2kCpwytu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 76adea193bee9ba4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9

GET
H2 200 adcode.png
rddywd.com/ 43 B
551 B 47ms
19ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 48049
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BhU5m9qe4jdH7nDXFyop16gaNaJjn4X2IHQJ9b9NyzE30KDaDYjE3gUdLlm9Nl%2BEvZMbGnqEiq%2Fms8dpEYgRwWv7r57frZ5WehkDcrpnAAK%2BU2dJCsfwZiQBUr04e8FioDYQ4K3QA05"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 76adea19389290b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 204 generate_204
www.googleapis.com/ 0
210 B 36ms
6ms Image
text/plain 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 29ms
29ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20221007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1577258
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-a0e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea18e9699951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 27 Oct 2023 18:23:05 GMT

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 15 B
484 B 723ms
693ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4504c1cb95381a139f0c0d680b1b708b6d115d6624121ebc7f3d0ca63a87624b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
x-frame-options: SAMEORIGIN
cf-ray: 76adea198bf66964-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
content-length: 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame 3D25 21 KB
7 KB 47ms
8ms Document
text/html 18.66.147.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-12.fra60.r.cloudfront.net

Software

tv /

Resource Hash

5e334d80e235b694fd475fc2016080bd4ad5c6b15190e745d72dc94eaaac80ed

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://.ampproject.org/ https://.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-rnFUkXqjdqzMKZ6AWPn9VA=='
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79
alt-svc: h3=":443"; ma=86400
cache-control: max-age=120
content-encoding: gzip
content-security-policy: object-src 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-rnFUkXqjdqzMKZ6AWPn9VA=='
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 05:43:04 GMT
expires: Wed, 16 Nov 2022 05:45:04 GMT
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-id: D5Ya8nSV-k6KiZcNMZzwiRzlIbO4LLRBrKMQ9s0zpY4W9a7BRx6yOw==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 Screenshot-2022-11-12-040312.png
www.ournewearthnews.com/wp-content/uploads/2022/11/ 79 KB
79 KB 1419ms
553ms Image
image/png 162.241.30.109
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ournewearthnews.com/wp-content/uploads/2022/11/Screenshot-2022-11-12-040312.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.30.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5924.bluehost.com
Software: Apache /
Resource Hash: e07fc5c65bd1a68288ee07ddf3b7f171a068cf0f1a76d03fb4797695ba5842f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
x-nginx-cache: WordPress
last-modified: Sat, 12 Nov 2022 10:08:43 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 80420
expires: Thu, 17 Nov 2022 05:44:24 GMT

GET
H2 200 ltstevenrogersmilitarynews.png
www.ournewearthnews.com/wp-content/uploads/2022/11/ 78 KB
78 KB 1418ms
553ms Image
image/png 162.241.30.109
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ournewearthnews.com/wp-content/uploads/2022/11/ltstevenrogersmilitarynews.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.30.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5924.bluehost.com
Software: Apache /
Resource Hash: ae66c72453c6b2a0cdfa543917b9a29a13ccfe9cfdfd6fa2510181d938bb2060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
x-nginx-cache: WordPress
last-modified: Tue, 15 Nov 2022 17:03:02 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 79448
expires: Thu, 17 Nov 2022 05:44:24 GMT

GET
H3 200 beforeitsnews.com.720413.es6.js Show response
jsc.mgid.com/b/e/ 268 KB
77 KB 81ms
56ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca54a58be4f54cf7421a2f34a0ed18f3eeed78566f71fe1ac8e80734abf08838

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
x-amz-version-id: gwGlBd8PvoGV_9OxPwW3s_v0jeQ6LLEQ
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 29XDPBB17A2THMFS
age: 2367
cf-polished: origSize=274057
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JktKzCRrD+T61+3X8d9it7PSURznrmeNOV9NR7nulcsYsJNumZcb95en3PP7n1a6xRnabPEfZ9Y=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:12:23 GMT
server: cloudflare
etag: W/"c79a3cefb20a8b758304b926fecffe9b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 76adea19cfc87511-LHR
expires: Wed, 16 Nov 2022 08:44:23 GMT

GET
H3 200 beforeitsnews.com.720415.es6.js Show response
jsc.mgid.com/b/e/ 268 KB
77 KB 144ms
119ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe7249a559c40d77c52c75c19e5dc4c032e4b2e17a4189e2f89eda272af2ac6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
x-amz-version-id: qvyLR093rn4jNb6UD2GmB__o3CmwMAnU
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 5VQMZQ8D85347C30
age: 161
cf-polished: origSize=274057
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: lhIHDBaaRm5FJfu6rS+OOZIQUhv8GeQJVpuPCSBopZdFmv8SefrMDzsDCGVHxFLxKbrSHInU7L8=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:12:36 GMT
server: cloudflare
etag: W/"b480313b13dfcf8ec33ed36723cb475b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 76adea19cfcd7511-LHR
expires: Wed, 16 Nov 2022 08:44:23 GMT

GET
H3 200 beforeitsnews.com.351459.es6.js Show response
jsc.mgid.com/b/e/ Frame 6ACF 268 KB
77 KB 58ms
35ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202210165
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0387fc6cf743379a8787351d45a85dcc813211730b0bb08719861a85a2cb81f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
x-amz-version-id: JQC2VuZYj_64u15b2N26wflA16YTKs4U
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: RCVX8N73KRE2J576
age: 6604
cf-polished: origSize=274727
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: zTEV3R2wjhvwndXX5LtEsipF/ijpMSrjfSK68q+YkT7Orj8ILzkFZbyfR5u2NZXOD+KhuBMU9BI=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:11:31 GMT
server: cloudflare
etag: W/"c1eeaac25baad299df53fc27e712878e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 76adea19cfcb7511-LHR
expires: Wed, 16 Nov 2022 08:44:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 05:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1709
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 16 Nov 2022 07:15:54 GMT

GET
H2 200 en.7b715d267fde8ad7.js Show response
static.tradingview.com/static/localization/translations/ Frame 3D25 597 KB
71 KB 56ms
15ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/localization/translations/en.7b715d267fde8ad7.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

7bd4e0e8920490f8b0070bd0f5324d107b89867d233a511c6d87dd7649fe6b62

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 10:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 69318
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 71915
referrer-policy: origin-when-cross-origin
last-modified: Tue, 15 Nov 2022 09:30:20 GMT
server: tv
etag: "63735c2c-118eb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: zrWNCIOnPMOMV2vWJniFlkC4LbP5aH_gWBrltQUFk4KQrzD8ipe70Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.081792f9b1c986c68954.js Show response
static.tradingview.com/static/bundles/embed/ Frame 3D25 56 KB
23 KB 68ms
28ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/runtime.081792f9b1c986c68954.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

5a6db4767fb6c26d3cc80c517b930f00640f1c4f46a7cedb6e9ab4cfeafef303

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 10:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 69317
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 23416
referrer-policy: origin-when-cross-origin
last-modified: Tue, 15 Nov 2022 09:30:26 GMT
server: tv
etag: "63735c32-5b78"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: nsS3KBalT2e3PTtKZZgAVmkZ3oorVtbD1AEPrhe3H8AwZoaIguoUMg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 75932.cd4f83e4607134502a66.js Show response
static.tradingview.com/static/bundles/embed/ Frame 3D25 45 KB
13 KB 20ms
8ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/75932.cd4f83e4607134502a66.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

11d8ab754a7bd056500e49e7f473228063c95032e33794319a5f28cfaa511cb8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src 'none'
date: Tue, 16 Aug 2022 10:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P3
age: 7930938
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12665
referrer-policy: origin-when-cross-origin
last-modified: Tue, 16 Aug 2022 09:48:59 GMT
server: tv
etag: "62fb680b-3179"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: q02bePtsk0KnKAyyLCTG-r-8Wp7sEsoxgpLB0EbjZicsIgaXa0qEEQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 98037.bcbac1bf55eee6374526.js Show response
static.tradingview.com/static/bundles/embed/ Frame 3D25 16 KB
4 KB 10ms
8ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/98037.bcbac1bf55eee6374526.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

b45162d699ebfe9716684cef90a6b3a9ca98d1be386b6072ffc9bd85cabba471

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 10:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
age: 1624456
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4195
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Oct 2022 09:52:46 GMT
server: tv
etag: "635ba66e-1063"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: evWe_ok6qiEMiexWV8N9o3SpMfai9cJAFbPJNy3bn-PH5HSr-yhh_w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 23262.5f01af00dfde58d05a3a.js Show response
static.tradingview.com/static/bundles/embed/ Frame 3D25 20 KB
6 KB 11ms
9ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/23262.5f01af00dfde58d05a3a.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

d6d46bc1263abdc312120275fc077e5acea30b0a5c6a5fe77dc9e3780923da85

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 10:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
age: 760937
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6172
referrer-policy: origin-when-cross-origin
last-modified: Mon, 07 Nov 2022 08:37:35 GMT
server: tv
etag: "6368c3cf-181c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 7q-chD4sDUPRbKPqbnGeT2whV7bbIfDr_NDkHLdWemo8mDe0C46pdw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 53748.06fcdc5a1b850f86a915.js Show response
static.tradingview.com/static/bundles/embed/ Frame 3D25 13 KB
5 KB 13ms
10ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/53748.06fcdc5a1b850f86a915.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

a0d7b8a6237561de8a6c9369317d85f5d62d83b26847b181ddeef13c5ac3ea6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 10:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
age: 760937
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5057
referrer-policy: origin-when-cross-origin
last-modified: Mon, 07 Nov 2022 08:37:36 GMT
server: tv
etag: "6368c3d0-13c1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 11JvBbaQTN6xvWMrxMF54kSl0owrtTb3Sv6-yAOmtkernfpMe3xzLw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 82841.18ff51b1275a770003b9.js Show response
static.tradingview.com/static/bundles/embed/ Frame 3D25 3 KB
2 KB 13ms
11ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/82841.18ff51b1275a770003b9.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

8cd1b41ee0a06e7072185e58dafd568eea44bef71640e7fc015d3bf0f5890f3c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:22:16 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
age: 3525727
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1192
referrer-policy: origin-when-cross-origin
last-modified: Thu, 06 Oct 2022 08:21:21 GMT
server: tv
etag: "633e9001-4a8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: uLN-AtfiBdRDn1uYblzOF1cmtiM-pwntXuZTc_ZZXZYXguR8v6eJ2w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 76575.afff1e35981103bce60c.js Show response
static.tradingview.com/static/bundles/embed/ Frame 3D25 22 KB
8 KB 14ms
12ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/76575.afff1e35981103bce60c.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

c597aa4c403470d4d2d0f501aeef390113e477968b363496de6f4cbbff481486

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 11:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
age: 2312537
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7924
referrer-policy: origin-when-cross-origin
last-modified: Thu, 20 Oct 2022 08:52:27 GMT
server: tv
etag: "63510c4b-1ef4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: KO4r-LIGbV01yZKClW-mRp8z7cNjipNUgNyHyJzPTJ7ds_AlFqwW0Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 31420.39edd66c16a225ab6fca.js Show response
static.tradingview.com/static/bundles/embed/ Frame 3D25 40 KB
12 KB 14ms
12ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/31420.39edd66c16a225ab6fca.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

7ae9d07aba4424bb44e367f4cb94530c493bbbb3125fec2d330daba4eba72840

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:35:07 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
age: 155356
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12090
referrer-policy: origin-when-cross-origin
last-modified: Mon, 14 Nov 2022 08:07:13 GMT
server: tv
etag: "6371f731-2f3a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: Pp1sNwpV46W43jUVc9RnDJqkguUvmhGVAR4O6gGE6Rn106rfAvl84w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 47872.72e809c1ea78522bdf2a.js Show response
static.tradingview.com/static/bundles/embed/ Frame 3D25 81 KB
19 KB 15ms
13ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/47872.72e809c1ea78522bdf2a.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

314e52babbc217c9bbed2c2f9532bc56ea097caa7f026fefb767eccfabd0da8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 10:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
age: 69317
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19216
referrer-policy: origin-when-cross-origin
last-modified: Tue, 15 Nov 2022 09:30:25 GMT
server: tv
etag: "63735c31-4b10"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: bqUu7ELSSP2g4V9Vk9BuAalVapCedl23qf1eHpNAOyguNlzMNMPFdQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 9103.5cd7b1e9b2aa0930e026.js Show response
static.tradingview.com/static/bundles/embed/ Frame 3D25 20 KB
7 KB 17ms
15ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/9103.5cd7b1e9b2aa0930e026.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

571b309f6c5dc15b62664b1481fb4253e1c243ace7c908660bb49112360a0faf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 10:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
age: 1624457
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6678
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Oct 2022 09:52:46 GMT
server: tv
etag: "635ba66e-1a16"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: g85niDA_f1ia47EfvLz8VSBsNsj794H3mQtXTgB6NfvESdWWxj3lFQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 51299.53383b9c198c6d162081.js Show response
static.tradingview.com/static/bundles/embed/ Frame 3D25 46 KB
12 KB 16ms
15ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/51299.53383b9c198c6d162081.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

46881e42e7b3d37ef5d6a815eacb658cb89503818b72fd0fe31cabea4cf00486

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 10:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
age: 1624457
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 11715
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Oct 2022 09:52:46 GMT
server: tv
etag: "635ba66e-2dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: mzBAusUkh94Z_N87G8Vef8dd3A30MgOBp-VcDslVuPUNGDujAqQpFA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 87461.c33bcbb475ef93712018.js Show response
static.tradingview.com/static/bundles/embed/ Frame 3D25 13 KB
5 KB 18ms
16ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/87461.c33bcbb475ef93712018.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

584ebe92232b4937e10492d818eafb5df6f02159ce05147930b0009b6761ddb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 09:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
age: 1367175
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5125
referrer-policy: origin-when-cross-origin
last-modified: Mon, 31 Oct 2022 08:31:23 GMT
server: tv
etag: "635f87db-1405"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 5FJ8BO3nLk1cItiu1G0-wI7k4K33wen0Hkasg8wSBIXwa1u27zk4ow==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 embed_ticker_tape_widget.afa4d8c6bea160e80887.js Show response
static.tradingview.com/static/bundles/embed/ Frame 3D25 22 KB
7 KB 17ms
16ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.afa4d8c6bea160e80887.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

884964b723bc5dd14b0b562a2a3148f9f852e7bafe6894e0314a73e6efdda915

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 10:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
age: 760935
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7111
referrer-policy: origin-when-cross-origin
last-modified: Mon, 07 Nov 2022 08:37:36 GMT
server: tv
etag: "6368c3d0-1bc7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: b_eN1MX_ZAYIdPwsFL5cnupbkEvJRD5SSqZXlmgLvZUnXQYXBS28jQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9610.ca9918cbf462aff5b55b.css
static.tradingview.com/static/bundles/embed/ Frame 3D25 1 KB
1 KB 46ms
7ms Stylesheet
text/css 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/9610.ca9918cbf462aff5b55b.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

6159f32f1b79a94b26c2c580fdd4ffdfc91af5334f46c4d8b2a1597925fb2e78

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 10:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1278915
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 611
referrer-policy: origin-when-cross-origin
last-modified: Tue, 01 Nov 2022 08:23:59 GMT
server: tv
etag: "6360d79f-263"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: MQwXSLtCzP7TiYx_p3y9_I5mHO8cntXVmEIMbMQC5s15BD7Rj8JgbQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3086.9f89937410e2bf27786b.css
static.tradingview.com/static/bundles/embed/ Frame 3D25 1 KB
809 B 48ms
9ms Stylesheet
text/css 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/3086.9f89937410e2bf27786b.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

c32cb580981ced5d41956d35867e2d727e104386a33cfa863f516fe8da06fd49

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 10:19:07 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 2575516
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 303
referrer-policy: origin-when-cross-origin
last-modified: Mon, 17 Oct 2022 08:40:46 GMT
server: tv
etag: "634d150e-12f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: uBPbwaYq3Ar6CLBDNdR8jFlgi5HdEqzyvk2NRCFl_cvcodKwnam-VA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 72066.f1aaa4b56bfc5daefd58.css
static.tradingview.com/static/bundles/embed/ Frame 3D25 1 KB
830 B 49ms
10ms Stylesheet
text/css 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/72066.f1aaa4b56bfc5daefd58.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

85a3d8af7a1f1580c3d29069e046b0bc5cea5406a3015d7f2de17d76fdef8711

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P3
age: 7759577
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 272
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:38 GMT
server: tv
etag: "62fdfaca-110"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 1ebP_Qv2eNKZD8A4jm3CAT4QicFuaH45QcrUTURicVgie9eXlwXZtQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 93419.83330e98cd0f13f52e0f.css
static.tradingview.com/static/bundles/embed/ Frame 3D25 9 KB
2 KB 49ms
10ms Stylesheet
text/css 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/93419.83330e98cd0f13f52e0f.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

35756cfdc99cea57d1bebba0304db1a4657bbfae0366c0bf15b1e48bdf113e9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 10:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 6118897
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1254
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:07 GMT
server: tv
etag: "63170c8f-4e6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: ZBP_akTsiyYfJfzrbZKu1r-ZfcQuF3vnF5lC_oFcGNiNqHdb0PS2mA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4704.721cbfb1a5d6784e3109.css
static.tradingview.com/static/bundles/embed/ Frame 3D25 2 KB
1 KB 50ms
11ms Stylesheet
text/css 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/4704.721cbfb1a5d6784e3109.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

d1b8a0fc8cd1e1cee4a88d59f5787fdd243f2fbf583f809d5c8d5028ea2b1162

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P3
age: 7759577
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 482
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
server: tv
etag: "62fdfacb-1e2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 1P0yk6YaoPf51lgPx-j1LnVBegH-RGnqwc4IwN-fM8ShUd5VGkwPSA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5735.c773d84ae2dfa00f5f7e.css
static.tradingview.com/static/bundles/embed/ Frame 3D25 2 KB
1 KB 50ms
12ms Stylesheet
text/css 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/5735.c773d84ae2dfa00f5f7e.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

df173c22699a580af5fc7e35726a17d7875d99fe824f3eefb2f4ff618537e1e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 00:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P3
age: 6065561
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 544
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:06 GMT
server: tv
etag: "63170c8e-220"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: zJdPmljXrjAQ-jNDU4p5JoF0_0hlSSkBGu-nJG0pT58zDAThXGa9Sw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 49859.57ed1f0e14de0ce7dcbb.css
static.tradingview.com/static/bundles/embed/ Frame 3D25 868 B
912 B 51ms
13ms Stylesheet
text/css 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/49859.57ed1f0e14de0ce7dcbb.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 00:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P3
age: 7622090
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 353
referrer-policy: origin-when-cross-origin
last-modified: Fri, 19 Aug 2022 08:04:18 GMT
server: tv
etag: "62ff4402-161"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: NHdVhzWb9FcUSTjS1qdLhnv1_FJhpiM7s4alOJTSl0xc7_5GUf6Lqw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 22641.c7183a76dc0599de9f42.css
static.tradingview.com/static/bundles/embed/ Frame 3D25 4 KB
1 KB 52ms
14ms Stylesheet
text/css 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/22641.c7183a76dc0599de9f42.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

fe19334709cd41c6c626aa65d242a3c096e5ef4d92097fc19fc27ab73d31d50a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 01:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P3
age: 7705476
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 566
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
server: tv
etag: "62fdfacb-236"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: nf4_JX61WPC4NtPlPHpY4KGwxg-r2qycVAKmgvqQo8l_Hz5AoKabsQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 41848.a819f80182db62e2c3b6.css
static.tradingview.com/static/bundles/embed/ Frame 3D25 6 KB
2 KB 51ms
13ms Stylesheet
text/css 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/41848.a819f80182db62e2c3b6.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

7908c2f4b89146df43567c37fef2bfcb60e7cbad27f8e6650c5d6f94388778b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 10:02:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'
x-amz-cf-pop: FRA56-P3
age: 6118912
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1102
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:09 GMT
server: tv
etag: "63170c91-44e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: O65yNbtIymmYXjj2HH0UfN3z1pexAmpYbI2_pgAM3rFaEr5m8WpoAg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame FA30 10 KB
5 KB 38ms
12ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 18:34:01 GMT
etag: 10353107486223812946
expires: Tue, 29 Nov 2022 18:34:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 8301289771671655 Show response
customads.co/lad/ Frame 5BF7 1 KB
2 KB 162ms
127ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 05:44:23 GMT
via: 1.1 google

GET
H2 200 10864438442185062 Show response
customads.co/lad/ Frame EFCC 1 KB
1 KB 162ms
129ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 05:44:23 GMT
via: 1.1 google

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=459603591&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=504408870&gjid=271769130&cid=1308657580.1668577463&tid=UA-16055024-1&_gid=382352752.1668577463&_r=1&gtm=2wgb905D8XJ6Q&z=635013410

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 05:44:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=459603591&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=1308657580.1668577463&tid=UA-16055024-1&_gid=382352752.1668577463&gtm=2wgb905D8XJ6Q&z=177405232

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 04:31:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4402
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 04:31:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4402
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 53ms
17ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16055024-1&cid=1308657580.1668577463&jid=504408870&gjid=271769130&_gid=382352752.1668577463&_u=YEBAAEAAAAAAACAAI~&z=1725846993

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Nov 2022 05:44:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK f5a94942-eb4a-46a9-8585-42aec8bd6803
https://beforeitsnews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/f5a94942-eb4a-46a9-8585-42aec8bd6803
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 0cbd25f5-29d8-482c-a46a-25bb6660c76b
https://beforeitsnews.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/0cbd25f5-29d8-482c-a46a-25bb6660c76b
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK d53123bc-60c9-4927-91f8-13cf514ed74a
https://beforeitsnews.com/ Frame 6ACF 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/d53123bc-60c9-4927-91f8-13cf514ed74a
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 565fd677-1429-4727-8e97-d9a877c2bd9b
https://beforeitsnews.com/ Frame 6ACF 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/565fd677-1429-4727-8e97-d9a877c2bd9b
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3D25 109 KB
43 KB 32ms
16ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/76575.afff1e35981103bce60c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63eab23b8c5b275da2fb37a85564d10899562833514adcba39066d724fd6725d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43598
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Nov 2022 05:44:23 GMT

GET
H3 200 28903.415109541489380d12f6.css
static.tradingview.com/static/bundles/embed/ Frame 3D25 801 B
585 B 8ms
8ms Stylesheet
text/css 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/28903.415109541489380d12f6.css

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/runtime.081792f9b1c986c68954.js

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

a5068464290b2b7404e5f67f0bbbcabfc046b1e6d635430e91e77d96461c95ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 10:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
age: 6118897
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 219
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:06 GMT
server: tv
etag: "63170c8e-db"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: MuKUQmhSYeLNkG1geY1qZnG9xo8wyHT5QD_6ImvZezFFdlcOEqC5iw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js Show response
static.tradingview.com/static/bundles/embed/ Frame 3D25 4 KB
2 KB 9ms
8ms Script
application/javascript 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js

Requested by

Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/runtime.081792f9b1c986c68954.js

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.214.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-117.fra56.r.cloudfront.net

Software

tv /

Resource Hash

ec982be0fe0cbc9c721b3aface05cd386bec46dea3f004ed49b395617b1cc594

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src 'none'
date: Tue, 06 Sep 2022 10:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P3
age: 6118877
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2082
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Sep 2022 09:02:07 GMT
server: tv
etag: "63170c8f-822"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: gSjq6ukbj4gkVgbXRSTgB_JjU7Q4Xd0T8Oy-pMLM7n-6a4lGih569g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK 890b4bf9-ede2-44bd-8ffd-c2f0e2542d7f
https://beforeitsnews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/890b4bf9-ede2-44bd-8ffd-c2f0e2542d7f
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 00f43ac8-e55f-4ff9-b9b2-8e23fc3940ee
https://beforeitsnews.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/00f43ac8-e55f-4ff9-b9b2-8e23fc3940ee
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 70ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-16055024-1&cid=1308657580.1668577463&jid=504408870&_u=YEBAAEAAAAAAACAAI~&z=233927158

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 05:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 43ms
19ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-16055024-1&cid=1308657580.1668577463&jid=504408870&_u=YEBAAEAAAAAAACAAI~&z=233927158

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 05:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc.js Show response
stats.g.doubleclick.net/ Frame 5BF7 45 KB
17 KB 57ms
23ms Script
text/javascript 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 05:20:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1426
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Wed, 16 Nov 2022 07:20:37 GMT

GET
H3 200 dc.js Show response
stats.g.doubleclick.net/ Frame EFCC 45 KB
17 KB 50ms
17ms Script
text/javascript 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 05:20:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1426
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Wed, 16 Nov 2022 07:20:37 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 3D25 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 05:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1709
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 16 Nov 2022 07:15:54 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 3D25 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=915502061&t=pageview&_s=1&dl=https%3A%2F%2Fs.tradingview.com%2Fembed-widget%2Fticker-tape%2F%3Flocale%3Den&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Ticker%20Tape%20Widget&sd=24-bit&sr=1600x1200&vp=775x46&je=0&_u=YEAAAQABAAAAAAAAIE~&cid=1176361830.1668577464&tid=UA-132755435-1&_gid=103588105.1668577464&gtm=2oub90&gcs=G1-0&z=1741168477

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 04:31:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4402
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jsDynamic-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 4 KB
2 KB 33ms
32ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20221007.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 941503
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 05 Sep 2022 17:12:52 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63162e14-105e"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76adea1c5f9a9951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 12 Oct 2022 11:50:43 GMT

GET
H3 200 responsive-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
1 KB 34ms
32ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20221007.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 941503
cf-polished: origSize=1728
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-6c0"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76adea1c5f9c9951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 12 Nov 2022 08:12:39 GMT

GET
H3 200 validate-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 7 KB
2 KB 39ms
37ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20221007.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c5482525141cafe3826dd5c62639094fe6053531a9b93af37c3c396c2681d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 941504
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:46 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be6-1a18"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76adea1c5fa39951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 12 Nov 2022 08:12:39 GMT

GET
H3 200 loadmore-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
3 KB 37ms
35ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20221007.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 941504
cf-polished: origSize=14745
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-3999"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76adea1c5fa59951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 12 Nov 2022 08:12:39 GMT

GET
H3 200 lazy-loading-bin-rev-20220517.js Show response
beforeitsnews.com/static/js-v3/ 124 B
592 B 41ms
40ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/lazy-loading-bin-rev-20220517.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20221007.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 941503
cf-polished: origSize=173
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 20:34:44 GMT
cf-bgj: minify
server: cloudflare
etag: W/"633f3be4-ad"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
cf-ray: 76adea1c5fa79951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 12 Nov 2022 08:12:39 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
26 KB 58ms
31ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20221007.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24f9ed66dd5e9484a09093bb9a6724a217e16353b170f2a5896af19ad77b1a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 05:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s-and-p-500.svg
s3-symbol-logo.tradingview.com/indices/ Frame 3D25 1 KB
952 B 47ms
7ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc65c6721af6fef8b02dca12cd466a18150acbe66203f45d76782f210194867e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:27:54 GMT
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified: Thu, 26 May 2022 07:17:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 990
etag: W/"f120e635d6a57528861fe87233bc6c11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: f120e635d6a57528861fe87233bc6c11
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4bj2qW85RGTovuSpS-TQIO-ZNUe4XksTPNq4_z552YBjoqiF7HR14Q==

GET
H2 200 nasdaq-100.svg
s3-symbol-logo.tradingview.com/indices/ Frame 3D25 777 B
1 KB 48ms
8ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:27:53 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 990
x-cache: Hit from cloudfront
x-amz-meta-hash: fe60c6206a39b7984b1ebb2b8234c5ab
alt-svc: h3=":443"; ma=86400
content-length: 777
last-modified: Thu, 26 May 2022 07:17:23 GMT
server: AmazonS3
etag: "fe60c6206a39b7984b1ebb2b8234c5ab"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: -qP59HSxLpQRjwD3nCwkIWvWJVp7dNRhOgbHjQWS3i-GDYbnXEh0SA==

GET
H2 200 showing.php Show response
a1.beforeitsnews.com/dAjax/ 116 KB
12 KB 755ms
740ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.beforeitsnews.com/dAjax/showing.php?_=1668577463779

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e15dee80396f84d11219b2869d47415eeaf47783b1d191cced132ae4e4546cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private
access-control-max-age: 3628800
cf-ray: 76adea1cbacc6964-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 48ms
21ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20221007.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3052
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 76adea1cee0e9a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 19 Nov 2022 05:44:23 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 46ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 16 Nov 2022 06:21:59 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/ 207 KB
74 KB 46ms
9ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cef9ae613e310483b7a82169bdabb06d68af52447bdf6b586b234cf97f7bfcb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 15:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75091
x-xss-protection: 0
last-modified: Sun, 23 Oct 2022 01:11:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 15:56:58 GMT

GET
H3 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 3D25 3 KB
745 B 23ms
9ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:28:59 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
server: AmazonS3
age: 925
x-amz-cf-pop: FRA60-P4
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: rEz1HjawQxVGsIHaOCgwkP8nCBpAkQgDHgaSZ4ujARGgZJM772SsFA==

GET
H3 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 3D25 870 B
1 KB 21ms
8ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:31:21 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
age: 783
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
alt-svc: h3=":443"; ma=86400
content-length: 870
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
server: AmazonS3
etag: "e9173ef4613c3da43c45885ea39c4b96"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: jkbKipdTbDNubBUU3igEysZjqcYWLpN04B0DgwwP0CApuW31yjvrPg==

GET
H3 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 3D25 801 B
1 KB 20ms
8ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 04:48:38 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
age: 3345
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
alt-svc: h3=":443"; ma=86400
content-length: 801
last-modified: Wed, 08 Sep 2021 09:03:52 GMT
server: AmazonS3
etag: "107060b925841745f310697bd9f1f83d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: aEKTOiuv8GgD7fwUWGkphns5jE-m3_QsPuTYEvdchXn_x2pNajdRRw==

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 58ms
48ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3052
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 76adea1d681b9a41-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 19 Nov 2022 05:44:23 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
66 B 126ms
117ms Script
text/plain 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1668577463888586032680&uniqId=05bb4&lct=1667433600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=637478b8-0c5bc&pageView=1&pvid=1847ef78e51b5cd4ec0&site=310742&implVersion=11&dpr=1&tfre=902
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76adea1d6aa888b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content bd01588e-541d-49ca-831e-3c7b8d0938ec
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/bd01588e-541d-49ca-831e-3c7b8d0938ec
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content c6288d14-9996-42d9-868c-6d0b33c93ce7
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/c6288d14-9996-42d9-868c-6d0b33c93ce7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
DATA 200
OK truncated Show response
/ Frame 1C84 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 34ms
8ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 04:36:58 GMT
x-content-type-options: nosniff
age: 4045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Nov 2023 04:36:58 GMT

GET
H3 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 8895 18 KB
4 KB 47ms
7ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 16 Nov 2022 06:21:59 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
936 B 32ms
9ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:10:06 GMT
x-content-type-options: nosniff
age: 2057
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Nov 2023 05:10:06 GMT

GET
H3 200 cleardot.gif
www.google.com/images/ 43 B
65 B 36ms
15ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 05:44:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 206
Partial Content b8c60c6f-0261-465f-967a-664c0900d37b
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/b8c60c6f-0261-465f-967a-664c0900d37b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 3D25 523 B
885 B 9ms
8ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 04:55:59 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
age: 2905
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
alt-svc: h3=":443"; ma=86400
content-length: 523
last-modified: Wed, 08 Sep 2021 09:05:18 GMT
server: AmazonS3
etag: "4542d4ecd73f04c73affa787a4522596"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: cdILBZXe6pQCNTf4mT3pCUOdfzrelNFVl_GrprKVQZJl2HaN3IamOg==

GET
H3 200 apple.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 1 KB
1 KB 9ms
8ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/apple.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 04:52:41 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
server: AmazonS3
age: 3103
x-amz-cf-pop: FRA60-P4
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: SHebrTi3fSciaoy_dAcytbD-ZEBvxsOL55PTTa56C8kmquyapoQpog==

GET
H2 200 web Show response
onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/ 4 KB
2 KB 70ms
61ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

217aa7943cb92f82284fd9d463c085c9bdf2cfa52560f8a53628c35b6c706455

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
status: 200 OK
x-envoy-upstream-service-time: 33
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 947ab0a4-9f53-4ce1-9fc9-fb1193120dd2
x-runtime: 0.026361
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"217aa7943cb92f82284fd9d463c085c9"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 76adea1df80a9a1d-FRA
access-control-allow-headers: SDK-Version
expires: Wed, 16 Nov 2022 06:44:24 GMT

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 41ms
32ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1SAKNE8T99VM7FFV
age: 2865
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 76adea1e2b8888b3-LHR
expires: Thu, 17 Nov 2022 05:44:24 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
887 B 40ms
31ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YX26RVNEGW9X6AWK
age: 5428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 76adea1e2b8688b3-LHR
expires: Thu, 17 Nov 2022 05:44:24 GMT

GET
H3 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 17:23:45 GMT
x-content-type-options: nosniff
age: 44439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Nov 2023 17:23:45 GMT

GET
H3 200 meta-platforms.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 786 B
1 KB 8ms
8ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/meta-platforms.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:38:29 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
age: 356
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: cafd1d7d717ad67e5dbe45b88fa3d47b
alt-svc: h3=":443"; ma=86400
content-length: 786
last-modified: Fri, 05 Nov 2021 11:07:13 GMT
server: AmazonS3
etag: "cafd1d7d717ad67e5dbe45b88fa3d47b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: L1-nyDCjVDIZE6r6lSk7NHM8wSRGfC8rHfY87vCFRsGHrCL-Y3OMDw==

GET
H3 200 widget-ssp-performance
c.mgid.com/ 43 B
167 B 106ms
106ms Image
image/gif 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=127
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76adea1e5a0c7511-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/gif

GET
H3 200 alphabet.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 761 B
1 KB 8ms
8ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/alphabet.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:25:24 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
age: 1151
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: d721ee9258a9e765f67ec5dfb05d72f2
alt-svc: h3=":443"; ma=86400
content-length: 761
last-modified: Wed, 08 Sep 2021 08:55:20 GMT
server: AmazonS3
etag: "d721ee9258a9e765f67ec5dfb05d72f2"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: 9CbhgD-0zOo-9GAMv226UJeRLwpPEP--JA8TaRqIOB3U8z2jO2CelA==

GET
H2 200 1 Show response
servicer.mgid.com/720413/ 1 KB
1006 B 85ms
75ms Script
application/x-javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720413/1?pv=5&cbuster=1668577464116528349907&uniqId=05bb4&lct=1667433600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=370&h=330&maxw_1=366&maxh_1=284&ident_p=true&cols=1&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=637478b8-0c5bc&pageView=1&pvid=1847ef78e51b5cd4ec0&implVersion=11&dpr=1&tfre=1129
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e0acca7789c4583117267996203839e845b2e901710df33bbbbf21cd6555b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 76adea1edc0288b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 4 KB
2 KB 81ms
74ms Script
application/x-javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?mp4=1&ap=1&w=370&h=1095&maxw_3=366&maxh_3=247&cols=1&pv=5&cbuster=1668577464118615754084&lct=1667433600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=637478b8-0c5bc&pageView=0&pvid=1847ef78e51b5cd4ec0&implVersion=10&dpr=1&tfre=1131
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0aa12bfa75ea1029d79d2ffae7ac0df0a29dd980778481c476555045a31b089

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 76adea1edc0388b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/720415/ 1 KB
997 B 93ms
89ms Script
application/x-javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720415/1?mp4=1&ap=1&w=370&h=330&maxw_1=366&maxh_1=284&ident_p=true&cols=1&pv=5&cbuster=1668577464121442677477&uniqId=08f6f&lct=1667433600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=637478b8-0c5bc&pageView=0&pvid=1847ef78e51b5cd4ec0&implVersion=11&dpr=1&tfre=1135
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18bd5df8670101f1361685222eae5fb8ca2ce364dd93651d0c3fae5c61795832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 76adea1edc0488b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 berkshire-hathaway.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 1 KB
1 KB 8ms
8ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/berkshire-hathaway.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:04:49 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:25 GMT
server: AmazonS3
age: 2407
x-amz-cf-pop: FRA60-P4
etag: W/"7c18bc7ae368cb48e47ba8066bb6f18d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 7c18bc7ae368cb48e47ba8066bb6f18d
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Cnmbh9OVIQxi8oeEjyOykqm8sT2db_-mzVuXJhWNLI4hCkTSwbA3Ag==

GET
H3 200 twitter.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 635 B
996 B 9ms
8ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/twitter.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:05:15 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
age: 2401
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: 4c66a5172a9c77ab75e140f5079218ec
alt-svc: h3=":443"; ma=86400
content-length: 635
last-modified: Wed, 08 Sep 2021 08:54:59 GMT
server: AmazonS3
etag: "4c66a5172a9c77ab75e140f5079218ec"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: QMBPf2sbPljFE3Pb2WCSvaboE5pnmBt8wZI9nobfl8z3GJBxZ4CRLA==

GET
H3 200 widget-ssp-performance
c.mgid.com/ 43 B
167 B 105ms
105ms Image
image/gif 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=86
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76adea1f9a9c7511-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/gif

GET
H3 200 crispr-therapeutics-ag.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 1 KB
977 B 13ms
12ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crispr-therapeutics-ag.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:03:06 GMT
server: AmazonS3
age: 475
x-amz-cf-pop: FRA60-P4
etag: W/"16a44c1a6154b68c7aa2fa206e59c817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 16a44c1a6154b68c7aa2fa206e59c817
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: LtE54UVGs4eF2phf0cFicE7owW9flnD8SbNodVuLNSUzMDhzyLfTgg==

GET
H3 200 dillards.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 522 B
884 B 13ms
13ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/dillards.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
age: 748
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: fe0a346dd65be84d3e810b04e0ec4c77
alt-svc: h3=":443"; ma=86400
content-length: 522
last-modified: Wed, 08 Sep 2021 08:56:49 GMT
server: AmazonS3
etag: "fe0a346dd65be84d3e810b04e0ec4c77"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: VY46wM-0fV5IEKj0EJNNxWWSwJzXJW-zFmxSrIN3JhVPeE2fIG6mDQ==

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 28ms
27ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BQQZ016TJQM3CQAQ
age: 1066
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 76adea203b027511-LHR
expires: Thu, 17 Nov 2022 05:44:24 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1009 B 33ms
31ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BQQP2P0ZGAY0CMXJ
age: 1528
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 76adea203b037511-LHR
expires: Thu, 17 Nov 2022 05:44:24 GMT

GET
H2 200 492
img.rtbsystem.org/375/12/366/0cf701dc-295c-413e-8809-d2a6283416aa.png/16x9/ 244 KB
245 KB 115ms
59ms Image
image/png 2606:4700:3038::6815:eb8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rtbsystem.org/375/12/366/0cf701dc-295c-413e-8809-d2a6283416aa.png/16x9/492
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e0af3eac46f57cf0fc99c34d6ab9a3b550986b1efd4b250241dadbe508313b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 25 May 2022 20:57:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"628e984f-1bf26"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBETIuKwnlRs8kkG1WZijvDSIDjJFav42kSspyG%2BrYRWcBAbWuys4dMEjaQkBHg9NKVOt1e4rCOphH4DzorYjx%2FmyO%2FzjEbkDPCnDh%2FFwfJunO4hY0gJwalw9bMpmvCI5JPTc2GBkZMsH0VCXBlt2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 76adea209d1776fc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 249903
expires: Thu, 17 Nov 2022 05:44:24 GMT

GET
H2 200 492
img.rtbsystem.org/481/329/370/87e49c17-1bd9-4232-b169-039733f8b9d1.jpg/16x9/ 20 KB
21 KB 92ms
36ms Image
image/jpeg 2606:4700:3038::6815:eb8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rtbsystem.org/481/329/370/87e49c17-1bd9-4232-b169-039733f8b9d1.jpg/16x9/492
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cea030358c8f7ad5aac21ed8ea988b7726d924381bc058c401ce0bb285f51bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 16 Jun 2022 10:17:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62ab034e-7d75"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BWgIXpXmNMh%2BbGnx8cT1m4OyzHu8Y8WA3XCyc9RewINgf2LuB0NtlEVOV7iRyz%2BJOSzJQZzf%2BQb3G5wvWC6mUiIoUKSCxg47jggnYctF1GfZhKOSsPrgDOJK2YmlOf4GItb7cDDGFB%2FNMTXUleF6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 76adea209d1d76fc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20745
expires: Thu, 17 Nov 2022 05:44:24 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMjUzMDgvM2EyOGNmZGUyNzdjODdlM...
s-img.mgid.com/g/12350568/492x277/-/ 16 KB
16 KB 86ms
30ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12350568/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMjUzMDgvM2EyOGNmZGUyNzdjODdlMWI4M2ExMGUxYWJhZmY2NmYucG5n.webp?v=1668577464-bK8YccAx7Vs2mU4ljsBLbCq0Z65dWmYiA4Yfho9FSdw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9405d90d85be75896f4808e8ac6d770a613e63e50d77bb241856fd30da1e9c1a

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
cf-cache-status: HIT
last-modified: Wed, 09 Mar 2022 14:59:28 GMT
x-mg-request-uuid: e393a12b-1990-40e4-b8a0-2632bc93f651
server: cloudflare
age: 361573
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 76adea209d28dd33-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16356

GET
H2 200 492
img.rtbsystem.org/387/28/420/233103ee-e0d8-4d74-a68a-b51de107bf28.jpg/16x9/ 14 KB
15 KB 94ms
39ms Image
image/jpeg 2606:4700:3038::6815:eb8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rtbsystem.org/387/28/420/233103ee-e0d8-4d74-a68a-b51de107bf28.jpg/16x9/492
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d2e18cac4b9aa1693b5c3354956db24df1bf934c9aa5220c0f021f07422fdae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Nov 2022 12:58:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"636e470a-617a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QP8%2FqpJOm%2FhaHJi0XUTzRKTw%2FcSmJOho5TX8ptBC2TpjbAZQrXv8arLiWPWOFn1sOmQam0HcN42DhhFvy1zoKB9ZoyFSnGHSn61lNDEWAPzo5ZxbcUzR8C9K2lTvL4vW7H%2FHjgRl37KleS5TW%2BgcEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 76adea209d1f76fc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14518
expires: Thu, 17 Nov 2022 05:44:24 GMT

GET
H2 200 492
img.rtbsystem.org/387/28/420/233103ee-e0d8-4d74-a68a-b51de107bf28.jpg/3x2/ 16 KB
17 KB 93ms
41ms Image
image/jpeg 2606:4700:3038::6815:eb8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rtbsystem.org/387/28/420/233103ee-e0d8-4d74-a68a-b51de107bf28.jpg/3x2/492
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4951d7c0b7ddef8e96699d8cf85f7201a315bd090c4c02c9426955bbc32b3615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Nov 2022 12:58:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"636e470a-70d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCXZJqZWNEILE5H04mPNpL%2Bk5afciQsKdDy9t7vTR0UqTe5sIqImjlPZtFkXj8QH0Q6AvRB7ifRUd3wQ4S4275XyjPlIBmwcxq9bPjcS%2BNcUlTpF4Yzf%2FW%2FidAIEUbZGUnPv9kWeXrZFfqIQZos1AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 76adea209d1a76fc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16890
expires: Thu, 17 Nov 2022 05:44:24 GMT

GET
H3 200 amazon.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 1 KB
1 KB 9ms
9ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/amazon.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:33:57 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:57:49 GMT
server: AmazonS3
age: 629
x-amz-cf-pop: FRA60-P4
etag: W/"839d24db4574bb8543cec9624d3e1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: BAjdrdLq9BnoSPXWVT4gnwteUnFDKx45lQdqPusRHP6amt48BHUM8w==

GET
H3 200 tesla.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 508 B
871 B 10ms
9ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/tesla.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:34:38 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
age: 587
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
alt-svc: h3=":443"; ma=86400
content-length: 508
last-modified: Wed, 08 Sep 2021 09:01:16 GMT
server: AmazonS3
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: JOh2kygQ6jYIQiwvMy_nhWr7cDcXq1_2zhSHuRSjJxe2MKjEiXkr4w==

GET
H3 200 microsoft.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 304 B
664 B 9ms
8ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/microsoft.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:23:10 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
age: 1286
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
alt-svc: h3=":443"; ma=86400
content-length: 304
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
server: AmazonS3
etag: "074d127e2f9fd8c2e79c01a5f002979c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: X8Yi11TMTJ36r0lDQ8QddUt07oJJg9QgVVrwghvuRXauH8BV54SQTQ==

GET
H3 200 fedex.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 182 B
545 B 9ms
9ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/fedex.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:28:06 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
age: 979
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: a4fcbd383e2f657b6528f4aa95844de5
alt-svc: h3=":443"; ma=86400
content-length: 182
last-modified: Wed, 08 Sep 2021 08:56:21 GMT
server: AmazonS3
etag: "a4fcbd383e2f657b6528f4aa95844de5"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: N-URMk7hw53dycBkZG-nrqlU3EQYFRNJhbRYJjALIEA6YcCMZM5I5g==

GET
H2 200 YqCruUbpsk4 Show response
www.youtube.com/embed/ Frame 3146 69 KB
28 KB 53ms
51ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/YqCruUbpsk4

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd16e2f47442ce859fab5d2b5caa90c42f3898ee870c0fea78b32f87861cd418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 05:44:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
rumble.com/embed/v1s3ek8/ Frame B6F4 18 KB
8 KB 420ms
137ms Document
text/html 172.98.59.22
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/v1s3ek8/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.59.22 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

e18eafbd4b9b5108ca414f4ecfef916adfc6a178674ae24defb6e2c9179f0617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 16 Nov 2022 05:44:24 GMT
link: <https://rumble.com/v1upk76-people-you-are-being-laughed-at.html>; rel="canonical"
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
vary: Accept-Encoding

GET
H3 200 cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg
beforeitsnews.com/img/i2022/11/ 15 KB
16 KB 40ms
40ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2022/11/cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b997bcff91f40fdd88dfa17feadca80bc7029e99e6dcbe6d78f3a1e210a9432

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 461889
cf-polished: origSize=16737, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15529
last-modified: Fri, 16 Aug 2019 22:57:14 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5d5734ca-4161"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea2188669951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 01 Nov 2023 04:00:01 GMT

GET
H3 200 fa6492e72fd831b4d28c5420039b13e35725b910.jpg
beforeitsnews.com/img/i2022/11/ 36 KB
36 KB 42ms
40ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2022/11/fa6492e72fd831b4d28c5420039b13e35725b910.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4727c236a79590156e2b25d8bd8ece765550e11055191092b3f4632446dbcfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 1301991
cf-polished: origSize=42361, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36793
last-modified: Sun, 09 May 2021 05:42:40 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "60977650-a579"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea21886d9951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 01 Nov 2023 04:00:01 GMT

GET
H3 200 70189017dfbe10d1266577b2701c43e156554529.jpg
beforeitsnews.com/img/banner_contract/ 60 KB
61 KB 70ms
69ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/70189017dfbe10d1266577b2701c43e156554529.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc93f930396c1e55d7d0ebce7db81b3b9f12fbaa3e4b7fe184787ba9c16b6dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 881205
cf-polished: origSize=69526, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61721
last-modified: Thu, 06 Oct 2022 00:57:10 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "633e27e6-10f96"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea21886f9951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 06 Nov 2023 00:57:36 GMT

GET
H3 200 f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
beforeitsnews.com/img/banner_contract/ 36 KB
36 KB 33ms
32ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 941337
cf-polished: origSize=36512, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36504
last-modified: Sat, 22 May 2021 12:16:37 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "60a8f625-8ea0"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea2188729951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 05 Nov 2023 08:14:11 GMT

GET
H3 200 7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg
beforeitsnews.com/img/banner_contract/ 46 KB
46 KB 77ms
76ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58edc25ba1976b550899f5f02fe9344f4f5fccfd573a379df3451e743f8a8c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 44155
cf-polished: origSize=51812, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46896
last-modified: Sat, 22 May 2021 12:15:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "60a8f5fb-ca64"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea2188749951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 15 Nov 2023 17:27:24 GMT

GET
H3 200 1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg
beforeitsnews.com/img/banner_contract/ 81 KB
82 KB 48ms
47ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 941337
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83236
last-modified: Fri, 04 Mar 2022 07:11:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6221bbbb-14524"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea2188769951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 05 Nov 2023 08:14:11 GMT

GET
H3 200 39809350864b0a3554f604e504aca8b82b3c4df8.jpg
beforeitsnews.com/img/banner_contract/ 39 KB
40 KB 45ms
44ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/39809350864b0a3554f604e504aca8b82b3c4df8.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bf1ff7c861b303af85db79af26f29bd653f3a16fe257b9c2614d46e8b85f683

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 688386
cf-polished: origSize=46051, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40061
last-modified: Tue, 08 Nov 2022 05:16:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6369e647-b3e3"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea2188789951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 08 Nov 2023 05:16:56 GMT

GET
H2 200 jZl8N_dwOTc Show response
www.youtube.com/embed/ Frame 48D9 69 KB
28 KB 54ms
54ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jZl8N_dwOTc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfa1b00fc29fba7241fcfefdc7eaef10bc50506cdb09cdcf39df3607474be3bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 05:44:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 united-parcel.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 1 KB
1 KB 14ms
13ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/united-parcel.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 04:56:42 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:05 GMT
server: AmazonS3
age: 3056
x-amz-cf-pop: FRA60-P4
etag: W/"ffadcdfb231eca2a6bddb9ca0efde5be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: ffadcdfb231eca2a6bddb9ca0efde5be
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: n8J-iVoRY6t-_-pP15Lc4UqYduw5KLI19Jg3DNiTtvzqjF-m24GZ3Q==

GET
H3 200 gamestop.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 1 KB
1002 B 8ms
8ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/gamestop.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:25:33 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:53:53 GMT
server: AmazonS3
age: 1198
x-amz-cf-pop: FRA60-P4
etag: W/"bbf56edc1acae4673f8e03ab9e3e2290"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: bbf56edc1acae4673f8e03ab9e3e2290
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QLV85iI4-hYy7pm3yyzDTfmuMqpoFgVJzVEtaQoyLd-P_Qo-SJ2Iaw==

GET
H2 200 i.js Show response
cm.mgid.com/ 0
101 B 133ms
117ms Script
application/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1668577464604851264542
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 05:44:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 76adea21eee888b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/b50b69c9/ Frame 3146 359 KB
49 KB 26ms
8ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c95cc3e583a81552c835f63bc5bce5d7e0359535b713df4e3876dcec05b6ac5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YqCruUbpsk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49806
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:56:37 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/ Frame 3146 310 KB
96 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16e48662932b4c8c29f626512afbd767786eb4b52fab1bb46335ae8410a94c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YqCruUbpsk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98457
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:56:37 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/ Frame 3146 2 MB
577 KB 40ms
22ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40c9f983c3aba68fa3088760e1a20efe0559cdb3527582995c511e00622bb1ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YqCruUbpsk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 590922
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:58:58 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/b50b69c9/fetch-polyfill.vflset/ Frame 3146 9 KB
3 KB 38ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YqCruUbpsk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:56:37 GMT

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 8E4D 0
37 B 142ms
142ms Script
application/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1668577464640821526753
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 05:44:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 76adea220eff88b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 paypal.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 1 KB
997 B 10ms
10ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/paypal.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:12:18 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:02:09 GMT
server: AmazonS3
age: 2040
x-amz-cf-pop: FRA60-P4
etag: W/"65eea60fcee5ecdfdbb1acd1ba7cc66b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 65eea60fcee5ecdfdbb1acd1ba7cc66b
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: p1OTbKdvaaweavbfXmK_D1N1UInMBpEpskyrsMN4NIlx2b07GgZ0Iw==

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3146 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 409759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 11:55:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3146 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 112985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 22:21:19 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/b50b69c9/ Frame 48D9 359 KB
49 KB 10ms
7ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jZl8N_dwOTc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c95cc3e583a81552c835f63bc5bce5d7e0359535b713df4e3876dcec05b6ac5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jZl8N_dwOTc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49806
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:56:37 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/ Frame 48D9 310 KB
96 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jZl8N_dwOTc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16e48662932b4c8c29f626512afbd767786eb4b52fab1bb46335ae8410a94c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jZl8N_dwOTc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98457
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:56:37 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/ Frame 48D9 2 MB
577 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jZl8N_dwOTc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40c9f983c3aba68fa3088760e1a20efe0559cdb3527582995c511e00622bb1ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jZl8N_dwOTc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 590922
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:58:58 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/b50b69c9/fetch-polyfill.vflset/ Frame 48D9 9 KB
3 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jZl8N_dwOTc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jZl8N_dwOTc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:56:37 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 48D9 15 KB
15 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jZl8N_dwOTc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 409759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 11:55:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 48D9 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jZl8N_dwOTc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 112985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 22:21:19 GMT

GET
H2 200 id5-api.js Show response
eu-1-id5-sync.com/api/1.0/ 57 KB
17 KB 73ms
30ms Script
text/javascript 2606:4700:20::681a:908
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-1-id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:908 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c175e13b7779b1c10533c65a75f5af3fda93d9c2611940e167513364af503b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1653
x-amz-request-id: MTGHPR3PKNB1VMJV
x-amz-server-side-encryption: AES256
x-amz-id-2: hDJbyNwFmhC+Vtx7IdHw8uZQIiwk8/irD0vGSMp3TnepCxxouSw3jcmp9JfufhoM9X/g9UChJtE=
last-modified: Thu, 10 Nov 2022 09:46:31 GMT
server: cloudflare
etag: W/"f56ac574619f997d4b0c211e79bcc3af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ht0xSwBLu%2Ftpp3bBC7E6%2FB%2F6rCAQ%2F9v7JnPrYVkAcTELMgRZi7qdzznoC3mZVsmVUxESB56NVOLcRizjJJ%2B%2B9umLPzVcXi7nrDzF9PBXl%2BpEDPLffCgsYEHzxXRzhzx2%2B2NXAinFiWjcZOVQoQEL"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=14400
cf-ray: 76adea228cdb9c0a-FRA

GET
H3 200 ebay.svg
s3-symbol-logo.tradingview.com/ Frame 3D25 1 KB
994 B 14ms
13ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/ebay.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:17:16 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:57:07 GMT
server: AmazonS3
age: 1652
x-amz-cf-pop: FRA60-P4
etag: W/"10fc27643c8debeb225d244f546f3641"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 10fc27643c8debeb225d244f546f3641
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: OumrxS75ZHnsYVRaDdVaZ4PaaVKJ3EwpZ9ouo3OxI0AUIYq5bLLK9w==

GET
H3 200 s-and-p-500.svg
s3-symbol-logo.tradingview.com/indices/ Frame 3D25 1 KB
880 B 8ms
8ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
Requested by: Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.afa4d8c6bea160e80887.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc65c6721af6fef8b02dca12cd466a18150acbe66203f45d76782f210194867e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:27:54 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Thu, 26 May 2022 07:17:22 GMT
server: AmazonS3
age: 991
x-amz-cf-pop: FRA60-P4
etag: W/"f120e635d6a57528861fe87233bc6c11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: f120e635d6a57528861fe87233bc6c11
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0rhJtNiLRpSYLAmVJxPQVnXingBZex9IqOAWy0xrV5sEROcYvCF9bw==

GET
H3 200 nasdaq-100.svg
s3-symbol-logo.tradingview.com/indices/ Frame 3D25 777 B
1 KB 9ms
8ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
Requested by: Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.afa4d8c6bea160e80887.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:27:53 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
age: 991
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: fe60c6206a39b7984b1ebb2b8234c5ab
alt-svc: h3=":443"; ma=86400
content-length: 777
last-modified: Thu, 26 May 2022 07:17:23 GMT
server: AmazonS3
etag: "fe60c6206a39b7984b1ebb2b8234c5ab"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: Q_7c3JV3Fd5XKSx586wf1Gxjviz18xOGOx7sWCJf1g0jeThNkek-mA==

GET
H3 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 3D25 3 KB
744 B 8ms
7ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Requested by: Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.afa4d8c6bea160e80887.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:28:59 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
server: AmazonS3
age: 926
x-amz-cf-pop: FRA60-P4
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ofW9Z3-7pdRxYbvJKmGutNYOb1pbcleHZLbLyNTv9V2Bp4xpgMjxVw==

GET
H3 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 3D25 870 B
1 KB 9ms
8ms Image
image/svg+xml 2600:9000:225e:8800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Requested by: Host: static.tradingview.com
URL: https://static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.afa4d8c6bea160e80887.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:8800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:31:21 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
age: 784
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
alt-svc: h3=":443"; ma=86400
content-length: 870
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
server: AmazonS3
etag: "e9173ef4613c3da43c45885ea39c4b96"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-id: 4Wse2T-Qjzr3QfgpxtqvJZT1d0m3eg1EpSYc8MkV86VtBf-Y70FRIA==

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 3146
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

16ms
16ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5415e167939806ea2a4d6958e9e752ca612714131e68bafdb6851014813fd09e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 16 Nov 2022 05:44:24 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 3146 29 B
588 B 45ms
7ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:35:09 GMT
x-content-type-options: nosniff
age: 555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 05:50:09 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 48D9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

23ms
22ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jZl8N_dwOTc

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1e81a82cb57a891fd4a248bc2c68d0a675da62a9ea143209d2222b304c9c95d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 16 Nov 2022 05:44:24 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 48D9 29 B
54 B 47ms
7ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:35:09 GMT
x-content-type-options: nosniff
age: 555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 05:50:09 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 39ms
15ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 16 Nov 2022 05:44:25 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3146 65 KB
30 KB 42ms
25ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfa4c69196a098025e75473d2500aa02e9570ed66e4c3a7ac5bdd5de5748be20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30538
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/ Frame 3146 118 KB
36 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fa4d9510d3b5966db25ca539e5c9bebed6314930aa3bf47cd36c22044e123f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YqCruUbpsk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37227
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:59:16 GMT

GET
H3 200 ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js Show response
www.google.com/js/th/ Frame 3146 36 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b27fe6579f4e90f9b7f692f2fb1ef667fba1a680874c71a3560b36ffface662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 03:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 354916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14218
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 03:09:08 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/ Frame 3146 26 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

767721911c7b7df933f222b581db1a8cae5819f11c929fcf05106d3b407809da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YqCruUbpsk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8286
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:58:58 GMT

GET
DATA 200
OK truncated
/ Frame 3146 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3146 942 B
1 KB 47ms
10ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:13:43 GMT
x-content-type-options: nosniff
server: fife
age: 1842
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 942
x-xss-protection: 0
expires: Thu, 17 Nov 2022 05:13:43 GMT

GET
H3 200 sddefault.jpg
i.ytimg.com/vi/YqCruUbpsk4/ Frame 3146 34 KB
34 KB 49ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/YqCruUbpsk4/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGCUgVyhyMA8=&rs=AOn4CLDhHhra5a0uBb__toJ3DfCkVrrLPg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YqCruUbpsk4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

465d85d2b1a04743b3049c54e3449b6d2ed65d88fd8e30fee20d30ee7b000ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:17:32 GMT
x-content-type-options: nosniff
age: 1613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34629
x-xss-protection: 0
server: sffe
etag: "1661821477"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 16 Nov 2022 07:17:32 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 49ms
10ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

0a010f8e493dfcf86349b9f2e6daddeeaf47be97b277c326f38dd368eb6bf1c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 74 B
252 B 45ms
11ms XHR
application/json 2001:41d0:701:1000::2fb3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::2fb3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 94d55a6a9c65c29731271cfbe853194f1b7d8c0cbc251f34efcd4e6e76637ed1

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 05:44:25 GMT
content-length: 74
vary: Origin
content-type: application/json

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
15ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 16 Nov 2022 05:44:25 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 48D9 66 KB
30 KB 25ms
25ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1aa2a32afb3610bef3225f854f6eb601c30e3dc76443b7feeb71284bf53a1ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30772
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/ Frame 48D9 118 KB
36 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fa4d9510d3b5966db25ca539e5c9bebed6314930aa3bf47cd36c22044e123f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jZl8N_dwOTc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37227
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:59:16 GMT

GET
H3 200 ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js Show response
www.google.com/js/th/ Frame 48D9 36 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b27fe6579f4e90f9b7f692f2fb1ef667fba1a680874c71a3560b36ffface662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 03:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 354917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14218
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 03:09:08 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/ Frame 48D9 26 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

767721911c7b7df933f222b581db1a8cae5819f11c929fcf05106d3b407809da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jZl8N_dwOTc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8286
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 16:58:58 GMT

GET
DATA 200
OK truncated
/ Frame 48D9 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 48D9 942 B
966 B 46ms
27ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-SwUJ9nhpb2Q04JzHnr7UL8snw8a04IVrCHg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jZl8N_dwOTc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:13:43 GMT
x-content-type-options: nosniff
server: fife
age: 1842
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 942
x-xss-protection: 0
expires: Thu, 17 Nov 2022 05:13:43 GMT

GET
H3 200 sddefault.jpg
i.ytimg.com/vi/jZl8N_dwOTc/ Frame 48D9 54 KB
54 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jZl8N_dwOTc/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGFMgWihlMA8=&rs=AOn4CLAwvQjdu_4u4Geud6bC_Mb6kbeLeA

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jZl8N_dwOTc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

343b47133554ab08bf0242aa0d2aaf2fdb2aee7e50226a22d7c5c8415ab8f691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55012
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 16 Nov 2022 07:44:25 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 15ms
15ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

3d7df04a1d0fe5a95d68ab8e8e7949415de1813f2c92a9178027ac348fd5c14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 74 B
252 B 14ms
13ms XHR
application/json 2001:41d0:701:1000::2fb3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::2fb3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: bd168a7c764159802f3cbb1f4d8868504073e5c7a1adb43c14cde0c6c17cbfb4

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 05:44:25 GMT
content-length: 74
vary: Origin
content-type: application/json

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 29ms
8ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

18dd4347f170114a711c10500fc6f4da93e7e0ba3312fcb78bf83ef6d1cf7c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 74 B
252 B 28ms
8ms XHR
application/json 2001:41d0:701:1000::2fb3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::2fb3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 36d991cbfefba866fc791cb718d6368d70389add3744f3122c3242d820a9c511

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 05:44:25 GMT
content-length: 74
vary: Origin
content-type: application/json

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame B6F4 76 KB
27 KB 134ms
134ms Script
application/javascript 172.98.59.22
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=332

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v1s3ek8/?pub=hw409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.59.22 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

47ab7c59dfab1f611c49f00c9db3f1a6f2e7cc02608bffbda5ef0bd0bd342fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/v1s3ek8/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br
last-modified: Tue, 15 Nov 2022 15:53:34 GMT
server: nginx
etag: W/"6373b5fe-131ea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000

GET
H2 200 csBRg.OvCc-small-People-YOU-are-Being-Laughe.jpg
sp.rmbl.ws/s8/1/c/s/B/R/ Frame B6F4 20 KB
20 KB 12ms
12ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/c/s/B/R/csBRg.OvCc-small-People-YOU-are-Being-Laughe.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/v1s3ek8/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 92716bd3fc1c218df896e33499237f4b8fb1bc4e96e63100cc52df5064788afc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
last-modified: Tue, 15 Nov 2022 18:49:19 GMT
server: nginx
etag: "844395fcf8970a2050fc813e913ff4b6"
x-hw: 1668577465.cds157.fr8.hn,1668577465.cds258.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=51384
accept-ranges: bytes
content-length: 20213

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
627 B 36ms
10ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

2d395bf3afba2e3ef6bb3298c570450b7e2dd40d39ad8dd617bc401558a8b647

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3146 90 B
134 B 21ms
20ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f28559c1668e8e24c547c120738154f12e97918e98c3a85b2c48af8eedd32305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
16ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 16 Nov 2022 05:44:25 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 206 csBRg.caa.rec.mp4
sp.rmbl.ws/s8/2/c/s/B/R/ Frame B6F4 6 MB
0 13ms
12ms Media
video/mp4 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/c/s/B/R/csBRg.caa.rec.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/v1s3ek8/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash

Request headers

Referer: https://rumble.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
last-modified: Tue, 15 Nov 2022 22:06:07 GMT
server: nginx
etag: "33460889545a86a397487a3f6a0c3915-69"
x-hw: 1668577465.cds157.fr8.hn,1668577465.cds136.fr8.c
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-360520849/360520850
cache-control: max-age=69277
accept-ranges: bytes
Content-Length: 360520850

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
627 B 9ms
8ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e4f5c1c8662919596eeef1ec30f27a71f75acdd5375a6d9bf911ca604bef4fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 48D9 90 B
134 B 19ms
18ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3b1488487b4d73bad11b73060fd34659af0a463246c52cddd757765f3150bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 54ms
53ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 16 Nov 2022 05:44:25 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
627 B 47ms
46ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: eu-1-id5-sync.com
URL: https://eu-1-id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

62314061f4f47f66d49cdcf859e6177ecf95bf301dde36bda6fcfd84fb509b9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Wed, 16 Nov 2022 05:44:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3146 4 KB
2 KB 41ms
26ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 05:44:25 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 3146 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?vSqVbw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YqCruUbpsk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 48D9 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?qrinqA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jZl8N_dwOTc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 48D9 4 KB
2 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 05:44:25 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame B6F4 49 KB
20 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 05:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1711
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 16 Nov 2022 07:15:54 GMT

POST
H2 200 view...1s3ek8.1snkepg
rumble.com/l/ Frame B6F4 35 B
191 B 133ms
132ms Ping
image/gif 172.98.59.22
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...1s3ek8.1snkepg?p=2.3&r=106538732&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.59.22 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/v1s3ek8/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 16 Nov 2022 05:44:25 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
server: nginx
log-code: 3
content-type: image/gif

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 3146 52 KB
15 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 17:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 16 Nov 2022 17:13:51 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 48D9 52 KB
15 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 17:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 16 Nov 2022 17:13:51 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame B6F4 4 B
24 B 19ms
18ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1934182507&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.v1s3ek8%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=People%2C%20YOU%20are%20Being%20Laughed%20At!%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&_u=YEBAAEABAAAAACgBIC~&jid=629047021&gjid=1329169713&cid=1720327975.1668577466&tid=UA-44331619-1&_gid=544823849.1668577466&_r=1&_slc=1&z=1618182786

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 05:44:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame B6F4 35 B
55 B 29ms
27ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1934182507&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.v1s3ek8%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=People%2C%20YOU%20are%20Being%20Laughed%20At!%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&ec=Embed&ea=View&el=v1s3ek8&_u=YEBAAEABAAAAACgBIC~&jid=&gjid=&cid=1720327975.1668577466&tid=UA-44331619-1&_gid=544823849.1668577466&z=1105585661

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v1s3ek8/?pub=hw409

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 04:31:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4404
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame B6F4 4 B
25 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-44331619-1&cid=1720327975.1668577466&jid=629047021&gjid=1329169713&_gid=544823849.1668577466&_u=YEBAAEAAAAAAACgBIC~&z=1491304805

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Nov 2022 05:44:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ Frame B6F4 42 B
63 B 23ms
21ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-44331619-1&cid=1720327975.1668577466&jid=629047021&_u=YEBAAEAAAAAAACgBIC~&z=1284146102

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 05:44:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame B6F4 42 B
63 B 54ms
22ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-44331619-1&cid=1720327975.1668577466&jid=629047021&_u=YEBAAEAAAAAAACgBIC~&z=1284146102

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 05:44:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 60ms
60ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3052
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 76adea28ec559a41-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 16 Dec 2022 05:44:25 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/ 44 B
560 B 57ms
46ms Fetch
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
status: 200 OK
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 998b4060-2a98-4383-b7f5-4244eb7832d2
x-runtime: 0.007709
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e51140cdcd044ad76335646936ec5319"
x-download-options: noopen
vary: Accept, Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 76adea297fe3915f-FRA
access-control-allow-headers: SDK-Version

GET
H3 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
2 KB 32ms
31ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 931684
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5fe55cb2-8ab"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-max-age: 3628800
accept-ranges: bytes
cf-ray: 76adea29ce769951-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 27 Oct 2023 00:40:44 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3146 28 B
54 B 23ms
22ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time: 1668577467422
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/YqCruUbpsk4
X-YouTube-Client-Version: 1.20221113.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtDT09WUWdlSDRBcyi48dGbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668577464762&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C367%2C245&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 16 Nov 2022 05:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 16 Nov 2022 05:44:27 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 48D9 28 B
54 B 22ms
21ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time: 1668577467536
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/jZl8N_dwOTc
X-YouTube-Client-Version: 1.20221113.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt2UjctRm1rQnJoRSi48dGbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668577464750&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C370%2C246&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 16 Nov 2022 05:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 16 Nov 2022 05:44:27 GMT

Verdicts & Comments Add Verdict or Comment

280 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s2
beforeitsnews.com/	1970-01-20 07:29:45	Name: __cflb Value: 04dToerZmTfQcfwEHt8ULGdndf17BZ3pgBJPSRpc4o
.mgid.com/	1970-01-20 07:29:39	Name: __cf_bm Value: HbujEiZzsQDAUNBm6WIGYKLebl7KVaAXUaunhoUyEr0-1668577463-0-AeiwzlD9RlzO853zisjQmhvYwGgujzOMwExoiN8CrIl490GhqVJ4g9ewpzEAbDUSFZRXbh/dB5V5E+OliPtLENY=
beforeitsnews.com/	1970-01-20 17:05:37	Name: b4in-uuid Value: c9d30f3c-1a12-4f1c-876a-c59c40580bd8
.beforeitsnews.com/	1970-01-20 17:05:37	Name: _ga Value: GA1.2.1308657580.1668577463
.beforeitsnews.com/	1970-01-20 07:31:03	Name: _gid Value: GA1.2.382352752.1668577463
.beforeitsnews.com/	1970-01-20 07:29:37	Name: _gat_UA-16055024-1 Value: 1
beforeitsnews.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1668577464351%7D%2C%22C720413%22%3A%7B%22page%22%3A1%2C%22time%22%3A1668577464356%7D%2C%22C720415%22%3A%7B%22page%22%3A1%2C%22time%22%3A1668577464374%7D%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: E4I-WCEZnHg
.youtube.com/	1970-01-20 11:48:49	Name: VISITOR_INFO1_LIVE Value: vR7-FmkBrhE
.rumble.com/	1970-01-20 17:05:37	Name: _ga Value: GA1.2.1720327975.1668577466
.rumble.com/	1970-01-20 07:31:03	Name: _gid Value: GA1.2.544823849.1668577466
.rumble.com/	1970-01-20 07:29:37	Name: _gat_rumble Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://beforeitsnews.com/(Line 271) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20221111_135515_353.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 271) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/738377/images/B65DC8FA-871B-4217-94AE-C1782877CB84.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 371) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/819011/images/IMG_20221111_135515_353.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/(Line 371) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/738377/images/B65DC8FA-871B-4217-94AE-C1782877CB84.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/logo_1_wg5s9f.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.beforeitsnews.com
ajax.beforeitsnews.com
beforeitsnews.com
borirait.site
c.mgid.com
cdn.mgid.com
cdn.onesignal.com
cdn2.customads.co
cm.mgid.com
customads.co
eu-1-id5-sync.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgflip.com
i.ytimg.com
id5-sync.com
img.beforeitsnews.com
img.rtbsystem.org
img.youtube.com
jnn-pa.googleapis.com
jsc.mgid.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
m.beforeitsnews.com
onesignal.com
pagead2.googlesyndication.com
rddywd.com
rumble.com
s-img.mgid.com
s.tradingview.com
s3-symbol-logo.tradingview.com
s3.tradingview.com
servicer.mgid.com
sp.rmbl.ws
static-3.bitchute.com
static.doubleclick.net
static.tradingview.com
stats.g.doubleclick.net
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.ournewearthnews.com
www.youtube.com
yt3.ggpht.com
104.18.64.15
151.139.128.10
162.19.138.117
162.19.138.82
162.241.30.109
172.98.59.22
18.66.147.12
18.66.97.113
2001:41d0:701:1000::2fb3
2400:52e0:1e00::722:1
2600:9000:2182:5c00:18:9413:7780:93a1
2600:9000:225e:8800:1f:2f70:3e80:93a1
2606:4700:10::6816:4a8a
2606:4700:10::6816:4b8a
2606:4700:1::6813:864e
2606:4700:1::6813:884e
2606:4700:20::681a:908
2606:4700:3038::6815:eb8a
2606:4700::6812:e134
2a00:1450:4001:801::2003
2a00:1450:4001:802::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2016
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c1b::9b
2a06:98c1:3120::3
35.190.30.115
52.222.214.117
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
0a010f8e493dfcf86349b9f2e6daddeeaf47be97b277c326f38dd368eb6bf1c0
0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8
0ba678007777c8f3da08b6fd7ed29b2245dec4f572bba3313c54766f17cbda1f
0bc671931d94766730f0ef8d31d927a524a9c4e68dce6947cc3c53e5878ee33c
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
11d8ab754a7bd056500e49e7f473228063c95032e33794319a5f28cfaa511cb8
12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1
13f0593a5d13fb5749e110899dbe6e2e4e7d807f3958e15b937cc6f0001764f2
15c8288a0739ac7b9d71592f12c6da487bd2c63cc2657a561e6089f93ff1bfd3
16e48662932b4c8c29f626512afbd767786eb4b52fab1bb46335ae8410a94c92
18bd5df8670101f1361685222eae5fb8ca2ce364dd93651d0c3fae5c61795832
18dd4347f170114a711c10500fc6f4da93e7e0ba3312fcb78bf83ef6d1cf7c33
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1aa2a32afb3610bef3225f854f6eb601c30e3dc76443b7feeb71284bf53a1ad8
1b612e628d1d0351f65d48d424f3ea015eb62103e1373b6ec255829e8feea1fd
1c06e495f43829458c1154dcb847dccb258e2490fdc8022d80c8ee9410507fd9
1e39fbaf69594ed7df217d88b6e405c5c6497269f6a5becc04e6ca8078a57d84
217aa7943cb92f82284fd9d463c085c9bdf2cfa52560f8a53628c35b6c706455
233eca5f4f7e19c25cc0f721efaad650525ce61f70a81770ada51d91227e21d1
23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b
24f9ed66dd5e9484a09093bb9a6724a217e16353b170f2a5896af19ad77b1a95
25baabde5ab48b2510f26d07101ef48899781ce1bfe1e2e5377796c9677b0dd2
27b97fb195867cc4275bf8a7845a54e4c22bec08e0775a0946940ce50a8af1a7
293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643
29df878bc3b698e57dc1e08c12881ff1a640110f95f38a64137cdc1bb4300fc1
2d395bf3afba2e3ef6bb3298c570450b7e2dd40d39ad8dd617bc401558a8b647
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
2f3eba1194c88bed5aea71a0e612cac14a5f13af4b072395d3327a462a050325
314e52babbc217c9bbed2c2f9532bc56ea097caa7f026fefb767eccfabd0da8c
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
33e0af3eac46f57cf0fc99c34d6ab9a3b550986b1efd4b250241dadbe508313b
343b47133554ab08bf0242aa0d2aaf2fdb2aee7e50226a22d7c5c8415ab8f691
35756cfdc99cea57d1bebba0304db1a4657bbfae0366c0bf15b1e48bdf113e9f
3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d
36d991cbfefba866fc791cb718d6368d70389add3744f3122c3242d820a9c511
3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde
3d7df04a1d0fe5a95d68ab8e8e7949415de1813f2c92a9178027ac348fd5c14f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ee5811c76d7723bfd84473090c1a356eaaf8e383d33dfc592275a375c9197fc
3fa4d9510d3b5966db25ca539e5c9bebed6314930aa3bf47cd36c22044e123f0
40c9f983c3aba68fa3088760e1a20efe0559cdb3527582995c511e00622bb1ed
425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
4504c1cb95381a139f0c0d680b1b708b6d115d6624121ebc7f3d0ca63a87624b
465d85d2b1a04743b3049c54e3449b6d2ed65d88fd8e30fee20d30ee7b000ce8
46881e42e7b3d37ef5d6a815eacb658cb89503818b72fd0fe31cabea4cf00486
4705df9f16a57401d59569ddb4032a6c352b5352353475f891e4c2673e4d21fa
4727c236a79590156e2b25d8bd8ece765550e11055191092b3f4632446dbcfe9
47ab7c59dfab1f611c49f00c9db3f1a6f2e7cc02608bffbda5ef0bd0bd342fb2
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
49392c2be71d4f5dc591e7315a4e0d851dbc2d84e698f5a2689c33371765f236
4951d7c0b7ddef8e96699d8cf85f7201a315bd090c4c02c9426955bbc32b3615
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4c5482525141cafe3826dd5c62639094fe6053531a9b93af37c3c396c2681d6d
4c83946e175ac8f5be1ea46e5896c8a51ef4dfbbf75ce8f92a0b5f256c637bff
4cd9824716dded423848eb90b2c49504e0fee7152790113bd7c15d82dff4f104
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
4e389218927c149529b667409ed22a2a56dd391d19a09b53415ada91bccea58d
4f10933a55ea376c3ae57000f6a7c410d52a2b45e0e8d404a0a7d1faa01ebe2f
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
5415e167939806ea2a4d6958e9e752ca612714131e68bafdb6851014813fd09e
56438a82fdbefb67d4a30afd1d839de246b0e56832be695ade6660bdb6c35507
571b309f6c5dc15b62664b1481fb4253e1c243ace7c908660bb49112360a0faf
57cbf18959509bfbf96b60da1a4c7454e71c70d2d0761dbd5978a7dff02004d9
584ebe92232b4937e10492d818eafb5df6f02159ce05147930b0009b6761ddb1
58aa67532ca92a7ba13ac2ce6e32af21801e891fda8d216a9fb05f0ba0f2837d
58edc25ba1976b550899f5f02fe9344f4f5fccfd573a379df3451e743f8a8c06
5a6db4767fb6c26d3cc80c517b930f00640f1c4f46a7cedb6e9ab4cfeafef303
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b997bcff91f40fdd88dfa17feadca80bc7029e99e6dcbe6d78f3a1e210a9432
5bf1ff7c861b303af85db79af26f29bd653f3a16fe257b9c2614d46e8b85f683
5d2e18cac4b9aa1693b5c3354956db24df1bf934c9aa5220c0f021f07422fdae
5d9c258676dd7921f77411de9569d784cdaec92335493b8d1a7dfe8cabd5763b
5e334d80e235b694fd475fc2016080bd4ad5c6b15190e745d72dc94eaaac80ed
5f07a6593d43c1ce90e3dce0f9bf32f33336a39e788bb0d37a18ece273463bb9
5f8f569f3da46c5354dd8440b64c0e4571fa37ecb6068a6bc4e1fc267a0aa830
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6159f32f1b79a94b26c2c580fdd4ffdfc91af5334f46c4d8b2a1597925fb2e78
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62314061f4f47f66d49cdcf859e6177ecf95bf301dde36bda6fcfd84fb509b9c
63eab23b8c5b275da2fb37a85564d10899562833514adcba39066d724fd6725d
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
690822970b24b3265f5d24dc65920d4707909b62cd2101a05ccfa2204e744f8d
6a194ace54f5bfe33571be8873a85b98bfa9f7e7b7e9afc9e6fd9a354b23dd17
6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf
6b27fe6579f4e90f9b7f692f2fb1ef667fba1a680874c71a3560b36ffface662
6ba5ca184bfcf5b39713fadd7b1442fe53a9ae8ff2dfec3935fb3f86480fd5af
6bf33be17a5cadedd2667e48f475bc2a9a0de4726961dc7dbccb7f0c5befee48
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4
6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
707dbe176a81ff7d8bc75c8e2d235ad9c2361a2928afee6daf54ad76d0aaf4a1
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
767721911c7b7df933f222b581db1a8cae5819f11c929fcf05106d3b407809da
773a4e7fbdc613d57c567b05721f87b7f7b97f0d58ad4e8c9e8531ebd46533c8
7908c2f4b89146df43567c37fef2bfcb60e7cbad27f8e6650c5d6f94388778b0
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7ae9d07aba4424bb44e367f4cb94530c493bbbb3125fec2d330daba4eba72840
7bd4e0e8920490f8b0070bd0f5324d107b89867d233a511c6d87dd7649fe6b62
7e8afde24c9d1649679073c92e36842cc72831188aa26f043e21f4f67aa5aa38
7efaa08adcc8a1f397fb7d8a20cae25515ed7741cfefdfda56bfea3aff4b2412
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a3d8af7a1f1580c3d29069e046b0bc5cea5406a3015d7f2de17d76fdef8711
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
884964b723bc5dd14b0b562a2a3148f9f852e7bafe6894e0314a73e6efdda915
88deb6cca5f42a1b999d8d1a57ab4c4ca0c40753aed081fa66492d8d1797f1e4
89fc64965f25ad3124a7f8094fa0ac2296d4a4681362156d370b2db27ba248c8
8a1fc4a5719569d254b33f46fbdacd4458fb9b4bef7b151959a059331062fafd
8c488ca0ee9a0191a433c2676ac385400877a165e179ed0aaec5a408835631e6
8cd1b41ee0a06e7072185e58dafd568eea44bef71640e7fc015d3bf0f5890f3c
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9216263738afedb1ebd7d69e6c7b57146a1531dc3b2feb1a20811949ed9019e7
92716bd3fc1c218df896e33499237f4b8fb1bc4e96e63100cc52df5064788afc
92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc
9405d90d85be75896f4808e8ac6d770a613e63e50d77bb241856fd30da1e9c1a
94d55a6a9c65c29731271cfbe853194f1b7d8c0cbc251f34efcd4e6e76637ed1
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
968223d9a08ecd504af62126c91de12e96fe95e2a3c00853d9b1a268dd6af653
9c175e13b7779b1c10533c65a75f5af3fda93d9c2611940e167513364af503b5
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e0acca7789c4583117267996203839e845b2e901710df33bbbbf21cd6555b5c
a0d7b8a6237561de8a6c9369317d85f5d62d83b26847b181ddeef13c5ac3ea6b
a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a
a10a75711625e152e9e1de8b8e0605ee8d49cc7d2c264d38f87c1fdc84067268
a5068464290b2b7404e5f67f0bbbcabfc046b1e6d635430e91e77d96461c95ec
a9d447abcc72abe7d4c47bbef66f0ce21b3a596e9713c650ff7fd84ce9c94986
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ae66c72453c6b2a0cdfa543917b9a29a13ccfe9cfdfd6fa2510181d938bb2060
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0387fc6cf743379a8787351d45a85dcc813211730b0bb08719861a85a2cb81f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b45162d699ebfe9716684cef90a6b3a9ca98d1be386b6072ffc9bd85cabba471
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2
b76b552b13c93e2de7031bd6a9f4e54f75d7abd1fe62c133a9948e3598d10e93
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
badb1e69876243774549ecc510360bd367c7e0a2155eda509437c01e14707ef9
bc65c6721af6fef8b02dca12cd466a18150acbe66203f45d76782f210194867e
bd168a7c764159802f3cbb1f4d8868504073e5c7a1adb43c14cde0c6c17cbfb4
be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c1cb26beb27bc6b3fb7e9b223ed5e30e37fc226adfa62b366a5a664c4425dff2
c1e81a82cb57a891fd4a248bc2c68d0a675da62a9ea143209d2222b304c9c95d
c32cb580981ced5d41956d35867e2d727e104386a33cfa863f516fe8da06fd49
c597aa4c403470d4d2d0f501aeef390113e477968b363496de6f4cbbff481486
c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c
c95cc3e583a81552c835f63bc5bce5d7e0359535b713df4e3876dcec05b6ac5d
ca54a58be4f54cf7421a2f34a0ed18f3eeed78566f71fe1ac8e80734abf08838
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb53cdf2605afe7aad9e1232ef7e4432ea4c485f32f1beb4a054b0d1504821cc
cea030358c8f7ad5aac21ed8ea988b7726d924381bc058c401ce0bb285f51bbe
cef9ae613e310483b7a82169bdabb06d68af52447bdf6b586b234cf97f7bfcb7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa1b00fc29fba7241fcfefdc7eaef10bc50506cdb09cdcf39df3607474be3bf
cfa4c69196a098025e75473d2500aa02e9570ed66e4c3a7ac5bdd5de5748be20
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d01eee8af54b3ea2049757a2f70dee96fa85fcc3e701a7ba0d4c5bd2fcd91e5d
d0aa12bfa75ea1029d79d2ffae7ac0df0a29dd980778481c476555045a31b089
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d1b8a0fc8cd1e1cee4a88d59f5787fdd243f2fbf583f809d5c8d5028ea2b1162
d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d3b1488487b4d73bad11b73060fd34659af0a463246c52cddd757765f3150bc8
d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3
d6d46bc1263abdc312120275fc077e5acea30b0a5c6a5fe77dc9e3780923da85
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391
dcd4fbd0b24d02a7f50a5de3238e4dc37ce315f157794d618b8536d6e4cf3788
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df173c22699a580af5fc7e35726a17d7875d99fe824f3eefb2f4ff618537e1e0
e07a66b177611ab4b2c62f18e7c10843100dabde3302a31dc9afd827ce2526f1
e07fc5c65bd1a68288ee07ddf3b7f171a068cf0f1a76d03fb4797695ba5842f8
e0cc46fd307661ddfe1c8a4f05af453ce3c5c7641b22c4ce3e06ab690c99348b
e15dee80396f84d11219b2869d47415eeaf47783b1d191cced132ae4e4546cd3
e18eafbd4b9b5108ca414f4ecfef916adfc6a178674ae24defb6e2c9179f0617
e278eba40e64f5adb34a4f691da536fd74c46550f4c8ed30a91ac394282ac0e5
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f5c1c8662919596eeef1ec30f27a71f75acdd5375a6d9bf911ca604bef4fb5
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e532252f98b6de1eb227f7e41734c67a5f0ffe91dd980876103d160e2ebed2dd
e57077b7049f530c3a3b57e45ede080229e9b6132f111f276d7a5bcf1299f9df
e9d3e91c5c402ee3e44b8ccacf4e6b0693f34c892f54d2a3c9c228e784efe260
ea96fd7ce63932fbc9213224d869baa7def0ffbd857e9e49a810f1c7c85fae6c
eb0d3c35b96a6dfe72903c0418f1e25b86049180bc5dddd7f8e695b69ab2e4e4
ec982be0fe0cbc9c721b3aface05cd386bec46dea3f004ed49b395617b1cc594
edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531
f28559c1668e8e24c547c120738154f12e97918e98c3a85b2c48af8eedd32305
f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897
f6d52f32eced2aea962b6a674009bd1be0ccf506af181a216384d25565a6ac31
f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92
fc4c8022b04641041bd28e86cca274c5339177ab035b3d1cb6bd7e34e8919540
fc93f930396c1e55d7d0ebce7db81b3b9f12fbaa3e4b7fe184787ba9c16b6dfd
fd16e2f47442ce859fab5d2b5caa90c42f3898ee870c0fea78b32f87861cd418
fe19334709cd41c6c626aa65d242a3c096e5ef4d92097fc19fc27ab73d31d50a
fe7249a559c40d77c52c75c19e5dc4c032e4b2e17a4189e2f89eda272af2ac6b
feaeaf37ed3a2420ec0f0aeab23e9b0d5d2f5ae15bb21ae88c5ca2c5bf35f3d8
fef9f5e0426db8783612d7cdecd671cb32de9e20b27d18f110512f5dfc1caadc

beforeitsnews.com Open in urlscan Pro 2606:4700:10::6816:4b8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

269 Requests

96 %HTTPS

76 %IPv6

26 Domains

50 Subdomains

43 IPs

7 Countries

6002 kBTransfer

19598 kBSize

13 Cookies

34 Outgoing links

Redirected requests

269 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Screenshot
Live screenshot

Full Image

269
Requests

96 %
HTTPS

76 %
IPv6

26
Domains

50
Subdomains

43
IPs

7
Countries

6002 kB
Transfer

19598 kB
Size

13
Cookies

269 HTTP transactions
4 data transactions