beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4a8a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.beforeitsnews.com/
Effective URL:
https://beforeitsnews.com/
Submission: On December 09 via manual (December 9th 2021, 7:19:27 pm UTC) from PL — Scanned from DE

Summary HTTP 237 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 52 IPs in 9 countries across 47 domains to perform 237 HTTP transactions. The main IP is 2606:4700:10::6816:4a8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2021. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 48	2606:4700:10:... 2606:4700:10::6816:4a8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	65.9.68.79 65.9.68.79	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::2016	15169 (GOOGLE) (GOOGLE)
27	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:d7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
8	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
5	185.59.220.199 185.59.220.199	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2606:4700:303... 2606:4700:3036::6815:eb9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.18.64.15 104.18.64.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
21	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	104.200.19.217 104.200.19.217	63949 (LINODE-AP...) (LINODE-AP Linode)
1	209.58.165.79 209.58.165.79	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	2606:4700:303... 2606:4700:3036::ac43:a0fa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::ac43:b4b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	64.27.55.138 64.27.55.138	30475 (WEHOSTWEB...) (WEHOSTWEBSITES-COM)
1	2606:4700:303... 2606:4700:3032::ac43:d803	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::ac43:d037	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	40.114.178.124 40.114.178.124	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	96.125.172.62 96.125.172.62	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
9	65.9.68.47 65.9.68.47	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:224... 2600:9000:224a:bc00:18:9413:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
3	35.190.30.115 35.190.30.115	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:40f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:4b8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:bbb3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.176.152 34.102.176.152	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4016:809::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2600:9000:205... 2600:9000:2057:1200:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
6	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
2 2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	34.254.166.91 34.254.166.91	16509 (AMAZON-02) (AMAZON-02)
4 4	18.157.58.24 18.157.58.24	16509 (AMAZON-02) (AMAZON-02)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	188.165.137.78 188.165.137.78	16276 (OVH) (OVH)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3	169.55.146.12 169.55.146.12	36351 (SOFTLAYER) (SOFTLAYER)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
237	52

48 2606:4700:10::6816:4a8a (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.68.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-79.fra56.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:d7b9 (United States)

ASN13335 (CLOUDFLARENET, US)

calabeshes.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.59.220.199 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-722.bunnyinfra.net

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:eb9 (United States)

ASN13335 (CLOUDFLARENET, US)

jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.64.15 (None, )

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.200.19.217 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: healthimpactnews.com

vaccineimpact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.58.165.79 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: opal2.opalstack.com

tapnewswire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:a0fa (United States)

ASN13335 (CLOUDFLARENET, US)

settingbrushfires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:b4b3 (United States)

ASN13335 (CLOUDFLARENET, US)

lisahaven.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.27.55.138 (Troup, United States) 1 redirects

ASN30475 (WEHOSTWEBSITES-COM, US)
PTR: savethemales.ca

henrymakow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:d803 (United States)

ASN13335 (CLOUDFLARENET, US)

www.henrymakow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:d037 (United States)

ASN13335 (CLOUDFLARENET, US)

thewashingtonstandard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.114.178.124 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

external-content.duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.125.172.62 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 5104708.theeconomiccollapseblog.com

theeconomiccollapseblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 65.9.68.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-47.fra56.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:bc00:18:9413:7780:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn2.customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.30.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.30.190.35.bc.googleusercontent.com

customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:40f1 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4b8a (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:bbb3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mydailyinformer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4016:809::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:2057:1200:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.161.21 (Netherlands) 2 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.103 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.166.91 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-166-91.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.157.58.24 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-58-24.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.137.78 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.55.146.12 (United States)

ASN36351 (SOFTLAYER, US)
PTR: c.92.37a9.ip4.static.sl-reverse.com

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	beforeitsnews.com 3 redirects www.beforeitsnews.com beforeitsnews.com img.beforeitsnews.com ajax.beforeitsnews.com a1.beforeitsnews.com	728 KB
33	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	300 KB
29	tradingview.com s3.tradingview.com s.tradingview.com s3-symbol-logo.tradingview.com	265 KB
21	youtube.com img.youtube.com www.youtube.com	1 MB
11	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net static.doubleclick.net	41 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	114 KB
9	imgflip.com i.imgflip.com	432 KB
8	rmbl.ws sp.rmbl.ws	795 KB
7	googleapis.com fonts.googleapis.com www.googleapis.com translate.googleapis.com translate-pa.googleapis.com	87 KB
6	google.com www.google.com translate.google.com	54 KB
6	google-analytics.com www.google-analytics.com	59 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	11 KB
5	onesignal.com cdn.onesignal.com onesignal.com	83 KB
5	bitchute.com static-3.bitchute.com	236 KB
4	bidswitch.net 4 redirects x.bidswitch.net	2 KB
4	customads.co 1 redirects cdn2.customads.co customads.co	6 KB
3	rumble.com rumble.com	32 KB
3	ytimg.com i.ytimg.com	82 KB
2	ggpht.com yt3.ggpht.com	8 KB
2	360yield.com 2 redirects ad.360yield.com	613 B
2	e-volution.ai 2 redirects sync.e-volution.ai	918 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	adsrvr.org 2 redirects match.adsrvr.org	907 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	754 B
2	google.de www.google.de	564 B
2	rddywd.com rddywd.com	1 KB
2	henrymakow.com 1 redirects henrymakow.com www.henrymakow.com	30 KB
2	jamesredpillsamerica.com jamesredpillsamerica.com	5 MB
2	googletagmanager.com www.googletagmanager.com	71 KB
1	erne.co 1 redirects green.erne.co	296 B
1	idealmedia.io cm.idealmedia.io	413 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	347 B
1	lentainform.com cm.lentainform.com	495 B
1	zeotap.com mwzeom.zeotap.com	456 B
1	adtelligent.com s.adtelligent.com sync.adtelligent.com Failed	885 B
1	wixstatic.com static.wixstatic.com	14 KB
1	mydailyinformer.com www.mydailyinformer.com	15 KB
1	googlesyndication.com pagead2.googlesyndication.com	51 KB
1	theeconomiccollapseblog.com theeconomiccollapseblog.com	74 KB
1	duckduckgo.com external-content.duckduckgo.com	31 KB
1	thewashingtonstandard.com thewashingtonstandard.com	34 KB
1	lisahaven.news lisahaven.news	939 KB
1	settingbrushfires.com settingbrushfires.com	896 KB
1	tapnewswire.com tapnewswire.com	19 KB
1	vaccineimpact.com vaccineimpact.com	86 KB
1	wp.com i2.wp.com	39 KB
1	calabeshes.xyz calabeshes.xyz	42 KB
237	47

	Domain	Requested by
31	beforeitsnews.com	1 redirects beforeitsnews.com
19	s3-symbol-logo.tradingview.com
18	www.youtube.com	beforeitsnews.com www.youtube.com
15	img.beforeitsnews.com	beforeitsnews.com
9	cm.mgid.com	jsc.mgid.com
9	s.tradingview.com	s3.tradingview.com s.tradingview.com
9	i.imgflip.com	beforeitsnews.com
8	cdn.mgid.com	beforeitsnews.com jsc.mgid.com
8	sp.rmbl.ws	beforeitsnews.com rumble.com
6	www.gstatic.com	translate.googleapis.com www.youtube.com www.gstatic.com
6	s-img.mgid.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com rumble.com
6	jsc.mgid.com	beforeitsnews.com jsc.mgid.com
5	www.google.com	beforeitsnews.com www.youtube.com
5	static-3.bitchute.com	beforeitsnews.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	x.bidswitch.net	4 redirects
4	translate.googleapis.com	translate.googleapis.com
4	stats.g.doubleclick.net	www.google-analytics.com customads.co
3	rumble.com	beforeitsnews.com rumble.com
3	onesignal.com	cdn.onesignal.com
3	servicer.mgid.com	jsc.mgid.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com
3	customads.co	beforeitsnews.com cdn2.customads.co
3	img.youtube.com	beforeitsnews.com
3	i.ytimg.com	beforeitsnews.com www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	ad.360yield.com	2 redirects
2	sync.e-volution.ai	2 redirects
2	creativecdn.com	2 redirects
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	cdn.onesignal.com	beforeitsnews.com cdn.onesignal.com
2	www.google.de	beforeitsnews.com
2	rddywd.com	beforeitsnews.com
2	jamesredpillsamerica.com	beforeitsnews.com
2	www.googletagmanager.com	beforeitsnews.com s.tradingview.com
2	www.beforeitsnews.com	2 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	green.erne.co	1 redirects
1	cm.idealmedia.io
1	pixel.rubiconproject.com
1	ssbsync.smartadserver.com	1 redirects
1	cm.lentainform.com
1	mwzeom.zeotap.com
1	s.adtelligent.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	translate-pa.googleapis.com	srcdoc
1	a1.beforeitsnews.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	c.mgid.com	jsc.mgid.com
1	static.wixstatic.com	beforeitsnews.com
1	www.mydailyinformer.com	beforeitsnews.com
1	ajax.beforeitsnews.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	cdn2.customads.co	1 redirects
1	theeconomiccollapseblog.com	beforeitsnews.com
1	external-content.duckduckgo.com	beforeitsnews.com
1	thewashingtonstandard.com	beforeitsnews.com
1	www.henrymakow.com	beforeitsnews.com
1	henrymakow.com	1 redirects
1	lisahaven.news	beforeitsnews.com
1	settingbrushfires.com	beforeitsnews.com
1	tapnewswire.com	beforeitsnews.com
1	vaccineimpact.com	beforeitsnews.com
1	i2.wp.com	beforeitsnews.com
1	calabeshes.xyz	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
0	sync.adtelligent.com Failed	s.adtelligent.com
237	74

This site contains links to these domains. Also see Links.

Domain
www.herbanomics.com
www.tradingview.com
mitocopper.com
tinyurl.com
t.me
forum.beforeitsnews.com
www.youtube.com
0d1bc30khn8aj8baofa0ob1zic.hop.clickbank.net
widgets.mgid.com
www.mgid.com
herbeauty.co
225e505pjo7-s6cf1g5jdswy81.hop.clickbank.net
www.mitocopper.com
www.fincabayano.net
www.braintuner.com
5startech.bioptimize.hop.clickbank.net
brainberries.co
6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net
telegram.org
ec085q5dfiz0ib0dis3ar12sae.hop.clickbank.net
6456bt1hdmvcfg3tqrvwp1zwh6.hop.clickbank.net
67c17t4mop5dd2bkqeiatx5n7u.hop.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-14` - `2022-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.tradingview.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
sp.rmbl.ws R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
static-3.bitchute.com R3	`2021-11-17` - `2022-02-15`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
medicalkidnap.com R3	`2021-12-06` - `2022-03-06`	3 months	crt.sh
tapnewswire.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.duckduckgo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-11-26`	a year	crt.sh
theeconomiccollapseblog.com cPanel, Inc. Certification Authority	`2021-11-27` - `2022-02-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-27` - `2022-05-26`	6 months	crt.sh
customads.co GTS CA 1D4	`2021-10-29` - `2022-01-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-12-03` - `2022-03-03`	3 months	crt.sh
*.rumble.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-11` - `2022-12-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 05E806EDDC93A5563513EFE5C7AE43D9
Requests: 148 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: 60B17A9981E3D50E26EB0B18ABE668A5
Requests: 30 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202111919
Frame ID: 6704497A5D1E5E29022FE9D174E21413
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 1CCE46D0F6FB21D521F1CB8AF1AE7F93
Requests: 1 HTTP requests in this frame

Frame: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 7D50FD036F3DC6B1D648B81E7C2F6C6D
Requests: 2 HTTP requests in this frame

Frame: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 5D93226FBD85AE9018B5094AFBE495E5
Requests: 2 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 48164937DB1FD3AB7ADA587A044AC948
Requests: 1 HTTP requests in this frame

Frame: https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBwiZMnpJaVvcWHlTAcFdNmtrJb_P4aLXc&callback=callback
Frame ID: D47551553290203B3F879F758812C3A2
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=163907756147843784122
Frame ID: A5B7F2AACC279BBF94E969DB13B2149F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Frame ID: 3937AA58558E97CAFB50335B6077418E
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: A5D21D9417A8FF3D2A35B7FC055FB67B
Requests: 2 HTTP requests in this frame

Frame: https://rumble.com/embed/vnupae/?pub=hw409
Frame ID: 4B400785D621953D172D0E5D3156F245
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_l2GqF48gPw
Frame ID: 4A9B2ABB4D90091712A90AF00F42658F
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/O269cn5aS0A
Frame ID: 276E36D7667FD875CE76061098C194DF
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before It's News | People Powered News

Page URL History Show full URLs

http://www.beforeitsnews.com/ HTTP 301
https://www.beforeitsnews.com/ HTTP 302
http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Page Statistics

237
Requests

95 %
HTTPS

51 %
IPv6

47
Domains

74
Subdomains

52
IPs

9
Countries

12711 kB
Transfer

23948 kB
Size

37
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Ticker Tape

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/
Title: Protection Against Toxic EMF Damage - Smart Meter Covers

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/immusist-beverage-concentrate/

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxc93bzg

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNewsGroup
Title: CHAT/CONTRIBUTE ON TELEGRAM - https://t.me/BeforeitsNewsGroup

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/oxy-powder-natural-colon-cleanser-120-capsules/
Title: Try This And You'll Lose 15 Pounds of Extra weight in Your Colon! (VIDEO)

Search URL Search Domain Scan URL

URL: https://t.me/herbonomics
Title: The Last Place You Want to Go, in This Age of Pandemics, Is the Hospital/Medical Clinic/Doctors Office - Follow Us on TELEGRAM

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://0d1bc30khn8aj8baofa0ob1zic.hop.clickbank.net/?tid=BINPBL101021

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720413

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://herbeauty.co/entertainment/6-female-tv-characters-that-deserve-their-own-spinoff/

Search URL Search Domain Scan URL

URL: https://225e505pjo7-s6cf1g5jdswy81.hop.clickbank.net/?tid=BINRTL2121220
Title: Discover How To Survive in North America in Case of an Emergency

Search URL Search Domain Scan URL

URL: https://www.mitocopper.com/

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/

Search URL Search Domain Scan URL

URL: http://5startech.bioptimize.hop.clickbank.net/?w=mag
Title: Magnesium Breakthrough Helps To Eliminate Anxiety, Stress and Promotes Better Sleep and Well-Being

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://brainberries.co/people/10-plus-size-models-that-will-make-you-forget-about-your-girlfriend/

Search URL Search Domain Scan URL

URL: https://brainberries.co/animals/27-cutest-albino-animals-in-the-world/

Search URL Search Domain Scan URL

URL: https://brainberries.co/travel/the-most-stunning-wedding-looks-from-around-the-world/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/7-things-to-know-about-the-taliban/

Search URL Search Domain Scan URL

URL: https://6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net/?tid=BINRTL1&s=suggesteda
Title: Learn The Secret To Manifesting Anything You Desire In Life - It's Easier Than You Think

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://ec085q5dfiz0ib0dis3ar12sae.hop.clickbank.net/?tid=BINRTL7821
Title: Ancient Japanese Tonic Melts 54 LBS Of Fat. Hint: Drink Daily Before 10:00 AM

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/hnex-hydronano-extracellular-water/
Title: HNEX HydroNano EXtracellular Water - Anti-Viral, Anti-Pathogen, Anti-Bacterial - Light Years Beyond Colloidal Silver

Search URL Search Domain Scan URL

URL: https://mitocopper.com/products/emf-blocking-smart-meter-cover
Title: DANGER - Shield Your Smart Meter! Protect Your Family from Illuminati Kill Grid!

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720415

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/6-unforgettable-shows-from-the-90s-that-need-to-make-a-comeback/

Search URL Search Domain Scan URL

URL: https://6456bt1hdmvcfg3tqrvwp1zwh6.hop.clickbank.net/?tid=BINRTL1025
Title: Learn How to Manifest Anything You Desire in Life. Click Here for Proof

Search URL Search Domain Scan URL

URL: https://67c17t4mop5dd2bkqeiatx5n7u.hop.clickbank.net/?tid=BINRTL92321
Title: Attention Men & Women Over Age 55 Struggling To Lose Weight… Discover How The Foods You Eat Every Day Are Making Your Fat Cells SICK… Making it IMPOSSIBLE to Lose Weight

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.beforeitsnews.com/ HTTP 301
https://www.beforeitsnews.com/ HTTP 302
http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://henrymakow.com/upload_images/Jacob-Rothschild--768x512.jpg HTTP 301
https://www.henrymakow.com/upload_images/Jacob-Rothschild--768x512.jpg

Request Chain 77

https://cdn2.customads.co/_js/ajs.js HTTP 301
https://customads.co/_js/ajs.js

Request Chain 167

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east

Request Chain 169

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=6e2e0d18-873f-4df0-a97a-1840f4cf566a

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGI5bEZOT0J5c2pi&muidn=lb9lFNOBysjb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGI5bEZOT0J5c2pi&muidn=lb9lFNOBysjb&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=lb9lFNOBysjb&google_ula={guid},5&google_gid=CAESENuJthW9qzj8aebdSGSCy3A&google_cver=1

Request Chain 171

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=f4943864-893e-4905-9518-67150dd08e09&ttl=1641669561

Request Chain 174

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=oUxO70Cvz2mi5TxW3oFq&pi=mgid&tc=1

Request Chain 175

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lb9lFNOBysjb HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=1601600464650176457&gdpr=0&gdpr_consent= HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 176

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=16df5ec9-eab5-4479-b50f-924b4f99a064

Request Chain 177

https://x.bidswitch.net/sync?dsp_id=303&user_id=lb9lFNOBysjb HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lb9lFNOBysjb HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=48c03ff6-9a04-440e-b806-b3c1f2ca2e0c&gdpr=&gdpr_consent=&us_privacy=

Request Chain 179

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=p5QgmTtqjwUcnRmx1KFGX9GH&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=48c03ff6-9a04-440e-b806-b3c1f2ca2e0c&gdpr=&gdpr_consent=&us_privacy=

237 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
beforeitsnews.com/
Redirect Chain

http://www.beforeitsnews.com/
https://www.beforeitsnews.com/
http://beforeitsnews.com/
https://beforeitsnews.com/

122 KB
24 KB

790ms
790ms

Document
text/html

2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa603bc9e8ce94955c15cbf16286084fc7364e54a86d0541e1db258553ab4936

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6bb095996f201776-FRA
access-control-allow-origin: *
cache-control: private
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-max-age: 3628800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Thu, 09 Dec 2021 19:19:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 09 Dec 2021 20:19:19 GMT
Location: https://beforeitsnews.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6bb095993e7b4e14-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 _KRSshvvWcFjj8eVhUL7TTu75W0.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 30ms
28ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16302386
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: K522D3R0RH0204P8
x-amz-id-2: asuqKPIQP/RST6NJ+S20Sw1PTYqLIM9dgZlD6+5N2El6vJsSdDsTDZBoA0aoi2ufLwyrsyk0Zao=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7f176f4cc71059e93db3ae6263ce5c62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: iruw_GjpCNwc.7p7jDS427AkLHWsll2i
cf-ray: 6bb0959e8faf1776-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27ade501ed1979a72641c4341d674b0ac8268a928ab4f256f55603fef19dc7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 19:19:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Dec 2021 19:19:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Dec 2021 19:19:20 GMT

GET
H2 200 global-bin-rev-20211116.css
beforeitsnews.com/static/css-v3/ 15 KB
4 KB 55ms
53ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c6b9a83f42cb144aa389cd13ebf0d3349818b28170449f11813094ae2492c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2015103
cf-polished: origSize=15789
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:33:00 GMT
server: cloudflare
etag: W/"619396ec-3dad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6bb0959e8fb01776-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:33:33 GMT

GET
H2 200 fancybox-bin-rev-20211116.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 36ms
34ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20211116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2015103
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:33:00 GMT
server: cloudflare
etag: W/"619396ec-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6bb0959e8fb21776-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:33:33 GMT

GET
H2 200 home-bin-rev-20211116.css
beforeitsnews.com/static/css-v3/ 28 KB
7 KB 34ms
33ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20211116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdac3b2e717d6b9c56e993749d915b26847520b8bd7dfb90d1f9089fffe09e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2015093
cf-polished: origSize=29134
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:33:00 GMT
server: cloudflare
etag: W/"619396ec-71ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6bb0959e8fb41776-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:34:13 GMT

GET
H2 200 responsive-bin-rev-20211116.css
beforeitsnews.com/static/css-v3/ 20 KB
4 KB 50ms
49ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20211116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

708e15f646a4a88e3398f55ae92a59a527aeeff35f3a801ba5e575aa1a2ea038

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2015103
cf-polished: origSize=20565
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:33:00 GMT
server: cloudflare
etag: W/"619396ec-5055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6bb0959e8fb51776-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:33:33 GMT

GET
H2 200 web-responsive-bin-rev-20211116.css
beforeitsnews.com/static/css-v3/ 371 B
228 B 45ms
43ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/web-responsive-bin-rev-20211116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2015103
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:33:00 GMT
server: cloudflare
etag: W/"619396ec-173"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6bb0959e8fb71776-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:33:33 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
57 KB 37ms
36ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1185346
cf-polished: origSize=149701
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6bb0959e8fbb1776-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 21 Nov 2021 14:21:42 GMT

GET
H2 200 global-bin-rev-20211116.js Show response
beforeitsnews.com/static/js-v3/ 12 KB
4 KB 42ms
41ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20211116.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2015103
cf-polished: origSize=12613
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:32:22 GMT
server: cloudflare
etag: W/"619396c6-3145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6bb0959e8fbf1776-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:33:33 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 46ms
35ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1901383
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 05 Nov 2022 17:42:36 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959ef8831776-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 44ms
7ms Script
text/javascript 65.9.68.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da8688a50b98af6cfcb106a460d4371795eed39b580da7672083e79149c6f3f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:03:35 GMT
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified: Thu, 09 Dec 2021 12:03:26 GMT
server: AmazonS3
age: 26146
etag: "21900f307f22135fe5dafa6a070e7222"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10981
x-amz-cf-id: kgwikmJ0GMbjcGYpuNyKc46emQvDVBYfxj8qV-mQAgYa69ES1xP1zA==

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 62ms
52ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2403595
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14030
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 08 Nov 2022 21:30:00 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959ef87f1776-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
667 B 39ms
29ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 597873
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 02 Dec 2022 21:11:38 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959ef8841776-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/iP2cRoGcSvY/ 9 KB
9 KB 31ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/iP2cRoGcSvY/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c050b66ae118ff1c11568f6889a2f02fee055c5b9191fc77e5a5417c50817d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:12:11 GMT
x-content-type-options: nosniff
age: 429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9003
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Dec 2021 21:12:11 GMT

GET
H2 200 beforeitsnews.com.720413.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 52ms
25ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce04f323b56e0077f048d5374f6d216ffecf9194e0a0bd6adba77606e3d634

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 4322
last-modified: Thu, 25 Nov 2021 12:42:58 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: Z4KED8073XZ1REV2
x-amz-id-2: 3jzlnOzMtigF2pfVlit5fJNHhpA7yb3TPyxrm59TNSOx6Av/kqXHxLAQd4UoLlxsBCeiIyVe8Xk=
cf-bgj: minify
server: cloudflare
etag: W/"38d52376015ec34e80d8e9a9fb1d1790"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6bb0959f1eb81756-FRA
expires: Thu, 09 Dec 2021 22:19:20 GMT

GET
H2 200 beforeitsnews.com.720415.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 47ms
21ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b857cfbe52d936d0824612351bb35505373cb156799bd45aec58330cf718b7a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 5925
last-modified: Thu, 25 Nov 2021 12:43:40 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: DK5B3GY5JV90YRMG
x-amz-id-2: Ehm7zSqILeKhqH/4p3imAsUb3OU3XhOLn/66B5pTTh1LaIQBFbI5t9Ba5D/hmmdz4q0s3kUhlDc=
cf-bgj: minify
server: cloudflare
etag: W/"c9a970d16aecbb12e7e6001692f3f7d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6bb0959f1eba1756-FRA
expires: Thu, 09 Dec 2021 22:19:20 GMT

GET
H3 200 tabs-bin-rev-20211116.js Show response
beforeitsnews.com/static/js-v3/ 148 B
729 B 47ms
47ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20211116.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2015102
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:32:25 GMT
server: cloudflare
etag: W/"619396c9-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6bb0959eebfa4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:33:33 GMT

GET
H2 200 12098 Show response
calabeshes.xyz/easylist/ 203 KB
42 KB 150ms
98ms Script
text/javascript 2606:4700:3030::ac43:d7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://calabeshes.xyz/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebf8a1b5965b01e16b48d357f730021649c06c60e0ca8f2784eec3acb9424a75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"f564cc1838aa26ce708019e09eaf009153457c7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5ZwryDwOGMrT3OVCpKpTaob%2BcjQvwWS%2B6rtoNdUijfV17exDZpZ2ptstE1nNU8biO3V6r1TBDsXFwUhRSjL49FKRQ3KzFJY5qyNLhFtxqK6%2FVsNTrEnDYCVWgHs82baoawBMKItaLbS%2B9gGow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 6bb0959f3ccad711-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 37ms
16ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a64a315cdaa87a6c18a9c0883753ef89238c37f3e24de873289c0adb6ef27d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36231
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Dec 2021 19:19:20 GMT

GET
H3 200 jsDeferParsing-bin-rev-20211116.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 60ms
60ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211116.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

135d33fda618989589e4d6f2d10fd7febe414dc38724db75a3c92710ccb9a1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2015102
cf-polished: origSize=6188
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:32:24 GMT
server: cloudflare
etag: W/"619396c8-182c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6bb0959eec014a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:33:33 GMT

GET
H3 200 DN2ljmq1lJUOI91HMatC4Qo4fdo.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 49ms
48ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/DN2ljmq1lJUOI91HMatC4Qo4fdo.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 7577083
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: MSMS6XT6HFAS2SRM
x-amz-id-2: DdIxAUr/6USuzdT+5PVX1fN+Ikx6+MO0MlPzwe3pqksXtgBdsm8Qm8WPvHjaOlY26ODca6CTx1w=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7a6e84d6417ab337f05fd7000f282762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: aBVNeaiVU3H7gys1mI2xPATDTQBfk7Cv
cf-ray: 6bb0959eec124a8c-FRA

GET
H3 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
736 B 49ms
49ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 597875
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 100
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 22 Nov 2022 20:12:42 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6bb0959eec144a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 search.png
beforeitsnews.com/img/b4in/ 686 B
1 KB 57ms
57ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1466307
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 686
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 22 Nov 2022 17:28:53 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6bb0959eec174a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v40/ 16 KB
16 KB 32ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb3ad1dc64d18b21f026e0b6c3bd3535da6c8f0e4fe3f63f60503508baef2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 06:56:25 GMT
x-content-type-options: nosniff
age: 562975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16364
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 06:56:25 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v9/ 15 KB
15 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:19:49 GMT
x-content-type-options: nosniff
age: 158371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15124
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:18:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 23:19:49 GMT

GET
H3 200 OIP%20(3)(61).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 26 KB
27 KB 51ms
50ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(3)(61).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf260f6b172f059357ce21174e28c7ae311bafa2b9feb430b85b6c981fad888

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 12069
cf-polished: origSize=28504, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26908
last-modified: Thu, 26 Aug 2021 17:11:52 GMT
server: cloudflare
etag: "6127cb58-6f58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 09 Dec 2022 15:57:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959f4ccd4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 miGPc.qR4e-small-HIGHLIGHTS-DOUBLE-FEATURE-C.jpg
sp.rmbl.ws/s8/1/m/i/G/P/ 136 KB
136 KB 45ms
12ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/m/i/G/P/miGPc.qR4e-small-HIGHLIGHTS-DOUBLE-FEATURE-C.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 2508c7193ba7a9f09cb05d7e92314871d21c6b74ede4b713c0b7fa78fcff18af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
last-modified: Thu, 09 Dec 2021 03:21:36 GMT
server: nginx
etag: "75f3c6e4f99133077efbeef7315e5445"
x-hw: 1639077560.cds011.fr8.hn,1639077560.cds056.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=30768
accept-ranges: bytes
content-length: 138904

GET
H3 200 trump%20(21).jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 46 KB
47 KB 34ms
33ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/trump%20(21).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55a0bb3d483aa0dba9553b12e7789d95cdaa951c3813284ad54c3eef6bdc5c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 79653
cf-polished: origSize=49666, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47047
last-modified: Wed, 08 Dec 2021 21:00:58 GMT
server: cloudflare
etag: "61b11d0a-c202"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 08 Dec 2022 21:05:17 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959f4cd14a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 OymQTzkdGkq0_640x360.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 44 KB
44 KB 45ms
7ms Image
image/jpeg 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/OymQTzkdGkq0_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-722.bunnyinfra.net

Software

BunnyCDN-DE1-722 /

Resource Hash

d4af2da604b0cdef3c883924cf9fc9f9c5652b0211b31785943da8fb891b56e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 12/09/2021 18:11:53
cdn-pullzone: 89010
content-length: 44698
x-amz-request-id: tx00000000000000011408c-0061b238d9-ecc6de5-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-722
last-modified: Thu, 09 Dec 2021 13:47:36 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 39c9e118b4238eb6e0bfc957d7f1342b
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 SINISTER.gif
jamesredpillsamerica.com/images/ 5 MB
5 MB 55ms
20ms Image
image/gif 2606:4700:3036::6815:eb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/SINISTER.gif
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:eb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f2b15cf373ebc35dc3ccdd83ebda927d959f801c3772a8e2b5e481c2209921a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78828
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4839612
last-modified: Wed, 08 Dec 2021 19:55:32 GMT
server: cloudflare
etag: "61b10db4-49d8bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CabYUNDZxpRp0rs1512kKxB6rBIb%2F1Pp%2B%2FClK1uNqopuzHeZ6hO8wtgsZjQJO00S6uQcdB1yspgJreqDoPQ7WpUN16lW1SZFQmMkWi3Odt5zSnQCcABpALrWd4Lyh9D5JWyhdmMoxlB7903Z%2B2SqKeSQI86iI0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959f7a355c44-FRA
expires: Thu, 08 Dec 2022 21:25:32 GMT

GET
H2 200 5x39aw.jpg
i.imgflip.com/ 43 KB
43 KB 75ms
43ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5x39aw.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bf6a94ee85fe7ebb64f7b85076fdb322ded009eef6cd0b485f95b5f47dcd9a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
age: 108344
cf-polished: origSize=44289
cf-ray: 6bb0959f7a0f4dee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43717
x-amz-id-2: n1LXC4EX+WWTo0eTlMROGx8fSR1PjWdrv1yCyq6gKVWyX1REMU4XRGn1/SScD/yR/EcNE0Y3VfY=
last-modified: Wed, 08 Dec 2021 13:05:49 GMT
server: cloudflare
etag: "8c531daa5d2871ee7bcab418bb44bc55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: NXFASGY773459JD8
access-control-allow-origin: *
expires: Sun, 07 Dec 2031 19:19:20 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 5tvv39.jpg
i.imgflip.com/ 43 KB
44 KB 57ms
25ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5tvv39.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b1e560b1a2ddae34bc52fe2a68984955e80df629f7a21c000f4f5f61d2fa09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
age: 2384706
cf-polished: origSize=45161
cf-ray: 6bb0959f7a154dee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44125
x-amz-id-2: FqHAgEn8XcwvvHYL49IInEnFDwOd808FvPjj1mBIabwLXjMQedg80HmucQOW1lWPsnCvjytUK3k=
last-modified: Fri, 12 Nov 2021 04:47:58 GMT
server: cloudflare
etag: "e98d996dfb9d600ee488546fc12a9a8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: BD27ANDWZH71K9FV
access-control-allow-origin: *
expires: Sun, 07 Dec 2031 19:19:20 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 97CNc.qR4e.jpg
sp.rmbl.ws/s8/6/9/7/C/N/ 51 KB
51 KB 58ms
25ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/9/7/C/N/97CNc.qR4e.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 489ad5221d5603f7a6e542d95c186cbd7ee61b4c2c9954c4f31b61ff1256a809

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
last-modified: Thu, 02 Dec 2021 23:22:44 GMT
server: nginx
etag: "33278d436db79c677cf5e752ff218e7e"
x-hw: 1639077560.cds011.fr8.hn,1639077560.cds208.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=69470
accept-ranges: bytes
content-length: 52264

GET
H2 200 35DPc.iR4e-small-Ep.-2647b-They-Never-Though.jpg
sp.rmbl.ws/s8/1/3/5/D/P/ 121 KB
122 KB 66ms
33ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/3/5/D/P/35DPc.iR4e-small-Ep.-2647b-They-Never-Though.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 30bf6e3c0a5e39edf9de6ec430bdb56cefc4d80a69011510478cdadef2a387d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
last-modified: Thu, 09 Dec 2021 00:50:18 GMT
server: nginx
etag: "965180dd24b68213338920b2f3e8e617"
x-hw: 1639077560.cds011.fr8.hn,1639077560.cds288.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=20106
accept-ranges: bytes
content-length: 124376

GET
H2 200 Trump-babies-Cabal.png
i2.wp.com/operationdisclosureofficial.com/wp-content/uploads/2021/01/ 38 KB
39 KB 22ms
6ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/operationdisclosureofficial.com/wp-content/uploads/2021/01/Trump-babies-Cabal.png?w=640&ssl=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6c5472b311cc5cb731d6d9ded2dc1ef1143e97e79a444dd85e58cbb199f1fe62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 09 Dec 2021 19:19:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 16:06:15 GMT
server: nginx
etag: "faf3481fc6687853"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://operationdisclosureofficial.com/wp-content/uploads/2021/01/Trump-babies-Cabal.png>; rel="canonical"
content-length: 39300
expires: Sun, 26 Feb 2023 04:06:15 GMT

GET
H3 200 OIPggggg(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
13 KB 52ms
50ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIPggggg(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deab806da37406b7164fd737d6b60de9d3d863844438852488605564713d4b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 530433
cf-polished: origSize=13496, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12504
last-modified: Wed, 16 Jun 2021 20:57:13 GMT
server: cloudflare
etag: "60ca65a9-34b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 28 Nov 2022 21:09:49 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959f4ce14a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 OIP%20(1)(87).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 28 KB
29 KB 57ms
54ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(87).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a6c4f55b5c201a72c391099aa16ec4d50df5adfc3fae4ec1f694510e2c4e857

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 11809
cf-polished: origSize=29997, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28595
last-modified: Sat, 11 Sep 2021 16:33:17 GMT
server: cloudflare
etag: "613cda4d-752d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 23 Nov 2022 00:47:14 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959f4ce44a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 404 hqdefault.jpg
img.youtube.com/vi/nzMzfLoJlK3o// 1 KB
1 KB 59ms
16ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/nzMzfLoJlK3o//hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Thu, 09 Dec 2021 19:19:50 GMT

GET
H2 200 5x2apg.jpg
i.imgflip.com/ 40 KB
40 KB 39ms
35ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5x2apg.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3b50260a1420ddadfd2d379a4a6ad2d47c4cc790f83de9b7796740467652e8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
age: 130631
cf-polished: origSize=41364
cf-ray: 6bb0959f7a084dee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 40705
x-amz-id-2: 7e4iwytN5aUF/iD/KEHlzDOTy7WQx6HxUdm5CbawQ7S2AnMHc/0WiSDv8Dh7U45sNuvmmA8q1cs=
last-modified: Wed, 08 Dec 2021 06:52:16 GMT
server: cloudflare
etag: "7c0aa91505be50f550d778dd0d547f46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: GBN4WCHPDQF3TQEH
access-control-allow-origin: *
expires: Sun, 07 Dec 2031 19:19:20 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 5x8222.jpg
i.imgflip.com/ 38 KB
38 KB 39ms
35ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5x8222.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19032f51e20cb7f1e73bbac69d2dd6c2cd803cb5f30081783eae2b8f2aa663d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
age: 25545
cf-polished: origSize=39103
cf-ray: 6bb0959f7a0d4dee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38691
x-amz-id-2: oI7AWwRv4UX1NgEWrEimFriOguM64Qgzg4JAoPJkcdFUShiEJKjw2Xe4PlXqNYJbS2y9wWftvm0=
last-modified: Thu, 09 Dec 2021 12:03:26 GMT
server: cloudflare
etag: "c999bc05c97d9d753d3a7a37bde851c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: JWXG0F7XH5PFS9J4
access-control-allow-origin: *
expires: Sun, 07 Dec 2031 19:19:20 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 4ACPc.qR4e-small-Too-Many-Inconsistencies-By.jpg
sp.rmbl.ws/s8/1/4/A/C/P/ 196 KB
196 KB 37ms
34ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/4/A/C/P/4ACPc.qR4e-small-Too-Many-Inconsistencies-By.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 97f6e532b08dd7b9cbc4db63c41c79b2dd81047351afa7e87c5f5efd9752a8e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
last-modified: Wed, 08 Dec 2021 23:05:28 GMT
server: nginx
etag: "6c6a936e54d8a2af04b3ec67fb1bf0d4"
x-hw: 1639077560.cds011.fr8.hn,1639077560.cds201.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=15552
accept-ranges: bytes
content-length: 200331

GET
H3 200 OIP%20(3)(94).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 20 KB
21 KB 59ms
54ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(3)(94).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0627c6dd13c27c24d51fd92042d0caebd8932b804e515007a724eb7da487aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 68514
cf-polished: origSize=22114, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20442
last-modified: Thu, 09 Dec 2021 00:04:24 GMT
server: cloudflare
etag: "61b14808-5662"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 09 Dec 2022 00:05:22 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959f5cf54a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/sXIHuDoGq6E/ 40 KB
40 KB 24ms
8ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/sXIHuDoGq6E/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76eff1f74426f51c44fe6086375e6076db6fa6a538dffaefcc03e6e6298a4908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:16:41 GMT
x-content-type-options: nosniff
age: 159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40568
x-xss-protection: 0
server: sffe
etag: "1639047368"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Dec 2021 19:21:41 GMT

GET
H2 200 5x86vy.jpg
i.imgflip.com/ 73 KB
74 KB 35ms
33ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5x86vy.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e115552b3e43912f766ca156f2db990812d6d925bdfdc3245891ab6b812a1496

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
age: 23173
cf-polished: origSize=75543
cf-ray: 6bb0959f7a124dee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 75208
x-amz-id-2: NsVon/Y50wpB4mo8tDlyvXdjCcOeoSJfVK8qcyr/1PF7UWQ+5SqtIS5Tm3Z0HPIAgFuQdSyzfYI=
last-modified: Thu, 09 Dec 2021 12:45:22 GMT
server: cloudflare
etag: "44da696c52b1c48bdec152dc890c2e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 6M0S0DJCEBZN3CSV
access-control-allow-origin: *
expires: Sun, 07 Dec 2031 19:19:20 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 tCvPc.qR4e-small-SITUATION-UPDATE-12821.jpg
sp.rmbl.ws/s8/1/t/C/v/P/ 115 KB
115 KB 41ms
39ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/t/C/v/P/tCvPc.qR4e-small-SITUATION-UPDATE-12821.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: a70568f3242c272eefc02e82e23693321ba548ce0bb73147265b1b74738f683e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
last-modified: Wed, 08 Dec 2021 16:44:41 GMT
server: nginx
etag: "6eda497ac09a6a7e03423db432abfe6f"
x-hw: 1639077560.cds011.fr8.hn,1639077560.cds203.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=78619
accept-ranges: bytes
content-length: 118007

GET
H3 200 Screenshot%202021-12-09%20123926.jpg
img.beforeitsnews.com/contributor/upload/132622/images/ 40 KB
41 KB 61ms
55ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/132622/images/Screenshot%202021-12-09%20123926.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

633e62ebc42dfea3189788b165a9523d8ab685b60e9cac3d9999c13ee9c61229

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3181
cf-polished: origSize=43781, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 41437
last-modified: Thu, 09 Dec 2021 18:19:56 GMT
server: cloudflare
etag: "61b248cc-ab05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 09 Dec 2022 18:21:37 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959f5cf94a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 OIP%20(6)(15).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
12 KB 68ms
64ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(6)(15).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb77c9667ff4a2a541744040688dcc6f445f96afb7fd89c23969811cc44df2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 75133
cf-polished: origSize=12688, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11831
last-modified: Wed, 24 Nov 2021 21:38:53 GMT
server: cloudflare
etag: "619eb0ed-3190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 24 Nov 2022 21:39:17 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959f5cfc4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 5whdcs.jpg
i.imgflip.com/ 35 KB
35 KB 45ms
43ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5whdcs.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 244ff061991c518ec76060cc65d8155e30e8592a835ac2f17f08ab129a8014ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
age: 542530
cf-polished: origSize=36677
cf-ray: 6bb0959f9a554dee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36073
x-amz-id-2: Aem8tD5mA15V/YvMTYOPge016n0BdbV3H2dyhxDlHJLJ/J7jTg+njsbnWebsBlZivsossPsaaNw=
last-modified: Fri, 03 Dec 2021 12:29:11 GMT
server: cloudflare
etag: "41fe0d021b82d127605fc1c68305fb79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 41PJN4NAVSC1RWT2
access-control-allow-origin: *
expires: Sun, 07 Dec 2031 19:19:20 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 9Txs9EzJzxBj_640x360.jpg
static-3.bitchute.com/live/cover_images/9c7qJvwx7YQT/ 54 KB
55 KB 10ms
8ms Image
image/jpeg 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9c7qJvwx7YQT/9Txs9EzJzxBj_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-722.bunnyinfra.net

Software

BunnyCDN-DE1-722 /

Resource Hash

eacab0a7fe47eb4647845ff393579cf37ce91e523b0f7629f9c7d7e10ab8efcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 12/09/2021 16:10:39
cdn-pullzone: 89010
content-length: 55483
x-amz-request-id: tx0000000000000000f486d-0061b21c6f-ecc6de5-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-722
last-modified: Thu, 09 Dec 2021 08:29:35 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: ee8ded34fdda773f7125021927970fb4
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 HARM-film.jpg
vaccineimpact.com/wp-content/uploads/sites/2/2021/12/ 86 KB
86 KB 565ms
128ms Image
image/jpeg 104.200.19.217
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vaccineimpact.com/wp-content/uploads/sites/2/2021/12/HARM-film.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.200.19.217 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

healthimpactnews.com

Software

nginx /

Resource Hash

514b29f149c603e9a8857f644c960b08a1f48c80860f86be5c48e203e81eca1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
last-modified: Wed, 08 Dec 2021 21:34:08 GMT
server: nginx
etag: "61b124d0-156b2"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=63072000; includeSubdomains;
accept-ranges: bytes
content-length: 87730
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Andreas-Kalcker-head-300x300.jpg
tapnewswire.com/wp-content/uploads/2021/11/ 19 KB
19 KB 1388ms
360ms Image
image/jpeg 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/uploads/2021/11/Andreas-Kalcker-head-300x300.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: e708372195ae32160ef83b134b09c48880408b1944078b1e1657fa9dd58ec13d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
last-modified: Wed, 17 Nov 2021 10:32:19 GMT
server: nginx
accept-ranges: bytes
etag: "4b67-5d0f98e78bbd8"
content-length: 19303
content-type: image/jpeg

GET
H2 200 Americas-Frontline-Doctor-You-Can-Detoxify-Yourself-From-Graphene-Oxide-much-more.jpg
settingbrushfires.com/wp-content/uploads/2021/12/ 894 KB
896 KB 76ms
24ms Image
image/jpeg 2606:4700:3036::ac43:a0fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://settingbrushfires.com/wp-content/uploads/2021/12/Americas-Frontline-Doctor-You-Can-Detoxify-Yourself-From-Graphene-Oxide-much-more.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a0fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Powered Cache
Resource Hash: 3d35b6b8214d250481347d0a693f6a187e51724e6ab3de3dfa507c8e7aa85c0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 414983
x-powered-by: Powered Cache
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 915816
last-modified: Sat, 04 Dec 2021 23:44:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmRqwh3ZMnoqUuA2s7lOX%2FeW4SeztheNVszOWSIxRyelMt%2BIWisPbQMg52YqBGgHIdQwRt%2FNr5ZfY9AcOKi5oiVf8qb6WIKL9cQIEnQ12oL05g9rHT7OrVjOlBWrNzn9sGQuDXTPQZD86SOidH81v8zkF8E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6bb0959ff9fa2bf2-FRA
expires: Fri, 03 Jun 2022 00:02:57 GMT

GET
H3 200 8simon-parkes.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 24 KB
24 KB 68ms
65ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/8simon-parkes.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89777f0d3fe167d55727ea96e76760a8ce938f565d4611e74cbdfc6ba8345f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 77827
cf-polished: origSize=26004, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24181
last-modified: Mon, 11 Jan 2021 18:27:12 GMT
server: cloudflare
etag: "5ffc9880-6594"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 07 Dec 2022 19:42:33 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959f5cfd4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 5vt9iy.jpg
i.imgflip.com/ 46 KB
46 KB 50ms
27ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5vt9iy.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7934a6c4525d44dca72ac96a2c33de26df51c81e4ce131c806cbbf9f50aa18d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
age: 970139
cf-polished: origSize=46985
cf-ray: 6bb0959fddb94e20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 46663
x-amz-id-2: UgbAfcGf5A5WDyGyRY4r+5nwW5x8Bb2NkJ3jfTkrLEJWGGiyMPmD+z5I3q8lWertbkSu1ETJA1s=
last-modified: Sun, 28 Nov 2021 13:44:11 GMT
server: cloudflare
etag: "c4ba9978e86cf661293f9de5b3483e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 7B7HK2C8V6XA1GD7
access-control-allow-origin: *
expires: Sun, 07 Dec 2031 19:19:20 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 DANGEROUS-1.jpg
jamesredpillsamerica.com/images/ 845 KB
846 KB 60ms
27ms Image
image/jpeg 2606:4700:3036::6815:eb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/DANGEROUS-1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:eb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8611f2cf6538047cb0a886ab8950c3bf5c16def2711c83f70bb44814e31136d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1010314
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 865173
last-modified: Sun, 28 Nov 2021 02:35:27 GMT
server: cloudflare
etag: "61a2eaef-d3395"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iP%2BhaEH4ogvr%2FyTRHi6q%2FRTPKd70wbuXHcCmYh7BxZXkwB3VNdduFKQ1GHGPwQILJHOLtS1DI2cxDkIg9hTMF8ckBd8%2FtHCwIyFumZN9JmAgKkIr8qJyXT3VS5I0rsMVl9E0v30WqEFm%2B7hpW1OLlx8U04wmxYo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959fdf82535d-FRA
expires: Mon, 28 Nov 2022 02:40:46 GMT

GET
H2 200 Screen-Shot-2021-12-09-at-10.20.10-AM.png
lisahaven.news/wp-content/uploads/2021/12/ 937 KB
939 KB 146ms
82ms Image
image/png 2606:4700:3034::ac43:b4b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lisahaven.news/wp-content/uploads/2021/12/Screen-Shot-2021-12-09-at-10.20.10-AM.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3034::ac43:b4b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 213cf5e587c62ed934aae5a167c921fecf92ed8e70cd8f5b0827baa9150dda2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5782
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 959974
last-modified: Thu, 09 Dec 2021 17:24:18 GMT
server: cloudflare
etag: "ea5e6-5d2b9e05856d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Spfm9hnTSmEgqd9pUpxsTGRGtShnWGx6EL4S8iB9j2%2Brw1E8UjeT15CI1IonXYYJsI1C9lxBoXY8CmDCSOXN2FUDX%2BkP%2FnASPNoeA1Ub5cwdap3tAJP8SEY61RgZBdeFHx02l7EKlMtJqkD9Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6bb095a01895d6e5-FRA

GET
H3 404 hqdefault.jpg
img.youtube.com/vi/SmnrAL0rFN19// 1 KB
1 KB 48ms
18ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/SmnrAL0rFN19//hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Thu, 09 Dec 2021 19:19:50 GMT

GET
H2 200 H57qgeGmJWqy_640x360.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 35 KB
36 KB 36ms
33ms Image
image/jpeg 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/H57qgeGmJWqy_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-722.bunnyinfra.net

Software

BunnyCDN-DE1-722 /

Resource Hash

03dfae7fd0a1aa5c27af8538fa12279a5e57581d08644b7b5229202092b78467

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cdn-edgestorageid: 752
x-amz-request-id: tx00000000000000a278789-0061b0df04-d18d4c2-nyc3a
cdn-cachedat: 12/08/2021 17:36:20
cdn-pullzone: 89010
content-length: 36162
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-722
last-modified: Wed, 08 Dec 2021 14:53:28 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: c6329cf211b5a6dc7897ef333745da8d
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 K8P6vFpHopgF_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 35 KB
35 KB 24ms
21ms Image
image/jpeg 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/K8P6vFpHopgF_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-722.bunnyinfra.net

Software

BunnyCDN-DE1-722 /

Resource Hash

70e76b5fe0a0fbfcb010c036c10b221f07ac01ccccda0aed73420bc5a2c11407

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx000000000000003301c72-0061aff6cb-dfa25fe-nyc3a
cdn-cachedat: 12/08/2021 01:05:31
cdn-pullzone: 89010
content-length: 35798
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-722
last-modified: Tue, 07 Dec 2021 23:48:28 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 626e379e4182748f83d4fb69d74e4192
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ItNKa1GN55qi_640x360.jpg
static-3.bitchute.com/live/cover_images/9c7qJvwx7YQT/ 65 KB
65 KB 25ms
22ms Image
image/jpeg 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9c7qJvwx7YQT/ItNKa1GN55qi_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-722.bunnyinfra.net

Software

BunnyCDN-DE1-722 /

Resource Hash

8110b3094c8c7104e209dfbe78b29ace36b415dc7a1aaae1a02062229e094353

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cdn-edgestorageid: 722
x-amz-request-id: tx00000000000000a33398c-0061b100a4-d18d4c2-nyc3a
cdn-cachedat: 12/08/2021 19:59:48
cdn-pullzone: 89010
content-length: 66398
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-722
last-modified: Wed, 08 Dec 2021 16:36:25 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: ae9279e9bb86f04c0f868dd795ee4f4e
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 OIP%20(2)(86).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 11 KB
11 KB 70ms
68ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(2)(86).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f0cded6ee425fd5ef1b53442711e42d00173e9343b909101a7a7e45be7c015b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 157703
cf-polished: origSize=13713, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11123
last-modified: Sun, 07 Nov 2021 22:13:20 GMT
server: cloudflare
etag: "61884f80-3591"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 07 Dec 2022 23:09:38 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959f5cfe4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2

200

Jacob-Rothschild--768x512.jpg
www.henrymakow.com/upload_images/
Redirect Chain

https://henrymakow.com/upload_images/Jacob-Rothschild--768x512.jpg
https://www.henrymakow.com/upload_images/Jacob-Rothschild--768x512.jpg

29 KB
30 KB

92ms
22ms

Image
image/jpeg

2606:4700:3032::ac43:d803
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.henrymakow.com/upload_images/Jacob-Rothschild--768x512.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Server: 2606:4700:3032::ac43:d803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11f42b5bccf95a108b4dcc494c235ab8338af5324667f114121e5480aa16f70d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74803
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30112
last-modified: Wed, 08 Dec 2021 21:52:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vmW2tHeAEWt53PWRyQG%2FYrOaB0xO9BAfdNUnXh%2FLXOnStcr53FwaWWJFhv8a6ReSSO22o5vHK01rgnTAmBzQ6Mke%2BXAQQHey2yDqLfMqj%2F6nvb69sW%2FL8%2BY8sZ9yCDNYn7jWZeHMRwb2sF%2B0kzZzy4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6bb095a3b9db6937-FRA
expires: Wed, 15 Dec 2021 22:32:35 GMT

Redirect headers

location: https://www.henrymakow.com/upload_images/Jacob-Rothschild--768x512.jpg
date: Thu, 09 Dec 2021 19:19:19 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 707
content-type: text/html

GET
H3 200 5ui368.jpg
i.imgflip.com/ 61 KB
61 KB 80ms
63ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5ui368.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd2b79e4e02fcb91b547efb348900055a138ccc7e5b0c80b78acc1e7fda57ea5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
age: 1919874
cf-polished: origSize=62884
cf-ray: 6bb0959fddcf4e20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 62425
x-amz-id-2: 4TRQkDZnA3pGgcg1oL7po5sEbQH77tj227L1VWlWVrpjjXf6pHCgfE8SQ6o4WACOh/4KuGIeNEc=
last-modified: Wed, 17 Nov 2021 13:56:46 GMT
server: cloudflare
etag: "ff99b9edb86e3e29022a4f50e5642a18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: S89C60EPS85Z0DP4
access-control-allow-origin: *
expires: Sun, 07 Dec 2031 19:19:20 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 5vxl3r.jpg
i.imgflip.com/ 50 KB
50 KB 71ms
54ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5vxl3r.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36eb02c91aef8c14097a1e9f74797a4010624b4e971b20a0dd0dfcb7e0bffe19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
age: 879412
cf-polished: origSize=51352
cf-ray: 6bb0959fddc64e20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50781
x-amz-id-2: SiS+/qyi6TeheG4NBqY4ZjqK5eLLqquXi4y5CUxBD3g2ofUfJKrigsb4X2U+JFNWk61LDpUT3ZM=
last-modified: Mon, 29 Nov 2021 14:54:31 GMT
server: cloudflare
etag: "b73c457f826c97878d17d864d0b07a5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: K0F6GYFGJXN7EMJH
access-control-allow-origin: *
expires: Sun, 07 Dec 2031 19:19:20 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 Screenshot%202021-12-06%20203943.jpg
img.beforeitsnews.com/contributor/upload/132622/images/ 23 KB
24 KB 71ms
69ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/132622/images/Screenshot%202021-12-06%20203943.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19454bdd9d884122da710f59f648eaa8769e9a04fcefe14f64ffeec270ceacff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 58109
cf-polished: origSize=25018, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23617
last-modified: Thu, 09 Dec 2021 02:56:04 GMT
server: cloudflare
etag: "61b17044-61ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 09 Dec 2022 03:01:36 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959f5d004a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 2021_05_11-03_02-redvoicemedia-6099f3ad10f42.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 22 KB
23 KB 71ms
70ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/2021_05_11-03_02-redvoicemedia-6099f3ad10f42.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f810b28de9346b9574fca0b9a15f4acc101e7f20d6863fe3ff86f3badf1f1a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 693159
cf-polished: origSize=24183, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22836
last-modified: Wed, 25 Aug 2021 21:06:51 GMT
server: cloudflare
etag: "6126b0eb-5e77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 21:11:26 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959f5d024a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 photo_2021-12-05_14-02-20.jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 9 KB
10 KB 84ms
82ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/photo_2021-12-05_14-02-20.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d2fd9c5ee272dd7b913c1d63bd26920e77f29ba5f069d7c01ba72e1a7afcc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 261887
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9179
last-modified: Mon, 06 Dec 2021 18:25:14 GMT
server: cloudflare
etag: "61ae558a-23db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 06 Dec 2022 18:27:03 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bb0959f5d034a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Catherine-Austin-Fitts-Planet-Lockdown.jpg
thewashingtonstandard.com/wp-content/uploads/2021/12/ 34 KB
34 KB 366ms
24ms Image
image/jpeg 2606:4700:3036::ac43:d037
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thewashingtonstandard.com/wp-content/uploads/2021/12/Catherine-Austin-Fitts-Planet-Lockdown.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d037 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Powered Cache
Resource Hash: 5b527ae09fbd258f6bbfc9c7fffb59ac72cd7607712da06316a48f67ac4e5150

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 508302
x-powered-by: Powered Cache
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34497
last-modified: Fri, 03 Dec 2021 22:05:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJexRSZm30882AGJBIQTjXc%2FmTN7Fe7roDemAtloe8%2FC5Me4vjbUS0eA2%2BalRsAC1h5%2FEcFgIYNFQdBMZzWnBMMoIjFclH54TrR%2F7vzFPMDWj%2Bbrgx%2BDonqYeE6sAMGcRTw9B%2BOe8QRLpNKs0tPpl4K2F37dXyoi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6bb095a1e9382c2a-FRA
expires: Wed, 01 Jun 2022 22:07:38 GMT

GET
H2 200 /
external-content.duckduckgo.com/iu/ 29 KB
31 KB 85ms
36ms Image
image/jpeg 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fdavidicke.com%2Fwp-content%2Fuploads%2F2020%2F11%2FVACCINE-BIOWEAPON-IMAGE-500x278.jpg&f=1&nofb=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

3c528fc2ed97937cedc6b11bfd8c0b8471c85ff1a8649987a92139a090ebcf87

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-duckduckgo-locale: de_DE
strict-transport-security: max-age=31536000
referrer-policy: origin
server: nginx
date: Thu, 09 Dec 2021 19:19:20 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1;mode=block
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
x-content-type-options: nosniff
expires: Fri, 09 Dec 2022 19:19:20 GMT

GET
H2 200 TPOOc.qR4e-small-SITUATION-UPDATE-12621.jpg
sp.rmbl.ws/s8/1/T/P/O/O/ 79 KB
79 KB 26ms
22ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/T/P/O/O/TPOOc.qR4e-small-SITUATION-UPDATE-12621.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c22a4cca0ebabae70ce0a3f7e46f0b740d7e08d54ff5c0a9ca827eb9b54592a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
last-modified: Mon, 06 Dec 2021 17:43:57 GMT
server: nginx
etag: "14e4e0faca610191596436b716bb4e97"
x-hw: 1639077560.cds011.fr8.hn,1639077560.cds264.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=82106
accept-ranges: bytes
content-length: 80794

GET
H2 200 The-Guardian-of-International-Peace-Facebook-560x446.jpg
theeconomiccollapseblog.com/wp-content/uploads/2021/12/ 73 KB
74 KB 629ms
124ms Image
image/jpeg 96.125.172.62
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theeconomiccollapseblog.com/wp-content/uploads/2021/12/The-Guardian-of-International-Peace-Facebook-560x446.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 96.125.172.62 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 5104708.theeconomiccollapseblog.com
Software: Apache /
Resource Hash: 3f51523f40898e53fa62d5cdffc618a54461e631077bf409f2157ef68d8ef3d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:18 GMT
last-modified: Thu, 09 Dec 2021 03:07:23 GMT
server: Apache
accept-ranges: bytes
content-length: 75002
content-type: image/jpeg

GET
H3 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
16 KB 50ms
50ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1003936
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15334
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 20 Nov 2022 06:01:54 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6bb0959f8d644a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame 60B1 18 KB
7 KB 86ms
16ms Document
text/html 65.9.68.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-47.fra56.r.cloudfront.net

Software

tv /

Resource Hash

84550dbe0d29861f3e605c8820baba346cb2b8fcfd2d1dfaacd24a441a59b471

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' blob: https://.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://.doubleclick.net/ https://.googleadservices.com/ https://adservice.google.com/ https://.googlesyndication.com/ https://.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://.paypal.com/ https://platform.twitter.com 'nonce-D+bt6lqUpngc2NJL5kpXig=='; base-uri 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; report-uri /csp-report/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
date: Thu, 09 Dec 2021 19:17:39 GMT
expires: Thu, 09 Dec 2021 19:19:39 GMT
cache-control: max-age=120
content-security-policy: script-src 'self' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://*.paypal.com/ https://platform.twitter.com 'nonce-D+bt6lqUpngc2NJL5kpXig=='; base-uri 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; report-uri /csp-report/
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Cookie
x-cache: Hit from cloudfront
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 8uEEK__E2XY7aToNPvp7FoulzJAdfs9rJhBSS0oLbtuUHZm4aFk_aA==
age: 101

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame 6704 2 KB
1 KB 47ms
30ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202111919
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b41a067e2b2e92a067c64e4198a0eacbfe70bcd2ed479cf9930885ecafee5d8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 5898
last-modified: Thu, 25 Nov 2021 12:53:21 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: CY6QH59N94KFQ7VQ
x-amz-id-2: 3p0cSzbOCsLuRDrWktogTL4jR5LEdzbgM0DhZVbbibJkBKfAG/cipqEB5mpkqw/AXifwYsS8cJQ=
cf-bgj: minify
server: cloudflare
etag: W/"ff298f2f4a7d915b5239420e6246c9a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6bb095a00e446937-FRA
expires: Thu, 09 Dec 2021 22:19:20 GMT

GET
H3 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
43 KB 38ms
38ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1261445
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43060
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 04 Nov 2022 16:08:51 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6bb0959fee374a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 beforeitsnews.com.720413.es6.js Show response
jsc.mgid.com/b/e/ 240 KB
71 KB 37ms
37ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65c2a83f12dd71564d562882533b7f33425641afb960bf5c7c3302c7fbbb31d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 3847
last-modified: Thu, 02 Dec 2021 14:14:08 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: DPKP4NE31R823XCY
x-amz-id-2: 1HmqjxytTDNUK6TuK9RdLHdbVrisQlLdJhcJP/H0x71n97rPd2qItmMolHwrTzY1LTme0JK0dkA=
cf-bgj: minify
server: cloudflare
etag: W/"0b101d2ef08b4b6a1f13c40f5f1aa89f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6bb095a01e7c6937-FRA
expires: Thu, 09 Dec 2021 22:19:20 GMT

GET
H2

200

ajs.js Show response
customads.co/_js/
Redirect Chain

https://cdn2.customads.co/_js/ajs.js
https://customads.co/_js/ajs.js

5 KB
3 KB

147ms
117ms

Script
application/javascript

35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 18:35:31 GMT
etag: W/"14de-17da07aa1d1"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 google
cache-control: public, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Thu, 09 Dec 2021 19:19:20 GMT
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
location: https://customads.co/_js/ajs.js
cache-control: private
content-length: 228
x-amz-cf-id: womsFeyu2pF-EgD0Fkt8vxEg8J7AX1UTXWT5qgu5_f8p10SFNcjzSA==

GET
H3 200 beforeitsnews.com.720415.es6.js Show response
jsc.mgid.com/b/e/ 240 KB
71 KB 39ms
38ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0d0c846c3fb83999d5d8152ce19308e4c2e697f49d3ed84a8666c3be9e88307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 4620
last-modified: Thu, 02 Dec 2021 14:19:13 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 59B9F0NFMSC95D7E
x-amz-id-2: vVTF9ekUPkqEvxBGGZreN8qHe68BEtuliE+krzgs8F0Ad6KB1IQ4jqzI5N9Nk+3AtYssOHUulvU=
cf-bgj: minify
server: cloudflare
etag: W/"6b6dfe8d7e7c8e86491d8fbe70cc277b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6bb095a06f5e6937-FRA
expires: Thu, 09 Dec 2021 22:19:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 76ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6d11086330eab19b963928df89c773c5b28c28bc552e0f87577d6e21bbc33ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51923
x-xss-protection: 0
server: cafe
etag: 18013762351631582959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 19:19:20 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
636 B 68ms
36ms Script
application/javascript 2606:4700:3035::6815:40f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:40f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42189
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9
last-modified: Thu, 09 Dec 2021 07:36:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iED3EcWDmYaFzdvG2siGbp9LnWaNAf4uMaJ%2BtIsTdCoCYqxQSX4NpKAqxYEtiFtblA%2F1qwY4X1PPlh27pMPi9qKm77Se7tQ1LWUsVTEiewPpE1Bw4siLiXhQkbETnf%2FFR%2FfTqQYXBs78"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6bb095a16d466922-FRA

GET
H2 200 adcode.png
rddywd.com/ 43 B
664 B 93ms
37ms Image
image/gif 2606:4700:3035::6815:40f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:40f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39041
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjJT3YglsdFgqso8nr%2B1k8ZjaB4vn7A5S1EjKsnB2%2BXtfp%2BWGhrj%2B2xmBAxgJH9NWYKkMADYhzDJS4hT9QGmkZ67HHI7P39zkRGi0QelgyyjX7l3kDKZruMrAx%2Fs32g40DFeT5UxbaaC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6bb095a19eb96921-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
178 B 33ms
5ms Image
text/plain 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 52ms
52ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1001928
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2250
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 22 Nov 2022 21:37:34 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6bb095a06f374a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
597 B 819ms
775ms XHR
text/html 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9a023bc5459b2a4a970eba28b9338dee413ebc59da10391351f866d8a879300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6bb095a0ee3d5bfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16

GET
H2 200 maxresdefault-1.jpg
www.mydailyinformer.com/wp-content/uploads/2019/09/ 14 KB
15 KB 229ms
34ms Image
image/jpeg 2606:4700:3033::ac43:bbb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mydailyinformer.com/wp-content/uploads/2019/09/maxresdefault-1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bbb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cce1f1710ef4c579d4396afac90dd5bd5e89ba7f306735e8d08ad65aee47dfe3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1798
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14442
last-modified: Sun, 15 Sep 2019 10:09:59 GMT
server: cloudflare
etag: "386a-59294b09d67c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8f69cOshpN1%2BVWTuxsztWNLood1EbdGk4P1ZKKku5ECoOcsUgTCMBb8SXAGsJG2lyLH%2BGQp8enNJC3g3Z0kNvDisc87WGhicYOFQMGZ2gHobA52Igismkxk5EFVEMjc2H%2BLqgwp12y9GG1dpkqavqWf0MShRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb095a2bdac2b16-FRA

GET
H2 200 a27d24_36d52fe6e426431d9bf4d3f19fd5d2b2~mv2.webp
static.wixstatic.com/media/a27d24_36d52fe6e426431d9bf4d3f19fd5d2b2~mv2.jpg/v1/fill/w_292,h_219,fp_0.50_0.50,q_90/ 14 KB
14 KB 22ms
7ms Image
image/webp 34.102.176.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/a27d24_36d52fe6e426431d9bf4d3f19fd5d2b2~mv2.jpg/v1/fill/w_292,h_219,fp_0.50_0.50,q_90/a27d24_36d52fe6e426431d9bf4d3f19fd5d2b2~mv2.webp
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: 58b7c11629c86153983ea3b2010525f308606bed19379e528f84b51a46252a63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 23:22:16 GMT
via: 1.1 google
server: openresty/1.19.9.1
age: 71824
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 221Wn3GmoPLL443UENsO7t1JYHa
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14076
x-seen-by: image-manipulator-55f9c7bc4c-j9kdp

GET
H3 200 beforeitsnews.com.351459.es6.js Show response
jsc.mgid.com/b/e/ Frame 6704 239 KB
71 KB 42ms
40ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202111919
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a8c9e2a5fd99b9fca9b06e29d2f8cfe449f4b7edadf601fb5e73e295b06ecdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 4219
last-modified: Thu, 02 Dec 2021 14:02:26 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 59B19W6KM9MTH4D8
x-amz-id-2: d7d5pE70fbs/Z4FFKuZEHkm+OS0Ka5eYs66wEZo59uQDis5GRznykOtKMxlqmdnad/AT4d9L97c=
cf-bgj: minify
server: cloudflare
etag: W/"1b342fb77615ff0b32c0d08618976e92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6bb095a0e90a6937-FRA
expires: Thu, 09 Dec 2021 22:19:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1093
date: Thu, 09 Dec 2021 19:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 09 Dec 2021 21:01:07 GMT

GET
H2 200 en.366e56a7cc8602e2.js Show response
s.tradingview.com/static/localization/translations/ Frame 60B1 441 KB
70 KB 14ms
13ms Script
application/javascript 65.9.68.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/localization/translations/en.366e56a7cc8602e2.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-47.fra56.r.cloudfront.net

Software

tv /

Resource Hash

9a6d928f3be6677210bb42cfb2edf7f3a251d0393034f18c8bfc38b9f6e08712

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204914
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 07 Dec 2021 08:53:43 GMT
server: tv
etag: W/"61af2117-1139b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: OkeLv3mFyLnDCPM1zgX55rKMbHaAEyDcuEvw6sLQA2pz9ZUzi3g4EA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.e89cd03387c34bafce2a.js Show response
s.tradingview.com/static/bundles/embed/ Frame 60B1 43 KB
23 KB 16ms
16ms Script
application/javascript 65.9.68.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/runtime.e89cd03387c34bafce2a.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-47.fra56.r.cloudfront.net

Software

tv /

Resource Hash

1b725bc04fdfdc2a1446ef481a6669f189988bf9eb5a94ca55d8660e837977b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26114
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 09 Dec 2021 11:46:00 GMT
server: tv
etag: W/"61b1ec78-5b77"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: NW--QhtvPp6vQ0b5eeSw3G780mP7qX_vPBafe2uhlPOc221oKfxx8A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors_embed.45e8ecdebd83be95d548.js Show response
s.tradingview.com/static/bundles/embed/ Frame 60B1 143 KB
47 KB 8ms
6ms Script
application/javascript 65.9.68.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/vendors_embed.45e8ecdebd83be95d548.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-47.fra56.r.cloudfront.net

Software

tv /

Resource Hash

02937596dfc9e6713980d18d0d49f18cc6d3a306a78bf76ca2fc122ced40467b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204915
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 07 Dec 2021 08:54:07 GMT
server: tv
etag: W/"61af212f-ba6f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: jEgn1P5nhIyaBLXwMjsW2LOL3KU8vgUllEyHQCBXhnzTDxkNRKRZXg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.5602c89461f2c0224469.js Show response
s.tradingview.com/static/bundles/embed/ Frame 60B1 276 KB
79 KB 9ms
8ms Script
application/javascript 65.9.68.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.5602c89461f2c0224469.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-47.fra56.r.cloudfront.net

Software

tv /

Resource Hash

0b01ebf95bf0bc238f2ccc2e8c272903e5f6e1a0f1acac160fa9692e6e82606b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 10:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30673
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 09 Dec 2021 09:14:04 GMT
server: tv
etag: W/"61b1c8dc-1378d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Gba6SmGyi4dZqKsimxw4jU0h_as0y0e7caqeLIrVoIP1DyNH1zT1WA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css_embed_normalize.0f19b168d88c5e2b6ad0.css
s.tradingview.com/static/bundles/embed/ Frame 60B1 1 KB
1 KB 17ms
16ms Stylesheet
text/css 65.9.68.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/css_embed_normalize.0f19b168d88c5e2b6ad0.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-47.fra56.r.cloudfront.net

Software

tv /

Resource Hash

6d1da18bcbaa7c9281f213e1815476a74289e661714323d7b59df17706969d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 10:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2623335
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 09 Nov 2021 10:06:01 GMT
server: tv
etag: W/"618a4809-2be"
vary: Accept-Encoding
content-type: text/css
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: wS4yMvdP4ijivTVBiA4BDdQdbhi9mwQXmGBZ3wAdXXprr1WUOq-jxQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.ffe1705f470d9fe5dfbc.css
s.tradingview.com/static/bundles/embed/ Frame 60B1 26 KB
4 KB 17ms
17ms Stylesheet
text/css 65.9.68.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.ffe1705f470d9fe5dfbc.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-47.fra56.r.cloudfront.net

Software

tv /

Resource Hash

d34a06bcb15ea477cd15f71108f36d9a1aedcd94b34e369780bf30e99459bd13

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 02:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1357648
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 23 Nov 2021 10:26:12 GMT
server: tv
etag: W/"619cc1c4-f8d"
vary: Accept-Encoding
content-type: text/css
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: gtbNpBlQBzxkQH24ceMbeR4MuvjA7j912DvlDNSYfC4cFvVdCsEgcg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 1CCE 11 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 09 Dec 2021 18:37:20 GMT
expires: Thu, 23 Dec 2021 18:37:20 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 2520
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 60B1 90 KB
35 KB 29ms
15ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.5602c89461f2c0224469.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a703324deb3778f1cdbf10e22a80c9b7cac603f4cb15406461b70a54815d8b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36173
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Dec 2021 19:19:20 GMT

GET
H2 200 63158.982f1e40be21040b888f.css
s.tradingview.com/static/bundles/embed/ Frame 60B1 801 B
758 B 7ms
7ms Stylesheet
text/css 65.9.68.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/63158.982f1e40be21040b888f.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.e89cd03387c34bafce2a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-47.fra56.r.cloudfront.net

Software

tv /

Resource Hash

76844492baae9acad7de5a10b830bc7a22e97852a4a4859866104e84cf973b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 10:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2623333
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 09 Nov 2021 10:06:02 GMT
server: tv
etag: W/"618a480a-104"
vary: Accept-Encoding
content-type: text/css
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ntIM35YE_6jpFYac0xbg1duuGiUC1O6Wo2hyE-mBdZFoP7AesEbpwA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tradingview-copyright-data-impl.ac00c2813da1ebf015c3.js Show response
s.tradingview.com/static/bundles/embed/ Frame 60B1 4 KB
3 KB 7ms
7ms Script
application/javascript 65.9.68.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.ac00c2813da1ebf015c3.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.e89cd03387c34bafce2a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-47.fra56.r.cloudfront.net

Software

tv /

Resource Hash

3f5eacbef8f64653af592eae02fd061cfd623a33b36ae1c761974f581f19ce7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 10:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2365453
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 12 Nov 2021 08:51:09 GMT
server: tv
etag: W/"618e2afd-8b0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: FvI_7d8lWoAj8lTNT3-UhkAlFITieAk3du7YdGZ_K6uLJ3x8KIZbPw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 60B1 49 KB
20 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1093
date: Thu, 09 Dec 2021 19:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 09 Dec 2021 21:01:07 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=257590682&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1362972537&gjid=165834671&cid=776797826.1639077561&tid=UA-16055024-1&_gid=1812269679.1639077561&_r=1&gtm=2ouc10&z=209564081

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 8301289771671655 Show response
customads.co/lad/ Frame 7D50 1 KB
1 KB 137ms
127ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
content-type: text/html; charset=utf-8
content-length: 1376
date: Thu, 09 Dec 2021 19:19:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 10864438442185062 Show response
customads.co/lad/ Frame 5D93 1 KB
1 KB 122ms
120ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
content-type: text/html; charset=utf-8
content-length: 1376
date: Thu, 09 Dec 2021 19:19:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 49ms
17ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16055024-1&cid=776797826.1639077561&jid=1362972537&gjid=165834671&_gid=1812269679.1639077561&_u=YEBAAUAAAAAAAC~&z=1207150398

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 09 Dec 2021 19:19:20 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 68ms
46ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16055024-1&cid=776797826.1639077561&jid=1362972537&_u=YEBAAUAAAAAAAC~&z=99309720

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 92ms
50ms Image
image/gif 2a00:1450:4016:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16055024-1&cid=776797826.1639077561&jid=1362972537&_u=YEBAAUAAAAAAAC~&z=99309720

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4016:809::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc.js Show response
stats.g.doubleclick.net/ Frame 5D93 45 KB
17 KB 31ms
15ms Script
text/javascript 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2206
date: Thu, 09 Dec 2021 18:42:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Thu, 09 Dec 2021 20:42:34 GMT

GET
H3 200 dc.js Show response
stats.g.doubleclick.net/ Frame 7D50 45 KB
17 KB 32ms
18ms Script
text/javascript 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2206
date: Thu, 09 Dec 2021 18:42:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Thu, 09 Dec 2021 20:42:34 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
303 B 46ms
35ms Script
text/plain 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=16390775611032966621&uniqId=11af3&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=61b256b9-1372b&pageView=1&pvid=17da0a2c310a3caf621&site=310742&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6bb095a4ffb41756-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 34ms
25ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 6137
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: TV9EGYWE00S199ZT
x-amz-id-2: PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6bb095a538021756-FRA
expires: Fri, 10 Dec 2021 19:19:21 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
813 B 34ms
26ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 6136
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6bb095a538041756-FRA
expires: Fri, 10 Dec 2021 19:19:21 GMT

GET
H3 200 jsDynamic-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 5 KB
2 KB 29ms
29ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211116.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bee09fc277d6ccee88223868eb868bb9fd9166e2d6163df385ddc4c07628bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2594382
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:10:31 GMT
server: cloudflare
etag: W/"61681027-155d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6bb095a56a104a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 13:26:41 GMT

GET
H3 200 responsive-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
1 KB 30ms
30ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211116.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2594382
cf-polished: origSize=1728
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:10:32 GMT
server: cloudflare
etag: W/"61681028-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6bb095a56a154a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 13:26:41 GMT

GET
H3 200 validate-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 27ms
27ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211116.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2594382
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 08 Aug 2021 18:37:11 GMT
server: cloudflare
etag: W/"61102457-19fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6bb095a56a164a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 16 Oct 2021 18:40:12 GMT

GET
H3 200 loadmore-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
3 KB 31ms
31ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211116.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2594382
cf-polished: origSize=14745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:10:32 GMT
server: cloudflare
etag: W/"61681028-3999"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6bb095a56a1a4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 27 Oct 2021 06:03:54 GMT

GET
H3 200 lazy-loading-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 124 B
691 B 28ms
28ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/lazy-loading-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211116.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2594382
cf-polished: origSize=173
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 08 Aug 2021 18:37:09 GMT
server: cloudflare
etag: W/"61102455-ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6bb095a56a1c4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sat, 16 Oct 2021 18:40:12 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 77 KB
27 KB 57ms
35ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211116.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a1c3bf9db120bf9ab9752a0f5b70b7cd9f9f1f11c7c91ec7006bc15b076b75c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 22ms
21ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 6137
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: TV9EGYWE00S199ZT
x-amz-id-2: PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6bb095a59f8f6937-FRA
expires: Fri, 10 Dec 2021 19:19:21 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 22ms
21ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 6136
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6bb095a59f946937-FRA
expires: Fri, 10 Dec 2021 19:19:21 GMT

GET
H2 200 1 Show response
servicer.mgid.com/720413/ 1 KB
987 B 37ms
26ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720413/1?pv=5&cbuster=1639077561208170129370&uniqId=11af3&niet=4g&nisd=false&jsv=es6&w=370&h=330&cols=1&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=61b256b9-1372b&pageView=1&pvid=17da0a2c310a3caf621&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01f36489c4dad10af4cdf89dfc1433ed583bca6d49fb477c4f79bb9010659381

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6bb095a5a8fc1756-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/720415/ 1 KB
859 B 36ms
29ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720415/1?w=370&h=330&cols=1&pv=5&cbuster=1639077561209606939386&uniqId=1281e&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=61b256b9-1372b&pageView=0&pvid=17da0a2c310a3caf621&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 162131086f4ad596930a083ad221950828011d76482125f21d777f0535a868a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6bb095a5a8ff1756-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 showing.php Show response
a1.beforeitsnews.com/dAjax/ 123 KB
12 KB 724ms
714ms XHR
text/html 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.beforeitsnews.com/dAjax/showing.php?_=1639077561214

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df0eab8748cc51829ab106a86593827906f02449e006e282138237ce3951590e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private
cf-ray: 6bb095a5ab735bfd-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 85ms
53ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20211116.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55b4a8ebd4ce4144242d6bb9d0ebb65a01b2759e67243ed5badc3ac96c6fd396

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1570
etag: W/"2d763adca2b6a93c45e5b76bff1f8c5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6bb095a5e8cd4dfa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 12 Dec 2021 19:19:21 GMT

GET
H3 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:18:06 GMT
x-content-type-options: nosniff
age: 201675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 11:18:06 GMT

GET
H2 200 ebay.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 1 KB
1 KB 88ms
10ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/ebay.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:17:37 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:07 GMT
server: AmazonS3
age: 446
etag: W/"10fc27643c8debeb225d244f546f3641"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 10fc27643c8debeb225d244f546f3641
x-amz-cf-id: aDgOWWH_MUd6r8k08c0g-mUAcx0tWwdLoRPIsjIz-f6aaEy4H-Xlug==

GET
H2 200 paypal.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 1 KB
1 KB 85ms
8ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/paypal.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:49:52 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:02:09 GMT
server: AmazonS3
age: 1810
etag: W/"65eea60fcee5ecdfdbb1acd1ba7cc66b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 65eea60fcee5ecdfdbb1acd1ba7cc66b
x-amz-cf-id: WAZRAnvkC3em6TmMql1exBx2sf77tVvtWJ56JfvDNKY_YJuFTO3uJQ==

GET
H2 200 gamestop.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 1 KB
1 KB 85ms
8ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/gamestop.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:11:13 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:53:53 GMT
server: AmazonS3
age: 497
etag: W/"bbf56edc1acae4673f8e03ab9e3e2290"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: bbf56edc1acae4673f8e03ab9e3e2290
x-amz-cf-id: tqb4bsphpphINIZPWnWyizzmSlyFoNx59L3WIKFAdr5qJFV0INSOjA==

GET
H2 200 dillards.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 522 B
919 B 87ms
10ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/dillards.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:28:58 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:49 GMT
server: AmazonS3
age: 3170
etag: "fe0a346dd65be84d3e810b04e0ec4c77"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: fe0a346dd65be84d3e810b04e0ec4c77
content-length: 522
x-amz-cf-id: gqfYI9QxsovFk84K1EZtpEIoxsV2cG9Fw3w9qLSdsKXvEls6VBRqzg==

GET
H2 200 fedex.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 182 B
580 B 88ms
12ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/fedex.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:16:10 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:21 GMT
server: AmazonS3
age: 237
etag: "a4fcbd383e2f657b6528f4aa95844de5"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: a4fcbd383e2f657b6528f4aa95844de5
content-length: 182
x-amz-cf-id: -D1OVrWdcOBRN7sm5Fi8f8T4fZjdLYIRkJgAkp4hKxhScpf3enS9Cw==

GET
H2 200 united-parcel.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 1 KB
1 KB 86ms
10ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/united-parcel.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:28:36 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:56:05 GMT
server: AmazonS3
age: 3116
etag: W/"ffadcdfb231eca2a6bddb9ca0efde5be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: ffadcdfb231eca2a6bddb9ca0efde5be
x-amz-cf-id: yaO_BPA5P5-TcVlrRtkGb8Ov6TOHj1EB364w7YX66LO20EiQa4n6tA==

GET
H2 200 amazon.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 1 KB
1 KB 14ms
8ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/amazon.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:51:01 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:49 GMT
server: AmazonS3
age: 1701
etag: W/"839d24db4574bb8543cec9624d3e1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
x-amz-cf-id: uSZAw0VFdntPOGY-sXK_STZ-CFksdaAVq0KEMqi7TWl66exqHoTkuA==

GET
H2 200 crispr-therapeutics-ag.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 1 KB
1 KB 14ms
8ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crispr-therapeutics-ag.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:56:01 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:03:06 GMT
server: AmazonS3
age: 1438
etag: W/"16a44c1a6154b68c7aa2fa206e59c817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 16a44c1a6154b68c7aa2fa206e59c817
x-amz-cf-id: 3YAxxJ-DVgpAOw2mYuhrOznMne5w3L0g8V0v9JyuqIc7G9p-LEXkyw==

GET
H2 200 tesla.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 508 B
896 B 13ms
7ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/tesla.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:25:25 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:16 GMT
server: AmazonS3
age: 3237
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
content-length: 508
x-amz-cf-id: M4zc5k4_mxhjUgXmeF1M5His0-LNCw3kkgabyKqm-iFvTk42ecAAlQ==

GET
H2 200 microsoft.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 304 B
692 B 16ms
11ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/microsoft.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:42:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
server: AmazonS3
age: 2230
etag: "074d127e2f9fd8c2e79c01a5f002979c"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
content-length: 304
x-amz-cf-id: ybf1vyOy_CqkSWc7eL6xUyCPYW-Hl8ubfxAO5NSgyWipOUudp5vMZw==

GET
H2 200 berkshire-hathaway.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 1 KB
1 KB 17ms
11ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/berkshire-hathaway.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:25:58 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:25 GMT
server: AmazonS3
age: 3214
etag: W/"7c18bc7ae368cb48e47ba8066bb6f18d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 7c18bc7ae368cb48e47ba8066bb6f18d
x-amz-cf-id: pFKJk695WPoGFGgAKxMAgSODkwf6MkCr8oP4VzrfcTaG8ndl6rwUvA==

GET
H2 200 alphabet.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 761 B
1 KB 14ms
9ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/alphabet.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:00:42 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:55:20 GMT
server: AmazonS3
age: 1136
etag: "d721ee9258a9e765f67ec5dfb05d72f2"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: d721ee9258a9e765f67ec5dfb05d72f2
content-length: 761
x-amz-cf-id: kHbbwwaOW20In3la-ONtwr1jgEOa6uVAecQwvKpH1WIOfpwQWIxKoA==

GET
H2 200 twitter.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 635 B
1 KB 17ms
12ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/twitter.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:49:45 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:54:59 GMT
server: AmazonS3
age: 2004
etag: "4c66a5172a9c77ab75e140f5079218ec"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 4c66a5172a9c77ab75e140f5079218ec
content-length: 635
x-amz-cf-id: EUz13O-ErmJvcYoONJApc8o88o7UI-cN69CNwDlpJemFrUAzOxTC7w==

GET
H2 200 meta-platforms.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 786 B
1 KB 17ms
12ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/meta-platforms.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:25:39 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Fri, 05 Nov 2021 11:07:13 GMT
server: AmazonS3
age: 3226
etag: "cafd1d7d717ad67e5dbe45b88fa3d47b"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: cafd1d7d717ad67e5dbe45b88fa3d47b
content-length: 786
x-amz-cf-id: z9RC-Xt5AKShlT_Jr8k9fQkzOnV3mRMnm4krhVwSJc0Z8Ou1b9rk2A==

GET
H2 200 apple.svg
s3-symbol-logo.tradingview.com/ Frame 60B1 1 KB
1 KB 15ms
10ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/apple.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:06:39 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
server: AmazonS3
age: 763
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
x-amz-cf-id: iTdLELxbJw23M28Eh9e_SzTqW4WUTuNJTxSnM_jefu_-Ald8EnS4WQ==

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 60B1 523 B
913 B 15ms
10ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:10:09 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:05:18 GMT
server: AmazonS3
age: 553
etag: "4542d4ecd73f04c73affa787a4522596"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
content-length: 523
x-amz-cf-id: gKHAmgQHWX0UFZAJlQ7pKRgYV6Xvl_BbWiDlo_ttFMhXwQSQ3i_6vQ==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 60B1 801 B
1 KB 16ms
11ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:33:08 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:03:52 GMT
server: AmazonS3
age: 2773
etag: "107060b925841745f310697bd9f1f83d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
content-length: 801
x-amz-cf-id: hcdw2OYZIaIxws-Q4F6y9TQDJPTbUZrnpX50vwl6sdn3RXEb1rJxvg==

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 60B1 3 KB
795 B 75ms
6ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:35:51 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
server: AmazonS3
age: 2611
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
x-amz-cf-id: Vw8o7_1K6dXNXTV3Y5ZxdIGVrAaQN_lpo-c6DPjdrxuhUR0G9T-rmg==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 60B1 870 B
1 KB 75ms
7ms Image
image/svg+xml 2600:9000:2057:1200:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:18:15 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
server: AmazonS3
age: 67
etag: "e9173ef4613c3da43c45885ea39c4b96"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
content-length: 870
x-amz-cf-id: PcOhY87ZDG3DUQvl-LhMdbe3e6pjj0KbSax8XeJE18_OmwQJOtN54A==

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 28ms
6ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.VxDkSCiucxo.O/d=1/rs=AN8SPfqzW7r3hTh53zV3Wutei3mGK4UKog/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:32:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 09 Dec 2021 19:32:10 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.VxDkSCiucxo.O/am=AQ/d=1/exm=el_conf/ed=1/rs=AN8SPfqA9sxh8mITpzdEVrnMvDC40Psmqg/ 223 KB
76 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.VxDkSCiucxo.O/am=AQ/d=1/exm=el_conf/ed=1/rs=AN8SPfqA9sxh8mITpzdEVrnMvDC40Psmqg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.VxDkSCiucxo.O/d=1/rs=AN8SPfqzW7r3hTh53zV3Wutei3mGK4UKog/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d9ac70e6b4108042f3974dc74bac723cd44c65435a071dca3c9871b7f1d7d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 10:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77953
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 20:12:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 10:32:07 GMT

GET
H3 200 1 Show response
servicer.mgid.com/351459/ 3 KB
2 KB 49ms
47ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=370&h=1095&cols=1&pv=5&cbuster=1639077561323646933191&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=61b256b9-1372b&pageView=0&pvid=17da0a2c310a3caf621&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd90ec72beb1362b15b014eadcb0ab4408417960fbb9a035eb6e620ea1f60d41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6bb095a649a76937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
69 KB 58ms
40ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba83c227cde7d4c34fb514ccd483305e8dfef365e6b2b70a126f2d73adaa1691

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3247
etag: W/"bac537a7eba0b66473f70a7a4bf837c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6bb095a66a2dc295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 12 Dec 2021 19:19:21 GMT

GET
H3 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 23ms
22ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 6137
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: TV9EGYWE00S199ZT
x-amz-id-2: PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6bb095a669d76937-FRA
expires: Fri, 10 Dec 2021 19:19:21 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 28ms
27ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 6136
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6bb095a669de6937-FRA
expires: Fri, 10 Dec 2021 19:19:21 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8193501/492x328/16x0x492x328/ 10 KB
11 KB 47ms
17ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193501/492x328/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1639077561-ODZd7viL7SOyivv4VLBJQO7m5nNxelGZtHbdtKWq35s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c87cd4624a12ffbe183030d53888a7bc88e46b8dcc08a856b064fa1093b82634

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 02:10:03 GMT
x-mg-request-uuid: 1a67d3f6-9dd3-461b-aa08-5e31ea9dfc16
age: 2452808
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb095a68afd699b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10504
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzkwOTJiNWU3Y2NkNjllMjk4ODVmNTc5ZjFjMDlkMmE1LmpwZWc.webp
s-img.mgid.com/g/4147871/492x328/30x0x1083x722/ 13 KB
14 KB 57ms
30ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4147871/492x328/30x0x1083x722/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzkwOTJiNWU3Y2NkNjllMjk4ODVmNTc5ZjFjMDlkMmE1LmpwZWc.webp?v=1639077561-nNhLMXAQEkpyxYPjogSvGidoAzLehZc8PuhPc_KjnP0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc9301b2d9fbb7099d5d62ccd0067caea1ec5a3ffa5cfa577fedd43a440e85d7

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:24:30 GMT
x-mg-request-uuid: 3c9e7ab3-36fd-4147-9bc2-4f49ce35b276
age: 5976783
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb095a68afe699b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13730
server: cloudflare

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 29ms
7ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:50:00 GMT
x-content-type-options: nosniff
age: 1761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Dec 2022 18:50:00 GMT

GET
H3 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 4816 18 KB
3 KB 21ms
6ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.VxDkSCiucxo.O/am=AQ/d=1/exm=el_conf/ed=1/rs=AN8SPfqA9sxh8mITpzdEVrnMvDC40Psmqg/m=el_main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:32:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 09 Dec 2021 19:32:10 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 26ms
7ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:05:35 GMT
x-content-type-options: nosniff
age: 826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Dec 2022 19:05:35 GMT

GET
H3 200 cleardot.gif
www.google.com/images/ 43 B
65 B 32ms
15ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/ 4 KB
2 KB 30ms
23ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3fcfbc03c34fd3131f7431183ffa37e2f4bbcd1a999813ea8c8c9a76d8ee29d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 945
cf-polished: origSize=4420
status: 200 OK
x-envoy-upstream-service-time: 30
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6610eb86-fb78-4295-9761-8423279f8585
x-runtime: 0.028279
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d1ea014853ed61e42d7c5700a24592c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6bb095a72baa4dfa-FRA
access-control-allow-headers: SDK-Version
expires: Thu, 09 Dec 2021 20:19:21 GMT

GET
H2 200 supportedLanguages Show response
translate-pa.googleapis.com/v1/ Frame D475 14 KB
2 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBwiZMnpJaVvcWHlTAcFdNmtrJb_P4aLXc&callback=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-length: 1213
x-xss-protection: 0
expires: Thu, 09 Dec 2021 19:19:21 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
1019 B 168ms
158ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1639077561464777731473
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2c1c8e1f82ef788b4e38537df203b67aa3b5db99f4b9bbc7e72c254c3b34de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb095a73b9a1756-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 22ms
21ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 6137
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: TV9EGYWE00S199ZT
x-amz-id-2: PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6bb095a73c3d6937-FRA
expires: Fri, 10 Dec 2021 19:19:21 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 18ms
18ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 6136
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6bb095a73c416937-FRA
expires: Fri, 10 Dec 2021 19:19:21 GMT

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2FlZTM3NTQ4NzJjN2ZkYWU5ODFkZmIyZDM5M2E1YTg1LmpwZz90PTE0OTgxNjE3NTQxODQ.webp
s-img.mgid.com/g/3805604/492x277/0x0x799x532/ 9 KB
10 KB 151ms
127ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805604/492x277/0x0x799x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2FlZTM3NTQ4NzJjN2ZkYWU5ODFkZmIyZDM5M2E1YTg1LmpwZz90PTE0OTgxNjE3NTQxODQ.webp?v=1639077561-hcjPbz_YcNBjl1-CnfJ1BgZURL4Qptl3mhkGoRM_K3o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df0f6440bfff5ad7ea3b8e6a09007a50337e2e3f579efc30546391b7a7df740a

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:56:23 GMT
x-mg-request-uuid: 63e766dc-1fd3-4dd4-bc7c-c71cd95f490e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb095a76c7a6901-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9216
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzI5YzJmMTJhMmJhYWMxOTA2OTJjOWE3NWI3ZDM3ZWI1LmpwZz90PTE0OTc5ODEyMTMzMDg.webp
s-img.mgid.com/g/3805476/492x277/0x0x629x419/ 15 KB
16 KB 44ms
20ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805476/492x277/0x0x629x419/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzI5YzJmMTJhMmJhYWMxOTA2OTJjOWE3NWI3ZDM3ZWI1LmpwZz90PTE0OTc5ODEyMTMzMDg.webp?v=1639077561-tU_rPnFafHAAgkyylDnjfEZSPO9g_fgU9TzYWFRQjXQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7e32e5e847040d47488bb18845a0f48df86610553087c54e8acadeb81e08314

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:57:17 GMT
x-mg-request-uuid: 03cd3802-2870-4b33-bdbe-d8ea3c30d76a
age: 2095094
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb095a76c786901-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15702
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTQ3N2RhNGQwMjcyZGRlZjJkZmFiNWQ2ZmZkZDIxLmpwZWc.webp
s-img.mgid.com/g/3865508/492x277/0x0x1599x1066/ 5 KB
6 KB 52ms
28ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3865508/492x277/0x0x1599x1066/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTQ3N2RhNGQwMjcyZGRlZjJkZmFiNWQ2ZmZkZDIxLmpwZWc.webp?v=1639077561-EN2ltJLC2DR-kwTnHIOcgitJs2-d3ykt6F-EtVsk38o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d61963e08fdbce470534af0e1b6bd541459ab1e8b35d474662c19f3a65c097c

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:56:29 GMT
x-mg-request-uuid: 91be67b0-a1d1-4632-afef-86b6933007c6
age: 2313866
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb095a76c816901-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5172
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvMDdhODEzYjljMTYyZDIxN...
s-img.mgid.com/g/10881037/492x277/-/ 10 KB
11 KB 51ms
27ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10881037/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvMDdhODEzYjljMTYyZDIxNDEzYzdmZDViNTExNDk2OTkuanBlZw.webp?v=1639077561-nezrUaBRmqxuBgLjrblEuaL86NgIKgd-MJtfZXoT9I0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be395db7df33a757ee407d1545183f57f8b387745ec2fabb3d44cbc7d47a2411

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 13:47:28 GMT
x-mg-request-uuid: f0e3aa40-50a0-4cc6-bcb1-481d924e536f
age: 5635456
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb095a76c7e6901-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10240
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame A5B7 19 B
266 B 147ms
147ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=163907756147843784122
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb095a74ba11756-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 7ms
6ms Image
image/gif 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 11:21:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 115097
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 08 Dec 2022 11:21:04 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 24ms
24ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1568
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 6bb095a78c1cc295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 12 Dec 2021 19:19:21 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3937
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east

281 B
554 B

77ms
8ms

Document
text/html

104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1639077561464777731473
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Dec 2021 19:19:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Date: Thu, 09 Dec 2021 19:19:21 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame A5D2 1 KB
885 B 341ms
72ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1639077561464777731473
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

Server: VertaMedia 1.0
Date: Thu, 09 Dec 2021 19:19:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 600
Access-Control-Allow-Origin: https://beforeitsnews.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=6e2e0d18-873f-4df0-a97a-1840f4cf566a

43 B
592 B

169ms
167ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=6e2e0d18-873f-4df0-a97a-1840f4cf566a
Protocol: H3
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb095ad2db56937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=6e2e0d18-873f-4df0-a97a-1840f4cf566a
date: Thu, 09 Dec 2021 19:19:22 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGI5bEZOT0J5c2pi&muidn=lb9lFNOBysjb
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGI5bEZOT0J5c2pi&muidn=lb9lFNOBysjb&google_tc=
https://cm.mgid.com/google?muidn=lb9lFNOBysjb&google_ula={guid},5&google_gid=CAESENuJthW9qzj8aebdSGSCy3A&google_cver=1

0
376 B

164ms
164ms

Image
text/plain

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=lb9lFNOBysjb&google_ula={guid},5&google_gid=CAESENuJthW9qzj8aebdSGSCy3A&google_cver=1
Protocol: H3
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6bb095a919936937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=lb9lFNOBysjb&google_ula={guid},5&google_gid=CAESENuJthW9qzj8aebdSGSCy3A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=f4943864-893e-4905-9518-67150dd08e09&ttl=1641669561

43 B
560 B

146ms
145ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=f4943864-893e-4905-9518-67150dd08e09&ttl=1641669561
Protocol: H3
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb095a97ab46937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=f4943864-893e-4905-9518-67150dd08e09&ttl=1641669561
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 mw
mwzeom.zeotap.com/ 95 B
456 B 52ms
28ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=lb9lFNOBysjb&zpartnerid=1532&zdid=1532
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
cf-ray: 6bb095a89a2c702e-FRA
access-control-allow-headers: *
content-length: 95

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
495 B 115ms
86ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=lb9lFNOBysjb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6bb095a8aafed6d1-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=oUxO70Cvz2mi5TxW3oFq&pi=mgid&tc=1

43 B
560 B

147ms
147ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=oUxO70Cvz2mi5TxW3oFq&pi=mgid&tc=1
Protocol: H3
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb095a919946937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=oUxO70Cvz2mi5TxW3oFq&pi=mgid&tc=1
pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT, Thu, 09 Dec 2021 19:19:21 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lb9lFNOBysjb
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=1601600464650176457&gdpr=0&gdpr_consent=
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

0
239 B

49ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 19:19:22 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=16df5ec9-eab5-4479-b50f-924b4f99a064

43 B
561 B

135ms
134ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=665953&c=16df5ec9-eab5-4479-b50f-924b4f99a064
Protocol: H3
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb095a99b156937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=16df5ec9-eab5-4479-b50f-924b4f99a064
date: Thu, 09 Dec 2021 19:19:21 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=lb9lFNOBysjb
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lb9lFNOBysjb
https://cm.mgid.com/m?cdsp=433145&c=48c03ff6-9a04-440e-b806-b3c1f2ca2e0c&gdpr=&gdpr_consent=&us_privacy=

43 B
561 B

147ms
147ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=48c03ff6-9a04-440e-b806-b3c1f2ca2e0c&gdpr=&gdpr_consent=&us_privacy=
Protocol: H3
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb095a8d8fd6937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location: //cm.mgid.com/m?cdsp=433145&c=48c03ff6-9a04-440e-b806-b3c1f2ca2e0c&gdpr=&gdpr_consent=&us_privacy=
Date: Thu, 09 Dec 2021 19:19:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
413 B 92ms
63ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=lb9lFNOBysjb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6bb095a8aaf94a79-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=p5QgmTtqjwUcnRmx1KFGX9GH&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=48c03ff6-9a04-440e-b806-b3c1f2ca2e0c&gdpr=&gdpr_consent=&us_privacy=

43 B
577 B

142ms
141ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=48c03ff6-9a04-440e-b806-b3c1f2ca2e0c&gdpr=&gdpr_consent=&us_privacy=
Protocol: H3
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb095aaded06937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location: //cm.mgid.com/m?cdsp=433145&c=48c03ff6-9a04-440e-b806-b3c1f2ca2e0c&gdpr=&gdpr_consent=&us_privacy=
Date: Thu, 09 Dec 2021 19:19:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3937 32 KB
10 KB 7ms
7ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 87eddedd2d5c528960a4851583fd6dd917c1893db2ee14ecbfd4809093ac6a71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 19:19:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 17:06:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37116
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9506
Expires: Fri, 10 Dec 2021 05:37:57 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3937 284 B
536 B 30ms
9ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/jpg

GET
H2 200 / Show response
rumble.com/embed/vnupae/ Frame 4B40 17 KB
7 KB 317ms
102ms Document
text/html 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/vnupae/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

85b805e265fcc68af3415af9163faecba91bb249c303535621bfd1c1ba823fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

server: nginx
date: Thu, 09 Dec 2021 19:19:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://rumble.com/vqgvek-bringing-it-all-together-5g-the-shot-censorship-and-control-time-to-smash-i.html>; rel="canonical"
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br

GET
H2 200 _l2GqF48gPw Show response
www.youtube.com/embed/ Frame 4A9B 59 KB
25 KB 67ms
64ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/_l2GqF48gPw

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9151d469432297acfa233188a09081715e274b83441201ac3e5cb78c30b48540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Dec 2021 19:19:22 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 e58c7edb95ae13d0d8502a4ba6f11889c4f0e99c.jpeg
beforeitsnews.com/img/i2021/12/ 11 KB
11 KB 29ms
28ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/12/e58c7edb95ae13d0d8502a4ba6f11889c4f0e99c.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd95e208ef021f3ca1b85dc6874d2050b901d1939e0fe0a69db9d669fe584d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 740308
cf-polished: origSize=11953, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10887
last-modified: Wed, 21 Aug 2019 02:38:48 GMT
server: cloudflare
etag: "5d5caeb8-2eb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 01 Dec 2022 05:00:17 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6bb095aa5c874a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 1254f8aeb6052793b95b5f24352a623f1c485941.jpeg
beforeitsnews.com/img/i2021/12/ 13 KB
13 KB 30ms
28ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/12/1254f8aeb6052793b95b5f24352a623f1c485941.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d23a42bddab61b2b5d6aaa2428483ed8e502f5107a3eab8cc733b6b86913514

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 742757
cf-polished: origSize=13891, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13053
last-modified: Wed, 21 Aug 2019 02:22:47 GMT
server: cloudflare
etag: "5d5caaf7-3643"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 01 Dec 2022 05:00:02 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6bb095aa5c8e4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 2b3c08fb4e44c851887bd2235f945a9ef6082259.jpeg
beforeitsnews.com/img/i2021/12/ 16 KB
17 KB 28ms
25ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/12/2b3c08fb4e44c851887bd2235f945a9ef6082259.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5564f90bc308b63c9d97d4f87a1bd58d1fa41dc8af75135da90ddc84ff8561ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 742402
cf-polished: origSize=17860, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16357
last-modified: Thu, 28 Mar 2019 00:39:43 GMT
server: cloudflare
etag: "5c9c17cf-45c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 01 Dec 2022 05:00:02 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6bb095aa5c8f4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 4d414e65062e5cf65657538917dbd86cddece9f2.jpg
beforeitsnews.com/img/banner_contract/ 51 KB
52 KB 36ms
34ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/4d414e65062e5cf65657538917dbd86cddece9f2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba8bc161394d0f1fd1a2117405b99c2ff97fdd2bbf274310faeeba1f4129b1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 592279
cf-polished: origSize=59870, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 52616
last-modified: Mon, 01 Nov 2021 22:43:47 GMT
server: cloudflare
etag: "61806da3-e9de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 02 Dec 2022 22:44:05 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6bb095aa5c914a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg
beforeitsnews.com/img/banner_contract/ 46 KB
46 KB 30ms
28ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba2ec1f0e483b39c4f96db14778f55eceafa2ef67aa2b49c532a2cb24a52377b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1320666
cf-polished: origSize=51812, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 46878
last-modified: Sat, 22 May 2021 12:15:55 GMT
server: cloudflare
etag: "60a8f5fb-ca64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 20 Nov 2022 11:49:25 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6bb095aa5c924a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
beforeitsnews.com/img/banner_contract/ 36 KB
36 KB 34ms
32ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2219473
cf-polished: origSize=36512, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36504
last-modified: Sat, 22 May 2021 12:16:37 GMT
server: cloudflare
etag: "60a8f625-8ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 20 Oct 2022 05:59:29 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6bb095aa5c934a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 dcf09c8773644d031c1df11dd4352afcab7d6112.jpg
beforeitsnews.com/img/banner_contract/ 59 KB
59 KB 30ms
28ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/dcf09c8773644d031c1df11dd4352afcab7d6112.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed390e84c9cbc129328c6da9ead576f839b6fec67eb9ace1b32740f4641953a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2403847
cf-polished: origFmt=jpeg, origSize=149331
content-disposition: inline; filename="dcf09c8773644d031c1df11dd4352afcab7d6112.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60198
last-modified: Mon, 11 Oct 2021 07:26:58 GMT
server: cloudflare
etag: "6163e742-24753"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 08 Nov 2022 20:33:26 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6bb095aa5c944a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 O269cn5aS0A Show response
www.youtube.com/embed/ Frame 276E 59 KB
25 KB 47ms
46ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/O269cn5aS0A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

352ef4a236f2beb4d04384c705b394ca70b8f49cace30556a6611ba7383e7110

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Dec 2021 19:19:22 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET csync
sync.adtelligent.com/ Frame A5D2 0
0

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/ 44 B
563 B 310ms
299ms Fetch
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200 OK
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5b117a82-c133-4a3a-aba5-dedf8a213871
x-runtime: 0.008035
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e51140cdcd044ad76335646936ec5319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6bb095aad8e96934-FRA
access-control-allow-headers: SDK-Version

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/46ac5f60/ Frame 4A9B 336 KB
46 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_l2GqF48gPw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6ec215ae1f79058f76e3ac67a8637b37baadf10dabcd5450b0cc8d0fa97934a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_l2GqF48gPw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47257
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 09 Dec 2022 06:08:07 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/ Frame 4A9B 219 KB
71 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_l2GqF48gPw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5498bc67ac496a3fc5af517d67021c41a5c96115e91bf953fc4d3e754b41ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_l2GqF48gPw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 05:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73167
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 09 Dec 2022 05:47:19 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/ Frame 4A9B 2 MB
526 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_l2GqF48gPw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d24f62c32af98af1804be380a821385f1f76220ff21c4207172ba9bbc2f7d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_l2GqF48gPw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 538358
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Dec 2022 19:37:20 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/46ac5f60/fetch-polyfill.vflset/ Frame 4A9B 8 KB
3 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_l2GqF48gPw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_l2GqF48gPw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 04:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 09 Dec 2022 04:01:27 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A9B 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_l2GqF48gPw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:18:05 GMT
x-content-type-options: nosniff
age: 201677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 11:18:05 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/46ac5f60/ Frame 276E 336 KB
46 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6ec215ae1f79058f76e3ac67a8637b37baadf10dabcd5450b0cc8d0fa97934a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47257
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 09 Dec 2022 06:08:07 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/ Frame 276E 219 KB
71 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5498bc67ac496a3fc5af517d67021c41a5c96115e91bf953fc4d3e754b41ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 05:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73167
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 09 Dec 2022 05:47:19 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/ Frame 276E 2 MB
526 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d24f62c32af98af1804be380a821385f1f76220ff21c4207172ba9bbc2f7d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 538358
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Dec 2022 19:37:20 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/46ac5f60/fetch-polyfill.vflset/ Frame 276E 8 KB
3 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 04:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 09 Dec 2022 04:01:27 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 276E 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:18:05 GMT
x-content-type-options: nosniff
age: 201677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 11:18:05 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 4A9B 113 B
159 B 32ms
16ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c58b254a6afed13a1a1d9bf2ae8041a68e3f451f30f332d07fd27a006f6c3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4A9B 29 B
588 B 27ms
6ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:05:25 GMT
x-content-type-options: nosniff
age: 837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Dec 2021 19:20:25 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 276E 113 B
159 B 14ms
14ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb1424af13f3339c7474a2c74d42fcde8cd933f29bf901264064b5141cbb15f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 276E 29 B
54 B 21ms
6ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:05:25 GMT
x-content-type-options: nosniff
age: 837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Dec 2021 19:20:25 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/ Frame 4A9B 94 KB
29 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8d2d5f209843357c521bc9e45c43341f93933bd4ac31f7b4024931a62e82af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_l2GqF48gPw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29831
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Dec 2022 19:37:20 GMT

GET
H3 200 rWCfdBK9hkr-GeLj9QRuCso3BFcjlApMhGl7nQ6MSRw.js Show response
www.google.com/js/th/ Frame 4A9B 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/rWCfdBK9hkr-GeLj9QRuCso3BFcjlApMhGl7nQ6MSRw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad609f7412bd864afe19e2e3f5046e0aca37045723940a4c84697b9d0e8c491c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 16:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13412
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 16:06:14 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/ Frame 4A9B 24 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0a5e84d37c0709a0ee28281b1678c168ade905efb0edd03c9aaffbf8614d144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_l2GqF48gPw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171654
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7357
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Dec 2022 19:38:28 GMT

GET
DATA 200
OK truncated
/ Frame 4A9B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQw6KbEYJ4_a7X1svR2JAdf6gw51PI40xVc3_PL=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4A9B 5 KB
5 KB 30ms
7ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQw6KbEYJ4_a7X1svR2JAdf6gw51PI40xVc3_PL=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_l2GqF48gPw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

60c75dbd33a76d3b77c123860edb584370828f1b45e6f27deece8145799c9bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:54:03 GMT
x-content-type-options: nosniff
age: 12319
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4765
x-xss-protection: 0
server: fife
etag: "v1c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 20:13:16 GMT

GET
H3 200 sddefault.jpg
i.ytimg.com/vi/_l2GqF48gPw/ Frame 4A9B 37 KB
37 KB 26ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/_l2GqF48gPw/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_l2GqF48gPw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b562815482b43f78d76bd8f185be8cce4096132d1a57e3bdf3e95d740f098c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:16:28 GMT
x-content-type-options: nosniff
age: 174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38170
x-xss-protection: 0
server: sffe
etag: "1639015946"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Dec 2021 19:21:28 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/ Frame 276E 94 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8d2d5f209843357c521bc9e45c43341f93933bd4ac31f7b4024931a62e82af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29831
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Dec 2022 19:37:20 GMT

GET
H3 200 rWCfdBK9hkr-GeLj9QRuCso3BFcjlApMhGl7nQ6MSRw.js Show response
www.google.com/js/th/ Frame 276E 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/rWCfdBK9hkr-GeLj9QRuCso3BFcjlApMhGl7nQ6MSRw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad609f7412bd864afe19e2e3f5046e0aca37045723940a4c84697b9d0e8c491c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 16:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13412
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 16:06:14 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/ Frame 276E 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0a5e84d37c0709a0ee28281b1678c168ade905efb0edd03c9aaffbf8614d144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171654
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7357
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Dec 2022 19:38:28 GMT

GET
DATA 200
OK truncated
/ Frame 276E 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AKedOLTZ4NJqz-u9ZALlc4YAhxhCJQj1j-xHBTDAW0YI=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 276E 3 KB
3 KB 29ms
7ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTZ4NJqz-u9ZALlc4YAhxhCJQj1j-xHBTDAW0YI=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5150c8e85b6d2724e872dd52d7038be2ef769c804e36207b6d7e1e68bd5c252c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:44:31 GMT
x-content-type-options: nosniff
age: 12891
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2678
x-xss-protection: 0
server: fife
etag: "vf"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 06:33:05 GMT

GET
H3 200 sddefault.jpg
i.ytimg.com/vi/O269cn5aS0A/ Frame 276E 35 KB
35 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/O269cn5aS0A/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

822f142bd39b370c21d7d140512b75f804c6626ee55cb3372ac1df62f55c2f2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 17:45:34 GMT
x-content-type-options: nosniff
age: 5628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36249
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Dec 2021 19:45:34 GMT

GET
H3 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
2 KB 27ms
26ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 922239
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 22 Nov 2022 17:33:03 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6bb095ad2aee4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame 4B40 68 KB
25 KB 104ms
104ms Script
application/javascript 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=290

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vnupae/?pub=hw409

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cb677e5e49585993b23e98195084ba0673f7a3026338401dce3222dcf3690ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/vnupae/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
content-encoding: br
last-modified: Wed, 20 Oct 2021 21:26:49 GMT
server: nginx
etag: W/"61708999-111af"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 8ZLPc.OvCc-small-Bringing-It-All-Together-5G.jpg
sp.rmbl.ws/s8/1/8/Z/L/P/ Frame 4B40 95 KB
95 KB 11ms
11ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/8/Z/L/P/8ZLPc.OvCc-small-Bringing-It-All-Together-5G.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vnupae/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 283f7f0b7b8220370e7f8998f857aacbf5617f67077ff4d8ed3349dd68fdc987

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
last-modified: Thu, 09 Dec 2021 15:46:44 GMT
server: nginx
etag: "8e38c954229ad32480aa3d3992123531"
x-hw: 1639077562.cds011.fr8.hn,1639077562.cds016.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=73669
accept-ranges: bytes
content-length: 97413

GET
H2 206 8ZLPc.caa.rec.mp4
sp.rmbl.ws/s8/2/8/Z/L/P/ Frame 4B40 5 MB
0 10ms
10ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/8/Z/L/P/8ZLPc.caa.rec.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vnupae/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://rumble.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
last-modified: Thu, 09 Dec 2021 12:51:35 GMT
server: nginx
access-control-allow-origin: *
etag: "13915b032b836bd67cabd6e67d22ca29-79"
x-hw: 1639077562.cds011.fr8.hn,1639077562.cds288.fr8.c
content-type: video/mp4
Content-Range: bytes 0-409930485/409930486
cache-control: max-age=63209
accept-ranges: bytes
Content-Length: 409930486

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4A9B 4 KB
2 KB 78ms
56ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Dec 2021 19:19:22 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 276E 4 KB
2 KB 40ms
24ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Dec 2021 19:19:22 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 4A9B 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?lMg_3w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_l2GqF48gPw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 276E 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Wx3Srw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:19:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ Frame 276E 52 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 16:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Fri, 10 Dec 2021 16:58:50 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4B40 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=290

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1095
date: Thu, 09 Dec 2021 19:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 09 Dec 2021 21:01:07 GMT

POST
H2 200 view...nupae.8gbpg
rumble.com/l/ Frame 4B40 35 B
191 B 103ms
103ms Ping
image/gif 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...nupae.8gbpg?p=2.3&r=91788781&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=290

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://rumble.com/embed/vnupae/?pub=hw409
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 09 Dec 2021 19:19:22 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ Frame 4A9B 52 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 16:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Fri, 10 Dec 2021 16:58:50 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 4B40 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=683672536&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.vnupae%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Bringing%20It%20All%20Together%3A%205G%2C%20The%20Shot%2C%20Censorship%20%26%20Control%20-%20Time%20To%20Smash%20It%20All%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&_u=YEBAAEABAAAAAC~&jid=1379854020&gjid=1093066103&cid=1416784537.1639077563&tid=UA-44331619-1&_gid=280215697.1639077563&_r=1&_slc=1&z=1039306478

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 4B40 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=683672536&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.vnupae%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Bringing%20It%20All%20Together%3A%205G%2C%20The%20Shot%2C%20Censorship%20%26%20Control%20-%20Time%20To%20Smash%20It%20All%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&ec=Embed&ea=View&el=vnupae&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1416784537.1639077563&tid=UA-44331619-1&_gid=280215697.1639077563&z=84398466

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vnupae/?pub=hw409

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 16:58:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8433
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 4B40 4 B
25 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-44331619-1&cid=1416784537.1639077563&jid=1379854020&gjid=1093066103&_gid=280215697.1639077563&_u=YEBAAEAAAAAAAC~&z=1681991918

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 09 Dec 2021 19:19:22 GMT
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 4B40 42 B
63 B 49ms
48ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44331619-1&cid=1416784537.1639077563&jid=1379854020&_u=YEBAAEAAAAAAAC~&z=784380183

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame 4B40 42 B
63 B 106ms
74ms Image
image/gif 2a00:1450:4016:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44331619-1&cid=1416784537.1639077563&jid=1379854020&_u=YEBAAEAAAAAAAC~&z=784380183

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4016:809::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 19:19:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 276E 28 B
54 B 23ms
22ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/O269cn5aS0A
X-YouTube-Client-Version: 1.20211205.00.02
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt3cHRWVUNuS2FEayi6rcmNBg%3D%3D
X-YouTube-Ad-Signals: dt=1639077562200&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C370%2C246&vis=1&wgl=true&ca_type=image&bid=ANyPxKrc4GYth-1GSNZqlpMy74d8wHbeV-xuBRTIy8MtO1FHea-c92l3lPHK1OywKGe_xFRBKIqIrnFRF6lPJO9Fkx09VuSc_g

Response headers

date: Thu, 09 Dec 2021 19:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 09 Dec 2021 19:19:24 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4A9B 28 B
54 B 20ms
19ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_l2GqF48gPw
X-YouTube-Client-Version: 1.20211205.00.02
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtLZDMwOGlzZ0REdyi5rcmNBg%3D%3D
X-YouTube-Ad-Signals: dt=1639077562168&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C367%2C245&vis=1&wgl=true&ca_type=image&bid=ANyPxKpm44XC5AmvH4ohhcGcoW5P6QIdvUH9ZFZS0bnQFVUzTrHDbgvwDgIm04RL7kVRUP44I__XNdzWc2IiYpQ9ZBRqQCvhog

Response headers

date: Thu, 09 Dec 2021 19:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 09 Dec 2021 19:19:24 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Verdicts & Comments Add Verdict or Comment

306 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s3
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s2
beforeitsnews.com/	1970-01-19 23:18:05	Name: __cflb Value: 0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyA2LwdkhriVV
.mgid.com/	1970-01-19 23:17:59	Name: __cf_bm Value: mvFwme3j195X4zw2626sozLSY2j4ZfwjZbT16tG.UY4-1639077560-0-ARuF12H/6keqxPnYftQJhPQnDQHI5ljT2XTSGYBfvgEzhbE8iMfkmaCA9uZU2QjysK9FyGDHyfKxoNXSzRKnpX8=
beforeitsnews.com/	1970-01-20 23:17:57	Name: b4in-uuid Value: 837731b9-edf3-4dec-ab48-144fe9c5fd34
.beforeitsnews.com/	1970-01-20 16:49:09	Name: _ga Value: GA1.2.776797826.1639077561
.beforeitsnews.com/	1970-01-19 23:19:23	Name: _gid Value: GA1.2.1812269679.1639077561
.beforeitsnews.com/	1970-01-19 23:17:57	Name: _gat_gtag_UA_16055024_1 Value: 1
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: lb9lFNOBysjb
servicer.mgid.com/	1970-01-19 23:17:58	Name: __mglb Value: ed02bb11b748a9279413c1eb8e47c448
beforeitsnews.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22Tx2LHAJ5J%22%7D%2C%22C720413%22%3A%7B%22page%22%3A1%2C%22time%22%3A1639077561336%7D%2C%22C720415%22%3A%7B%22page%22%3A1%2C%22time%22%3A1639077561339%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1639077561475%7D%7D
.bidswitch.net/	1970-01-20 08:03:33	Name: tuuid Value: 48c03ff6-9a04-440e-b806-b3c1f2ca2e0c
.bidswitch.net/	1970-01-20 08:03:33	Name: c Value: 1639077561
.bidswitch.net/	1970-01-20 08:03:33	Name: tuuid_lu Value: 1639077561
.e-volution.ai/	1970-01-19 23:38:07	Name: v_usr Value: 5fb32821-cbdb-43c3-bd59-7c7cadc4a5e1
.zeotap.com/	1970-01-20 08:03:33	Name: zc Value: ec1eab5b-b8f4-43e3-6835-820af8c8d9bc
.creativecdn.com/	1970-01-20 08:03:33	Name: u Value: oUxO70Cvz2mi5TxW3oFq
.creativecdn.com/	1970-01-20 08:03:33	Name: ts Value: 1639077561
.doubleclick.net/	1970-01-20 08:39:33	Name: IDE Value: AHWqTUl-RSNMln167PkbdyBmQv-gTHvqnM9OJoWVvA79do4OaNWs0BxKrhFE0W749Ps
.idealmedia.io/	1970-01-25 20:31:23	Name: muidn Value: lb9lFNOBysjb
.adsrvr.org/	1970-01-20 08:03:33	Name: TDID Value: f4943864-893e-4905-9518-67150dd08e09
.lentainform.com/	1970-01-25 20:31:23	Name: muidn Value: lb9lFNOBysjb
.360yield.com/	1970-01-20 01:27:33	Name: tuuid Value: 16df5ec9-eab5-4479-b50f-924b4f99a064
.360yield.com/	1970-01-20 01:27:33	Name: tuuid_lu Value: 1639077561
.adsrvr.org/	1970-01-20 08:03:33	Name: TDCPM Value: CAEYBSABKAIyCwikq7uR8dSdOhAFOAE.
.smartadserver.com/	1970-01-20 08:48:11	Name: pid Value: 1601600464650176457
.erne.co/	1970-01-20 08:03:33	Name: u Value: p5QgmTtqjwUcnRmx1KFGX9GH
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: aNn9MVe0Y48
.youtube.com/	1970-01-20 03:37:09	Name: VISITOR_INFO1_LIVE Value: wptVUCnKaDk
.mfadsrvr.com/	1970-01-20 16:49:09	Name: tuuid Value: 6e2e0d18-873f-4df0-a97a-1840f4cf566a
.mfadsrvr.com/	1970-01-20 16:49:09	Name: c Value: 1639077562
.mfadsrvr.com/	1970-01-20 16:49:09	Name: tuuid_lu Value: 1639077562
.mfadsrvr.com/	1970-01-20 16:49:09	Name: ssh Value: !mgid,1639077562
cm.mgid.com/	1970-01-20 00:01:09	Name: mg_sync Value: {"265689":1639077561,"287839":1639077562,"341189":1639077561,"363887":1639077561,"433145":1639077562,"433146":1639077561,"516418":1639077561,"549534":1639077561,"665953":1639077561}
.rumble.com/	1970-01-20 16:49:09	Name: _ga Value: GA1.2.1416784537.1639077563
.rumble.com/	1970-01-19 23:19:23	Name: _gid Value: GA1.2.280215697.1639077563
.rumble.com/	1970-01-19 23:17:57	Name: _gat_rumble Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://theeconomiccollapseblog.com/wp-content/uploads/2021/12/The-Guardian-of-International-Peace-Facebook-560x446.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://theeconomiccollapseblog.com/wp-content/uploads/2021/12/The-Guardian-of-International-Peace-Facebook-560x446.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://img.youtube.com/vi/nzMzfLoJlK3o//hqdefault.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://img.youtube.com/vi/SmnrAL0rFN19//hqdefault.jpg Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://littlegreenfootballs.com/weblog/thumbnails/charles/2021/12/09/Xzt2Y5uColU.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/469030/images/adp-advanced-grant-proposal-writing.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/461640/images/A_Yemen1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/132622/images/Screenshot%202021-12-09%20123926.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.beforeitsnews.com
ad.360yield.com
ajax.beforeitsnews.com
beforeitsnews.com
c.mgid.com
calabeshes.xyz
cdn.mgid.com
cdn.onesignal.com
cdn2.customads.co
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
customads.co
eus.rubiconproject.com
external-content.duckduckgo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
green.erne.co
henrymakow.com
i.imgflip.com
i.ytimg.com
i2.wp.com
img.beforeitsnews.com
img.youtube.com
jamesredpillsamerica.com
jsc.mgid.com
lisahaven.news
match.adsrvr.org
mwzeom.zeotap.com
onesignal.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
rddywd.com
rtb-usw.mfadsrvr.com
rumble.com
s-img.mgid.com
s.adtelligent.com
s.tradingview.com
s3-symbol-logo.tradingview.com
s3.tradingview.com
secure-assets.rubiconproject.com
servicer.mgid.com
settingbrushfires.com
sp.rmbl.ws
ssbsync.smartadserver.com
static-3.bitchute.com
static.doubleclick.net
static.wixstatic.com
stats.g.doubleclick.net
sync.adtelligent.com
sync.e-volution.ai
tapnewswire.com
theeconomiccollapseblog.com
thewashingtonstandard.com
token.rubiconproject.com
translate-pa.googleapis.com
translate.google.com
translate.googleapis.com
vaccineimpact.com
www.beforeitsnews.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.henrymakow.com
www.mydailyinformer.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
sync.adtelligent.com
104.16.199.73
104.18.64.15
104.19.132.78
104.19.135.78
104.19.217.61
104.200.19.217
104.92.74.8
109.206.161.21
151.139.128.11
169.55.146.12
18.157.58.24
185.184.8.65
185.59.220.199
185.86.139.103
188.165.137.78
192.0.77.2
2.19.35.65
209.58.165.79
216.58.212.130
2600:9000:2057:1200:1f:2f70:3e80:93a1
2600:9000:224a:bc00:18:9413:7780:93a1
2606:4700:10::6816:1857
2606:4700:10::6816:4a8a
2606:4700:10::6816:4b8a
2606:4700:3030::ac43:d7b9
2606:4700:3032::ac43:d803
2606:4700:3033::ac43:bbb3
2606:4700:3034::ac43:b4b3
2606:4700:3035::6815:40f1
2606:4700:3036::6815:eb9
2606:4700:3036::ac43:a0fa
2606:4700:3036::ac43:d037
2606:4700::6812:e134
2606:4700::6812:e234
2a00:1450:4001:801::2001
2a00:1450:4001:801::200a
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2006
2a00:1450:4001:810::200a
2a00:1450:4001:813::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2016
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9c
2a00:1450:4016:809::2003
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.33.220.150
34.102.176.152
34.254.166.91
35.190.30.115
35.212.212.222
40.114.178.124
64.27.55.138
65.9.68.47
65.9.68.79
69.173.144.138
69.173.144.165
96.125.172.62
01f36489c4dad10af4cdf89dfc1433ed583bca6d49fb477c4f79bb9010659381
02937596dfc9e6713980d18d0d49f18cc6d3a306a78bf76ca2fc122ced40467b
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf
03dfae7fd0a1aa5c27af8538fa12279a5e57581d08644b7b5229202092b78467
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
0b01ebf95bf0bc238f2ccc2e8c272903e5f6e1a0f1acac160fa9692e6e82606b
0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8
0d2fd9c5ee272dd7b913c1d63bd26920e77f29ba5f069d7c01ba72e1a7afcc34
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
11d24f62c32af98af1804be380a821385f1f76220ff21c4207172ba9bbc2f7d6
11f42b5bccf95a108b4dcc494c235ab8338af5324667f114121e5480aa16f70d
12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
135d33fda618989589e4d6f2d10fd7febe414dc38724db75a3c92710ccb9a1dc
13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1
162131086f4ad596930a083ad221950828011d76482125f21d777f0535a868a9
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
19032f51e20cb7f1e73bbac69d2dd6c2cd803cb5f30081783eae2b8f2aa663d6
19454bdd9d884122da710f59f648eaa8769e9a04fcefe14f64ffeec270ceacff
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1b725bc04fdfdc2a1446ef481a6669f189988bf9eb5a94ca55d8660e837977b1
1fb77c9667ff4a2a541744040688dcc6f445f96afb7fd89c23969811cc44df2f
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
213cf5e587c62ed934aae5a167c921fecf92ed8e70cd8f5b0827baa9150dda2f
226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d
23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b
244ff061991c518ec76060cc65d8155e30e8592a835ac2f17f08ab129a8014ba
2508c7193ba7a9f09cb05d7e92314871d21c6b74ede4b713c0b7fa78fcff18af
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
27ade501ed1979a72641c4341d674b0ac8268a928ab4f256f55603fef19dc7ea
283f7f0b7b8220370e7f8998f857aacbf5617f67077ff4d8ed3349dd68fdc987
293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
30bf6e3c0a5e39edf9de6ec430bdb56cefc4d80a69011510478cdadef2a387d4
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
352ef4a236f2beb4d04384c705b394ca70b8f49cace30556a6611ba7383e7110
3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d
36eb02c91aef8c14097a1e9f74797a4010624b4e971b20a0dd0dfcb7e0bffe19
3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde
3a6c4f55b5c201a72c391099aa16ec4d50df5adfc3fae4ec1f694510e2c4e857
3a703324deb3778f1cdbf10e22a80c9b7cac603f4cb15406461b70a54815d8b4
3c528fc2ed97937cedc6b11bfd8c0b8471c85ff1a8649987a92139a090ebcf87
3d2c1c8e1f82ef788b4e38537df203b67aa3b5db99f4b9bbc7e72c254c3b34de
3d35b6b8214d250481347d0a693f6a187e51724e6ab3de3dfa507c8e7aa85c0b
3d9ac70e6b4108042f3974dc74bac723cd44c65435a071dca3c9871b7f1d7d61
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2b15cf373ebc35dc3ccdd83ebda927d959f801c3772a8e2b5e481c2209921a
3f51523f40898e53fa62d5cdffc618a54461e631077bf409f2157ef68d8ef3d8
3f5eacbef8f64653af592eae02fd061cfd623a33b36ae1c761974f581f19ce7f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
489ad5221d5603f7a6e542d95c186cbd7ee61b4c2c9954c4f31b61ff1256a809
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b1e560b1a2ddae34bc52fe2a68984955e80df629f7a21c000f4f5f61d2fa09f
4b562815482b43f78d76bd8f185be8cce4096132d1a57e3bdf3e95d740f098c9
4bee09fc277d6ccee88223868eb868bb9fd9166e2d6163df385ddc4c07628bcc
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
514b29f149c603e9a8857f644c960b08a1f48c80860f86be5c48e203e81eca1b
5150c8e85b6d2724e872dd52d7038be2ef769c804e36207b6d7e1e68bd5c252c
5564f90bc308b63c9d97d4f87a1bd58d1fa41dc8af75135da90ddc84ff8561ae
55a0bb3d483aa0dba9553b12e7789d95cdaa951c3813284ad54c3eef6bdc5c83
55b4a8ebd4ce4144242d6bb9d0ebb65a01b2759e67243ed5badc3ac96c6fd396
58b7c11629c86153983ea3b2010525f308606bed19379e528f84b51a46252a63
5a1c3bf9db120bf9ab9752a0f5b70b7cd9f9f1f11c7c91ec7006bc15b076b75c
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5b527ae09fbd258f6bbfc9c7fffb59ac72cd7607712da06316a48f67ac4e5150
5c22a4cca0ebabae70ce0a3f7e46f0b740d7e08d54ff5c0a9ca827eb9b54592a
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5eb3ad1dc64d18b21f026e0b6c3bd3535da6c8f0e4fe3f63f60503508baef2aa
5f0cded6ee425fd5ef1b53442711e42d00173e9343b909101a7a7e45be7c015b
60c75dbd33a76d3b77c123860edb584370828f1b45e6f27deece8145799c9bc9
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
633e62ebc42dfea3189788b165a9523d8ab685b60e9cac3d9999c13ee9c61229
65c2a83f12dd71564d562882533b7f33425641afb960bf5c7c3302c7fbbb31d3
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf
6a8c9e2a5fd99b9fca9b06e29d2f8cfe449f4b7edadf601fb5e73e295b06ecdd
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
6c5472b311cc5cb731d6d9ded2dc1ef1143e97e79a444dd85e58cbb199f1fe62
6d1da18bcbaa7c9281f213e1815476a74289e661714323d7b59df17706969d08
6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965
708e15f646a4a88e3398f55ae92a59a527aeeff35f3a801ba5e575aa1a2ea038
70e76b5fe0a0fbfcb010c036c10b221f07ac01ccccda0aed73420bc5a2c11407
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
76844492baae9acad7de5a10b830bc7a22e97852a4a4859866104e84cf973b05
76eff1f74426f51c44fe6086375e6076db6fa6a538dffaefcc03e6e6298a4908
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7bf6a94ee85fe7ebb64f7b85076fdb322ded009eef6cd0b485f95b5f47dcd9a9
7cf260f6b172f059357ce21174e28c7ae311bafa2b9feb430b85b6c981fad888
7d23a42bddab61b2b5d6aaa2428483ed8e502f5107a3eab8cc733b6b86913514
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
8110b3094c8c7104e209dfbe78b29ace36b415dc7a1aaae1a02062229e094353
81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7
822f142bd39b370c21d7d140512b75f804c6626ee55cb3372ac1df62f55c2f2f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84550dbe0d29861f3e605c8820baba346cb2b8fcfd2d1dfaacd24a441a59b471
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b805e265fcc68af3415af9163faecba91bb249c303535621bfd1c1ba823fb3
8611f2cf6538047cb0a886ab8950c3bf5c16def2711c83f70bb44814e31136d2
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87ce04f323b56e0077f048d5374f6d216ffecf9194e0a0bd6adba77606e3d634
87eddedd2d5c528960a4851583fd6dd917c1893db2ee14ecbfd4809093ac6a71
89777f0d3fe167d55727ea96e76760a8ce938f565d4611e74cbdfc6ba8345f04
8c6b9a83f42cb144aa389cd13ebf0d3349818b28170449f11813094ae2492c21
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9151d469432297acfa233188a09081715e274b83441201ac3e5cb78c30b48540
92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54
9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f
97f6e532b08dd7b9cbc4db63c41c79b2dd81047351afa7e87c5f5efd9752a8e7
9a6d928f3be6677210bb42cfb2edf7f3a251d0393034f18c8bfc38b9f6e08712
9d61963e08fdbce470534af0e1b6bd541459ab1e8b35d474662c19f3a65c097c
a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a64a315cdaa87a6c18a9c0883753ef89238c37f3e24de873289c0adb6ef27d71
a6ec215ae1f79058f76e3ac67a8637b37baadf10dabcd5450b0cc8d0fa97934a
a70568f3242c272eefc02e82e23693321ba548ce0bb73147265b1b74738f683e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa603bc9e8ce94955c15cbf16286084fc7364e54a86d0541e1db258553ab4936
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ad609f7412bd864afe19e2e3f5046e0aca37045723940a4c84697b9d0e8c491c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0a5e84d37c0709a0ee28281b1678c168ade905efb0edd03c9aaffbf8614d144
b41a067e2b2e92a067c64e4198a0eacbfe70bcd2ed479cf9930885ecafee5d8d
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
b5498bc67ac496a3fc5af517d67021c41a5c96115e91bf953fc4d3e754b41ba7
b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2
b857cfbe52d936d0824612351bb35505373cb156799bd45aec58330cf718b7a7
b8d2d5f209843357c521bc9e45c43341f93933bd4ac31f7b4024931a62e82af1
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
ba2ec1f0e483b39c4f96db14778f55eceafa2ef67aa2b49c532a2cb24a52377b
ba83c227cde7d4c34fb514ccd483305e8dfef365e6b2b70a126f2d73adaa1691
ba8bc161394d0f1fd1a2117405b99c2ff97fdd2bbf274310faeeba1f4129b1d8
bdac3b2e717d6b9c56e993749d915b26847520b8bd7dfb90d1f9089fffe09e29
be395db7df33a757ee407d1545183f57f8b387745ec2fabb3d44cbc7d47a2411
c050b66ae118ff1c11568f6889a2f02fee055c5b9191fc77e5a5417c50817d77
c58b254a6afed13a1a1d9bf2ae8041a68e3f451f30f332d07fd27a006f6c3dd1
c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
c87cd4624a12ffbe183030d53888a7bc88e46b8dcc08a856b064fa1093b82634
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb677e5e49585993b23e98195084ba0673f7a3026338401dce3222dcf3690ec5
cce1f1710ef4c579d4396afac90dd5bd5e89ba7f306735e8d08ad65aee47dfe3
cd90ec72beb1362b15b014eadcb0ab4408417960fbb9a035eb6e620ea1f60d41
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d0d0c846c3fb83999d5d8152ce19308e4c2e697f49d3ed84a8666c3be9e88307
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619
d34a06bcb15ea477cd15f71108f36d9a1aedcd94b34e369780bf30e99459bd13
d3fcfbc03c34fd3131f7431183ffa37e2f4bbcd1a999813ea8c8c9a76d8ee29d
d4af2da604b0cdef3c883924cf9fc9f9c5652b0211b31785943da8fb891b56e0
d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
da8688a50b98af6cfcb106a460d4371795eed39b580da7672083e79149c6f3f9
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391
dc9301b2d9fbb7099d5d62ccd0067caea1ec5a3ffa5cfa577fedd43a440e85d7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
deab806da37406b7164fd737d6b60de9d3d863844438852488605564713d4b21
df0eab8748cc51829ab106a86593827906f02449e006e282138237ce3951590e
df0f6440bfff5ad7ea3b8e6a09007a50337e2e3f579efc30546391b7a7df740a
e0627c6dd13c27c24d51fd92042d0caebd8932b804e515007a724eb7da487aad
e115552b3e43912f766ca156f2db990812d6d925bdfdc3245891ab6b812a1496
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e6d11086330eab19b963928df89c773c5b28c28bc552e0f87577d6e21bbc33ba
e708372195ae32160ef83b134b09c48880408b1944078b1e1657fa9dd58ec13d
e7e32e5e847040d47488bb18845a0f48df86610553087c54e8acadeb81e08314
e9a023bc5459b2a4a970eba28b9338dee413ebc59da10391351f866d8a879300
ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770
eacab0a7fe47eb4647845ff393579cf37ce91e523b0f7629f9c7d7e10ab8efcb
eb1424af13f3339c7474a2c74d42fcde8cd933f29bf901264064b5141cbb15f8
ebf8a1b5965b01e16b48d357f730021649c06c60e0ca8f2784eec3acb9424a75
ed390e84c9cbc129328c6da9ead576f839b6fec67eb9ace1b32740f4641953a5
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b50260a1420ddadfd2d379a4a6ad2d47c4cc790f83de9b7796740467652e8f
f7934a6c4525d44dca72ac96a2c33de26df51c81e4ce131c806cbbf9f50aa18d
f810b28de9346b9574fca0b9a15f4acc101e7f20d6863fe3ff86f3badf1f1a45
fd2b79e4e02fcb91b547efb348900055a138ccc7e5b0c80b78acc1e7fda57ea5
fd95e208ef021f3ca1b85dc6874d2050b901d1939e0fe0a69db9d669fe584d93

beforeitsnews.com Open in urlscan Pro 2606:4700:10::6816:4a8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

237 Requests

95 %HTTPS

51 %IPv6

47 Domains

74 Subdomains

52 IPs

9 Countries

12711 kBTransfer

23948 kBSize

37 Cookies

34 Outgoing links

Page URL History

Redirected requests

237 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4a8a Public Scan

Screenshot
Live screenshot

Full Image

237
Requests

95 %
HTTPS

51 %
IPv6

47
Domains

74
Subdomains

52
IPs

9
Countries

12711 kB
Transfer

23948 kB
Size

37
Cookies

237 HTTP transactions
3 data transactions