beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://beforeitsnews.com/
Submission: On April 12 via api (April 12th 2022, 5:56:04 am UTC) from AU — Scanned from DE

Summary HTTP 256 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 51 IPs in 6 countries across 33 domains to perform 256 HTTP transactions. The main IP is 2606:4700:10::6816:4b8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com. The Cisco Umbrella rank of the primary domain is 170042.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2021. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
52	2606:4700:10:... 2606:4700:10::6816:4b8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	52.85.47.3 52.85.47.3	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
22	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
13	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	142.93.183.185 142.93.183.185	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
7	185.59.220.193 185.59.220.193	60068 (CDN77 ^_^) (CDN77 ^_^)
4	104.18.255.14 104.18.255.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	209.58.165.79 209.58.165.79	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
4	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	77.81.165.130 77.81.165.130	59854 (TLH-AS Pa...) (TLH-AS Pasaj SCARILOR Nr 2)
1	2606:4700:303... 2606:4700:3034::ac43:8471	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.72.23 192.0.72.23	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:be00:18:9413:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
16	99.86.4.91 99.86.4.91	16509 (AMAZON-02) (AMAZON-02)
2	35.190.30.115 35.190.30.115	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
21	2600:9000:215... 2600:9000:2156:6400:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	169.55.146.12 169.55.146.12	36351 (SOFTLAYER) (SOFTLAYER)
4	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
8	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	35.224.142.165 35.224.142.165	15169 (GOOGLE) (GOOGLE)
2	35.209.67.224 35.209.67.224	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	35.244.172.227 35.244.172.227	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
2	34.117.147.45 34.117.147.45	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c2ba	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
23	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
256	51

52 2606:4700:10::6816:4b8a (United States)

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.47.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-47-3.hel50.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

sctewbeans.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.183.185 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

sonsoflibertymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.59.220.193 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-601.bunnyinfra.net

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.255.14 (None, )

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.58.165.79 (United Kingdom)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: opal2.opalstack.com

tapnewswire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.81.165.130 (Bucharest, Romania)

ASN59854 (TLH-AS Pasaj SCARILOR Nr 2, RO)
PTR: c3130.tlh.ro

gn-journal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:8471 (United States)

ASN13335 (CLOUDFLARENET, US)

www.prepperfortress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

justusaknight.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:be00:18:9413:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 99.86.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-91.fra6.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.30.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.30.190.35.bc.googleusercontent.com

customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:2156:6400:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.55.146.12 (United States)

ASN36351 (SOFTLAYER, US)
PTR: c.92.37a9.ip4.static.sl-reverse.com

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

w3.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.224.142.165 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 165.142.224.35.bc.googleusercontent.com

access.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.209.67.224 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 224.67.209.35.bc.googleusercontent.com

tkx.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.172.227 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 227.172.244.35.bc.googleusercontent.com

dcs-vod.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.147.45 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 45.147.117.34.bc.googleusercontent.com

m107833-mcdn.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:ef::5c7b:c2ba (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.foxtv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

h107833-ecdn.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	beforeitsnews.com beforeitsnews.com — Cisco Umbrella Rank: 170042 img.beforeitsnews.com — Cisco Umbrella Rank: 321385 ajax.beforeitsnews.com — Cisco Umbrella Rank: 209395 a1.beforeitsnews.com — Cisco Umbrella Rank: 315256	1010 KB
38	tradingview.com s3.tradingview.com — Cisco Umbrella Rank: 18707 s.tradingview.com — Cisco Umbrella Rank: 23404 s3-symbol-logo.tradingview.com — Cisco Umbrella Rank: 19609	291 KB
33	lura.live w3.mp.lura.live — Cisco Umbrella Rank: 10877 access.mp.lura.live — Cisco Umbrella Rank: 13110 tkx.mp.lura.live — Cisco Umbrella Rank: 12111 dcs-vod.mp.lura.live — Cisco Umbrella Rank: 12297 m107833-mcdn.mp.lura.live — Cisco Umbrella Rank: 50253 h107833-ecdn.mp.lura.live — Cisco Umbrella Rank: 61773	3 MB
22	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8262 c.mgid.com — Cisco Umbrella Rank: 5541 cdn.mgid.com — Cisco Umbrella Rank: 10746 servicer.mgid.com — Cisco Umbrella Rank: 8391 s-img.mgid.com — Cisco Umbrella Rank: 7283 cm.mgid.com — Cisco Umbrella Rank: 2107	289 KB
13	rmbl.ws sp.rmbl.ws — Cisco Umbrella Rank: 27596	428 KB
13	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 www.googleapis.com — Cisco Umbrella Rank: 28 translate.googleapis.com — Cisco Umbrella Rank: 1003 translate-pa.googleapis.com — Cisco Umbrella Rank: 1651 jnn-pa.googleapis.com — Cisco Umbrella Rank: 272 imasdk.googleapis.com — Cisco Umbrella Rank: 417	441 KB
10	youtube.com img.youtube.com — Cisco Umbrella Rank: 3121 www.youtube.com — Cisco Umbrella Rank: 92	775 KB
9	gstatic.com fonts.gstatic.com encrypted-tbn0.gstatic.com www.gstatic.com	82 KB
8	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 static.doubleclick.net — Cisco Umbrella Rank: 340	39 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	59 KB
7	bitchute.com static-3.bitchute.com — Cisco Umbrella Rank: 58240	147 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3059 onesignal.com — Cisco Umbrella Rank: 1122	83 KB
5	google.com www.google.com — Cisco Umbrella Rank: 4 translate.google.com — Cisco Umbrella Rank: 1154	41 KB
4	imgflip.com i.imgflip.com — Cisco Umbrella Rank: 29701	290 KB
3	foxtv.com static.foxtv.com — Cisco Umbrella Rank: 42369	57 KB
3	rumble.com rumble.com — Cisco Umbrella Rank: 21179	33 KB
3	customads.co cdn2.customads.co — Cisco Umbrella Rank: 97453 customads.co — Cisco Umbrella Rank: 76781	6 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5383	608 B
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 123268	1 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98	66 KB
2	jamesredpillsamerica.com jamesredpillsamerica.com	2 MB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	76 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	36 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	17 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 212	5 KB
1	wordpress.com justusaknight.files.wordpress.com — Cisco Umbrella Rank: 764658	370 KB
1	prepperfortress.com www.prepperfortress.com — Cisco Umbrella Rank: 633114	27 KB
1	gn-journal.com gn-journal.com	91 KB
1	tapnewswire.com tapnewswire.com — Cisco Umbrella Rank: 446440	14 KB
1	blogspot.com 3.bp.blogspot.com — Cisco Umbrella Rank: 11466	25 KB
1	wp.com i2.wp.com — Cisco Umbrella Rank: 5999	39 KB
1	sonsoflibertymedia.com sonsoflibertymedia.com	752 KB
1	sctewbeans.xyz sctewbeans.xyz — Cisco Umbrella Rank: 308897	41 KB
256	33

	Domain	Requested by
30	beforeitsnews.com	beforeitsnews.com
23	h107833-ecdn.mp.lura.live
21	s3-symbol-logo.tradingview.com	beforeitsnews.com
20	img.beforeitsnews.com	beforeitsnews.com
16	s.tradingview.com	s3.tradingview.com s.tradingview.com
13	sp.rmbl.ws	beforeitsnews.com rumble.com
9	www.youtube.com	beforeitsnews.com www.youtube.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com beforeitsnews.com rumble.com
7	static-3.bitchute.com	beforeitsnews.com
6	s-img.mgid.com
6	jsc.mgid.com	beforeitsnews.com jsc.mgid.com
4	jnn-pa.googleapis.com	www.youtube.com
4	w3.mp.lura.live	w3.mp.lura.live
4	www.gstatic.com	translate.googleapis.com www.youtube.com www.gstatic.com
4	cdn.mgid.com	jsc.mgid.com
4	translate.googleapis.com	translate.googleapis.com
4	www.google.com	beforeitsnews.com www.youtube.com
4	stats.g.doubleclick.net	customads.co www.google-analytics.com
4	i.imgflip.com	beforeitsnews.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	static.foxtv.com	w3.mp.lura.live
3	rumble.com	beforeitsnews.com rumble.com
3	onesignal.com	cdn.onesignal.com
3	servicer.mgid.com	jsc.mgid.com
3	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com
2	m107833-mcdn.mp.lura.live
2	imasdk.googleapis.com	w3.mp.lura.live imasdk.googleapis.com
2	tkx.mp.lura.live	w3.mp.lura.live
2	cm.mgid.com	jsc.mgid.com
2	cdn.onesignal.com	beforeitsnews.com cdn.onesignal.com
2	www.google.de	beforeitsnews.com
2	customads.co	cdn2.customads.co
2	rddywd.com	beforeitsnews.com
2	pagead2.googlesyndication.com	beforeitsnews.com srcdoc
2	jamesredpillsamerica.com	beforeitsnews.com
2	www.googletagmanager.com	beforeitsnews.com s.tradingview.com
2	i.ytimg.com	beforeitsnews.com www.youtube.com
1	s0.2mdn.net	imasdk.googleapis.com
1	dcs-vod.mp.lura.live	w3.mp.lura.live
1	access.mp.lura.live	w3.mp.lura.live
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	translate-pa.googleapis.com	srcdoc
1	c.mgid.com	jsc.mgid.com
1	a1.beforeitsnews.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	ajax.beforeitsnews.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	cdn2.customads.co	beforeitsnews.com
1	img.youtube.com	beforeitsnews.com
1	justusaknight.files.wordpress.com	beforeitsnews.com
1	www.prepperfortress.com	beforeitsnews.com
1	gn-journal.com	beforeitsnews.com
1	tapnewswire.com	beforeitsnews.com
1	encrypted-tbn0.gstatic.com	beforeitsnews.com
1	3.bp.blogspot.com	beforeitsnews.com
1	i2.wp.com	beforeitsnews.com
1	sonsoflibertymedia.com	beforeitsnews.com
1	sctewbeans.xyz	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
256	61

This site contains links to these domains. Also see Links.

Domain
www.herbanomics.com
www.tradingview.com
3b7d7s3fml0cpg51en5xn5u-xz.hop.clickbank.net
7b7d74-qphxcq54fl3ho490z1l.hop.clickbank.net
vni.life
6456bt1hdmvcfg3tqrvwp1zwh6.hop.clickbank.net
t.me
forum.beforeitsnews.com
www.youtube.com
0d1bc30khn8aj8baofa0ob1zic.hop.clickbank.net
widgets.mgid.com
www.mgid.com
brainberries.co
mitocopper.com
www.fincabayano.net
www.braintuner.com
ddf98w4mjf10o26r0xx2vhpfnk.hop.clickbank.net
telegram.org
hop.clickbank.net
8216126iklx2n488hihvlxt-u2.hop.clickbank.net
tinyurl.com
1f441szgnc6zk9ecuo7vmiv-70.hop.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-14` - `2022-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.tradingview.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
sp.rmbl.ws R3	`2022-04-02` - `2022-07-01`	3 months	crt.sh
sonsoflibertymedia.com R3	`2022-03-17` - `2022-06-15`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
static-3.bitchute.com R3	`2022-04-05` - `2022-07-04`	3 months	crt.sh
tapnewswire.com R3	`2022-04-11` - `2022-07-10`	3 months	crt.sh
gn-journal.com cPanel, Inc. Certification Authority	`2022-03-07` - `2022-06-05`	3 months	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-28` - `2023-01-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.customads.co Amazon	`2021-10-29` - `2022-11-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
tradingview.com Amazon	`2022-04-09` - `2023-05-08`	a year	crt.sh
customads.co GTS CA 1D4	`2022-02-26` - `2022-05-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.rumble.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-11` - `2022-12-07`	a year	crt.sh
*.mp.lura.live Sectigo RSA Domain Validation Secure Server CA	`2021-10-18` - `2022-11-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
foxtv.com DigiCert SHA2 Secure Server CA	`2021-08-24` - `2022-08-24`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: CFB19943CDECDE128749E467A938FDE3
Requests: 135 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20223125
Frame ID: 1429129F288F819BD1BC3D70CCD79939
Requests: 2 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: 9B8533A44E35B22B0217C9EB6FDD7E80
Requests: 40 HTTP requests in this frame

Frame: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 5216635325D0666E89C9EF671EC2B567
Requests: 2 HTTP requests in this frame

Frame: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 46A1DAF8F9BDECE31A760362FF54B455
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html
Frame ID: BD3D198DACCC8C8C7A6EEE3E116A4730
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 33090F3D7E661A3E81A759F8A3F32138
Requests: 1 HTTP requests in this frame

Frame: https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
Frame ID: 8CDEC1BEC42440F472E4A49D980F3594
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=164974295820041646133
Frame ID: 31AAB91207E95F04382B003CAA2F43BA
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/o4aTg6Rqx88
Frame ID: 72349D61E14846714F2A38D3491CAAA9
Requests: 20 HTTP requests in this frame

Frame: https://rumble.com/embed/vy049k/?pub=hw409
Frame ID: 98316CE23B1E313649E6ABA9B5A93007
Requests: 11 HTTP requests in this frame

Frame: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiMTA1MzI3NCIsImFudmFjayI6Imw1UXczZHczZG1Vam9rTVVsVTdXNllHVEJHSzJsUTlSIiwic2hhcmVMaW5rIjoiaHR0cHM6Ly93d3cuZm94MmRldHJvaXQuY29tL25ld3Mvd2F0Y2gtbGl2ZS10cnVtcC1yYWxseS1pbi13YXNoaW5ndG9uLXRvd25zaGlwIiwicGx1Z2lucyI6eyJjdXN0b21Db21zY29yZVBsdWdpbiI6eyJjMyI6IkZPWCAyIERldHJvaXQiLCJjNiI6ImZ0cyIsInNjcmlwdCI6Imh0dHBzOi8vc3RhdGljLmZveHR2LmNvbS9zdGF0aWMvb3Jpb24vc2NyaXB0cy9jb3JlL3V0aWxzL2NvbXNjb3JlL0N1c3RvbUNvbXNjb3JlUGx1Z2luLmpzIiwic2RrIjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvY29tc2NvcmUuanMiLCJjbGllbnRJZCI6IjYwNDI5MDEiLCJuc19zdF9zdCI6IldKQksiLCJ0aXRsZSI6IlRydW1wIHJhbGx5IGluIFdhc2hpbmd0b24gVG93bnNoaXAiLCJuc19zdF9jaSI6IjEwNTMyNzQifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJ3amJrIiwiYXBwX25hbWUiOiJmb3gyZGV0cm9pdC5jb20iLCJhcHBfcGxhdGZvcm0iOiJ3ZWIiLCJhcHBfdmVyc2lvbiI6IjEuMC4wIiwic2VnbWVudElkIjoidW8yWW02RVUxNmpWVXlBNUx3WlpGVW81bTllRmJmMmciLCJwbGF5ZXJVbmlxdWVJZCI6InBsYXllci1hYWYyMDYxYy04MzJlLTQ2YzQtODIxOC03MzQxZDFlZDFlMzEifSwiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS82Mzc5MDU2NC93amJrX2ZveDImZGVzY3JpcHRpb25fdXJsPVtwbGFjZWhvbGRlcl0mZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPSZ0ZmNkPTAmbnBhPTAmZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZzej0xMDAxeDEwMDEmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZjbXNpZD0yNTQxMDM3JnZpZD0xMDUzMjc0Iiwia2V5VmFsdWVzIjp7InN0eXBlIjpbIm5ld3MiXSwicHR5cGUiOiJ2aWRlby1jbGlwIiwiYyI6WyJuZXdzIiwibWkiLCJ1cyJdLCJkIjoid2ViIiwidXNfcHJpdmFjeSI6IjEtLS0ifX19fSwiaHRtbDUiOnRydWUsImZvcm1hdCI6Im0zdTgiLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUoyYVdRaU9pSXhNRFV6TWpjMElpd2lhWE56SWpvaWJEVlJkek5rZHpOa2JWVnFiMnROVld4Vk4xYzJXVWRVUWtkTE1teFJPVklpTENKbGVIQWlPakUyTkRrd09USTRNRFlzSW1saGRDSTZNVFkwT1RBNE9USXdObjAuSEdhUGh0S2Y1RlJ0aGhjN2Y3MURuN3JQU0ZiQjRjZXJzSjJKUHdQWUVKOCJ9
Frame ID: FBABAF0F0724F6D1DB7335C141C56026
Requests: 40 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Frame ID: FCA85ED3FCC3AEC00C772BAB846BBFB1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CEC9FBCE3D5F60FF1F0A9DD6C27EAFD0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before It's News | People Powered News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

256
Requests

100 %
HTTPS

62 %
IPv6

33
Domains

61
Subdomains

51
IPs

6
Countries

10950 kB
Transfer

24276 kB
Size

13
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Ticker Tape

Search URL Search Domain Scan URL

URL: https://3b7d7s3fml0cpg51en5xn5u-xz.hop.clickbank.net/?tid=BINRTL1121320
Title: US Nuclear Target Map. Do You Live in The Danger Zone?

Search URL Search Domain Scan URL

URL: https://7b7d74-qphxcq54fl3ho490z1l.hop.clickbank.net/?tid=BINRTL32822
Title: Add This To Your Tea - Increase Metabolism - Burn Fat. Patent Pending. Up to 80% Off Today

Search URL Search Domain Scan URL

URL: https://vni.life/retail/jeffosburn/product/17908

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/products/humic-fulvic-liquid-trace-mineral-complex

Search URL Search Domain Scan URL

URL: https://6456bt1hdmvcfg3tqrvwp1zwh6.hop.clickbank.net/?tid=BINRTL1025
Title: Learn How to Manifest Anything You Desire in Life. Click Here for Real Proof

Search URL Search Domain Scan URL

URL: https://t.me/herbonomics
Title: We at HerbAnomic Hope to Empower Our Customers Through Knowledge & Good Health - Follow Us on TELEGRAM

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://0d1bc30khn8aj8baofa0ob1zic.hop.clickbank.net/?tid=BINPBL101021

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720413

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/top-10-highest-earning-female-pro-gamers/

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/detoxadine-organic-iodine-supplement/
Title: Your Body Needs Iodine! Here's What You Don't Know About Iodine and Your Health!

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/herbanomic-fulvic-humic-complex/
Title: Deep Sleep - Energy - Vitality -- This Trace Mineral Complex Will Change How You Feel

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/die-10-verruckteste-sachen-die-im-live-fernsehen-geschehen-sind/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/20-years-later-actors-from-the-matrix-and-where-are-they-now/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/7-iconic-actors-hollywood-completely-gave-up-on/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/7-netflix-shows-that-got-cancelled-too-soon/

Search URL Search Domain Scan URL

URL: https://ddf98w4mjf10o26r0xx2vhpfnk.hop.clickbank.net/?tid=BINRTL13122
Title: Real Online Social Media Jobs That Pay YOU $25 to $50 Per Hour For Using Facebook,Twitter and YouTube. No Experience Required. Work from Home - Click Here For Details

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://hop.clickbank.net/?vendor=javaburn&affiliate=5startech&lid=1&tid=RTL110921
Title: The World’s Only Natural Proprietary, Patent-Pending Formula, That When Combined with Coffee, Can Increase Both the Speed and Efficiency of Your Metabolism While Instantly Boosting Your Health, Energy and Well-Being

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/ultracur-bioavailable-curcumin-complex/
Title: This Clinical Potency Curcumin is 14,000x Stronger for Fighting Pain and Inflammation! (VIDEO)

Search URL Search Domain Scan URL

URL: https://8216126iklx2n488hihvlxt-u2.hop.clickbank.net/?tid=BINRTL92321
Title: Discover the Simple 3 DIGIT MANIFESTATION CODE for Unlocking the Door to Outrageous Wealth And Abundance in the Next 24 Hours…

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720415

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/6-unforgettable-shows-from-the-90s-that-need-to-make-a-comeback/

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: ALERT! Protect Yourself NOW - They'll Never See It Coming Until They Are On The Ground and Can't Move!

Search URL Search Domain Scan URL

URL: https://1f441szgnc6zk9ecuo7vmiv-70.hop.clickbank.net/?tid=BINRTL1121220
Title: Discover All the Edible and Medicinal Plants in North America in Case of an Emergency

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 192

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

256 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
beforeitsnews.com/ 124 KB
25 KB 750ms
682ms Document
text/html 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

798a1e48a936af26830e70876c55987da4315ec9f33bfa930b0258390b2c0346

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-allow-origin: *
access-control-max-age: 3628800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 6fa9b743efe483a2-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 12 Apr 2022 05:55:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 _KRSshvvWcFjj8eVhUL7TTu75W0.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 38ms
36ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8637688
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C13TJ7Z1TVEKX4ZF
x-amz-id-2: LQjbcbgLLi2Vz+nAWrL1Tj3bFEAE8Osgz7m3Vjm1BabVnW/pfWQMx3e4whHc/0jsWVr0poZ9GNI=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7f176f4cc71059e93db3ae6263ce5c62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: iruw_GjpCNwc.7p7jDS427AkLHWsll2i
cf-ray: 6fa9b748480783a2-MXP

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ba0ec89a08dac2b188edb29fdd61033e516049fef6709cfb7c9839794f98f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 05:50:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 12 Apr 2022 05:55:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Apr 2022 05:55:56 GMT

GET
H2 200 global-bin-rev-20220327.css
beforeitsnews.com/static/css-v3/ 15 KB
4 KB 47ms
46ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d20f67113d1757b2a95a627d8124216e1a65ae5cd53bcb3f0a8365ae07ff2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1331070
cf-polished: origSize=15824
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:39 GMT
server: cloudflare
etag: W/"6240c13b-3dd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6fa9b748480b83a2-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:22 GMT

GET
H2 200 fancybox-bin-rev-20220327.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 76ms
74ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20220327.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1331070
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:39 GMT
server: cloudflare
etag: W/"6240c13b-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6fa9b748480c83a2-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:22 GMT

GET
H2 200 home-bin-rev-20220327.css
beforeitsnews.com/static/css-v3/ 29 KB
7 KB 47ms
45ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20220327.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1331070
cf-polished: origSize=29354
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:39 GMT
server: cloudflare
etag: W/"6240c13b-72aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6fa9b748480d83a2-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:23 GMT

GET
H2 200 responsive-bin-rev-20220327.css
beforeitsnews.com/static/css-v3/ 20 KB
4 KB 74ms
72ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20220327.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

708e15f646a4a88e3398f55ae92a59a527aeeff35f3a801ba5e575aa1a2ea038

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1331070
cf-polished: origSize=20565
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:39 GMT
server: cloudflare
etag: W/"6240c13b-5055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6fa9b748480f83a2-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:22 GMT

GET
H2 200 web-responsive-bin-rev-20220327.css
beforeitsnews.com/static/css-v3/ 371 B
313 B 44ms
43ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/web-responsive-bin-rev-20220327.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1331070
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:39 GMT
server: cloudflare
etag: W/"6240c13b-173"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6fa9b748481383a2-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:22 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
57 KB 47ms
46ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 85899
cf-polished: origSize=149701
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6fa9b748481483a2-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 25 Mar 2022 12:49:41 GMT

GET
H2 200 global-bin-rev-20220327.js Show response
beforeitsnews.com/static/js-v3/ 12 KB
4 KB 47ms
46ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20220327.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1331070
cf-polished: origSize=12613
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:00 GMT
server: cloudflare
etag: W/"6240c114-3145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6fa9b748481583a2-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:22 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 63ms
54ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 8637459
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 02 Jan 2023 06:34:32 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b748f92d83a2-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 165ms
36ms Script
text/javascript 52.85.47.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.47.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-47-3.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c7f143de591c58b364772f049c84ef152a561c25ab903d061b8547716174e83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:39:31 GMT
via: 1.1 06ede6e80e9cd4fa59b8d9b8a98391a8.cloudfront.net (CloudFront)
last-modified: Mon, 11 Apr 2022 12:39:23 GMT
server: AmazonS3
age: 62187
etag: "fa277d49a0a0522f194325eb481f9bc4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
content-length: 10758
x-amz-cf-id: 2_D35ax83h97BJvw5yr9puJDUHLUtjJL341r72xbHzUjUqHbyeZH8Q==

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 51ms
42ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 8637320
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 02 Jan 2023 06:34:43 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b748f92c83a2-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
586 B 49ms
40ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 3480769
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 23 Feb 2023 16:40:53 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b748f92b83a2-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/xPjg1ibZdi8/ 13 KB
13 KB 31ms
7ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/xPjg1ibZdi8/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de2380b9e68de126204550877e9ef976acc360ba0a0bd88ba903d07a1040f365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 04:29:29 GMT
x-content-type-options: nosniff
age: 5187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12833
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 12 Apr 2022 06:29:29 GMT

GET
H2 200 beforeitsnews.com.720413.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 41ms
16ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da69f6ccfa05256e6a49dd676b486cc9cd36756d773b663fc49e4c26cdbf71e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 2811
last-modified: Wed, 06 Apr 2022 13:31:54 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: GRR662PK976HTYTV
x-amz-id-2: HohBx298KrFDfso4diNCGL9ETrtwVZdvm8chGWqBnsPprCOB5G7A3cEPkWLueOY0oZhGuQZ9lp4=
cf-bgj: minify
server: cloudflare
etag: W/"9932803714537c80952a83460a513f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6fa9b748fcf79bb6-FRA
expires: Tue, 12 Apr 2022 08:55:56 GMT

GET
H2 200 beforeitsnews.com.720415.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 40ms
16ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d989b550c40f16ec4c592bf96b8787f43bdc88dbce9e25ee54ea3ab5538680e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 4012
last-modified: Thu, 31 Mar 2022 14:45:33 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 4FMPVJ3BVPGJC6PJ
x-amz-id-2: M4n6aWtzQtjola09zrL6muuFGCeW+fZvDrL157K9ERj9UjwyHrmsT5jKt58r8Db213RduSIj/Ps=
cf-bgj: minify
server: cloudflare
etag: W/"d717fa382927044fa71f8099a7ec2d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6fa9b748fcfa9bb6-FRA
expires: Tue, 12 Apr 2022 08:55:56 GMT

GET
H3 200 tabs-bin-rev-20220327.js Show response
beforeitsnews.com/static/js-v3/ 148 B
659 B 63ms
63ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20220327.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 614703
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:04 GMT
server: cloudflare
etag: W/"6240c118-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6fa9b748b9f3e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:22 GMT

GET
H2 200 12098 Show response
sctewbeans.xyz/easylist/ 204 KB
41 KB 177ms
126ms Script
text/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sctewbeans.xyz/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 284c735f09e74e7203ebda5a6cdd938ef9ba925dc6d1035c61b2001387e82774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9d3579649fae86af75d8798d3b2756116d27dde5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBxgljbYgafQvHwbwZuyHkFnbojOGjm4DSo6tp%2B7GgaIrpXQ47A8AKQeGdaXC6ka8GBXqpwvXSZDtYUrYheLQa1W5ZlAXu806vfw5KCVniIJwe5dFD5Mkbtyi80vRJsu7AmzA9%2FYAWgxRutCFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 6fa9b7492f0d59ad-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 45ms
21ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0db5e67f3f812f0c608715d2f530ced8877f1cd01854c8a82f2643a99f59304f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38451
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Apr 2022 05:55:56 GMT

GET
H3 200 jsDeferParsing-bin-rev-20220327.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 50ms
50ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220327.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff04d6b84bf181bc57b1af04902e28cf7f395ac25a87303d017aaf15f8c3046a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1331097
cf-polished: origSize=6231
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:03 GMT
server: cloudflare
etag: W/"6240c117-1857"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6fa9b748b9f8e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 03 Apr 2022 19:57:22 GMT

GET
H3 200 DN2ljmq1lJUOI91HMatC4Qo4fdo.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 29ms
28ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/DN2ljmq1lJUOI91HMatC4Qo4fdo.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 444425
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9NBW4A3K3FJ8X43R
x-amz-id-2: u0EVU9ylBZW9SVXRcpui33k+0UOcrLrKuEsM4mJ/oOwtTlC40xyh1mirgIjXiKjZ3nA6jxW/9es=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7a6e84d6417ab337f05fd7000f282762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: aBVNeaiVU3H7gys1mI2xPATDTQBfk7Cv
cf-ray: 6fa9b748da10e8eb-MXP

GET
H3 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
698 B 39ms
38ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2446762
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 01 Mar 2023 23:25:17 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6fa9b748da11e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 search.png
beforeitsnews.com/img/b4in/ 686 B
1 KB 36ms
36ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 588115
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 04 Apr 2023 22:59:44 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6fa9b748da15e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v47/ 10 KB
11 KB 29ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v47/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9133ce4738bf2d0d12282d16afe84b60f83a270af9750330b287429b360782a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 23:32:39 GMT
x-content-type-options: nosniff
age: 368597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10152
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:04:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Apr 2023 23:32:39 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v12/ 15 KB
15 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v12/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 06:06:14 GMT
x-content-type-options: nosniff
age: 431382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15104
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 21:57:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 07 Apr 2023 06:06:14 GMT

GET
H2 200 WATCH%20THE%20WATER%20DOCUMENTARY.JPG
img.beforeitsnews.com/contributor/upload/819011/images/ 31 KB
31 KB 48ms
47ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/819011/images/WATCH%20THE%20WATER%20DOCUMENTARY.JPG

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aa69ea2305fb24d5d1e2d88911532706a9d1ba62dce572df46787e1b1a63dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 26672
cf-polished: origSize=42029, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31708
last-modified: Mon, 11 Apr 2022 22:03:40 GMT
server: cloudflare
etag: "6254a5bc-a42d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 11 Apr 2023 22:07:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b749198683a2-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 A8OQd.oq1b-small-SITUATION-UPDATE-41122.jpg
sp.rmbl.ws/s8/1/A/8/O/Q/ 25 KB
25 KB 80ms
21ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/A/8/O/Q/A8OQd.oq1b-small-SITUATION-UPDATE-41122.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: c5f6ce20c8335afe6681c7d7b77000c57c50437f77d073020aa6be09cf3fb202

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
last-modified: Mon, 11 Apr 2022 19:11:54 GMT
server: nginx
etag: "c57d08f8e606f61db0469591353d63cb"
x-hw: 1649742957.cds280.lo4.hn,1649742957.cds206.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=59704
accept-ranges: bytes
content-length: 25350

GET
H2 200 f7WQd.oq1b-small-Ep.-2748b-The-Big-Lie-Is-Th.jpg
sp.rmbl.ws/s8/1/f/7/W/Q/ 30 KB
30 KB 97ms
38ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/f/7/W/Q/f7WQd.oq1b-small-Ep.-2748b-The-Big-Lie-Is-Th.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b98e9b082338c6ee8f49334d4d24929fcd2a64625fc4620c3ed4ee7d26feb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
last-modified: Mon, 11 Apr 2022 22:40:09 GMT
server: nginx
etag: "eb0a86aa45ab7262bb866f705d54b3e7"
x-hw: 1649742957.cds280.lo4.hn,1649742957.cds228.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=61560
accept-ranges: bytes
content-length: 30994

GET
H2 200 KXjeKc16gZO61W46nptWmd66_small.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 10 KB
10 KB 55ms
50ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/KXjeKc16gZO61W46nptWmd66_small.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a46105885c5a86da7684c935f2647f6dd95b168d24968484041c704525fbd31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 452337
cf-polished: origSize=10923, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10414
last-modified: Sat, 14 Aug 2021 16:47:10 GMT
server: cloudflare
etag: "6117f38e-2aab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 Apr 2023 20:19:30 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b749299d83a2-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 d%20to%20the%20tru%20(9)_Moment%204111111.jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 28 KB
28 KB 49ms
48ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/d%20to%20the%20tru%20(9)_Moment%204111111.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ec48012cdb99cf78673d4eedd9af2c0016e6dd867d24aa32545d2c2b10ae8b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 13716
cf-polished: origSize=32031, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28888
last-modified: Tue, 12 Apr 2022 01:06:03 GMT
server: cloudflare
etag: "6254d07b-7d1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 12 Apr 2023 01:11:02 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b74929a383a2-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 5GSQd.oq1b.2-small-Good-Guys-Keep-Making-It-Ha.jpg
sp.rmbl.ws/s8/1/5/G/S/Q/ 49 KB
49 KB 127ms
73ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/5/G/S/Q/5GSQd.oq1b.2-small-Good-Guys-Keep-Making-It-Ha.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: fc776911317ac423163b4fa9b702b1942cefc52a9d43b7805a56f9f02753c959

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
last-modified: Mon, 11 Apr 2022 20:37:18 GMT
server: nginx
etag: "24fecfad93aaf5dfdec6efda79b3d1b5"
x-hw: 1649742957.cds280.lo4.hn,1649742957.cds276.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=55391
accept-ranges: bytes
content-length: 50427

GET
H2 200 0237dcbf93acdeadb81289a3a2a1de95.png
sonsoflibertymedia.com/wp-content/uploads/2022/04/ 751 KB
752 KB 400ms
192ms Image
image/png 142.93.183.185
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonsoflibertymedia.com/wp-content/uploads/2022/04/0237dcbf93acdeadb81289a3a2a1de95.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.93.183.185 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Flywheel/4.1.0 /
Resource Hash: 96800a7ff9c30b0a1d28e4553531189730086f363d7fc510d6c8961ffab2fba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 12 Apr 2022 05:55:57 GMT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
content-length: 768642
magicmarker: 1
last-modified: Mon, 11 Apr 2022 21:52:28 GMT
server: Flywheel/4.1.0
etag: "6254a31c-bba82"
x-fw-hash: soth990flu
content-type: image/png
x-fw-serve: TRUE
x-fw-type: VISIT
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 Trump-babies-Cabal.png
i2.wp.com/operationdisclosureofficial.com/wp-content/uploads/2021/01/ 38 KB
39 KB 28ms
6ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/operationdisclosureofficial.com/wp-content/uploads/2021/01/Trump-babies-Cabal.png?w=640&ssl=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6c5472b311cc5cb731d6d9ded2dc1ef1143e97e79a444dd85e58cbb199f1fe62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 12 Apr 2022 05:55:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 16:06:15 GMT
server: nginx
etag: "faf3481fc6687853"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://operationdisclosureofficial.com/wp-content/uploads/2021/01/Trump-babies-Cabal.png>; rel="canonical"
content-length: 39300
expires: Sun, 26 Feb 2023 04:06:15 GMT

GET
H3 200 download%20(1)(4).jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 36 KB
37 KB 39ms
39ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/download%20(1)(4).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

471014faf7c67e8e84460099d7d702efdf578bdca4eb275aac5cb6daf4f4812f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 192157
cf-polished: origSize=39225, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37111
last-modified: Sat, 09 Apr 2022 23:44:27 GMT
server: cloudflare
etag: "62521a5b-9939"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 09 Apr 2023 23:45:53 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b7492a5ee8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 GAME+OVER+FONT+RED.png
3.bp.blogspot.com/_VZkQtP8d_Dk/S-K-S86rSRI/AAAAAAAAAGw/iCoBuE6atDQ/s1600/ 24 KB
25 KB 36ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/_VZkQtP8d_Dk/S-K-S86rSRI/AAAAAAAAAGw/iCoBuE6atDQ/s1600/GAME+OVER+FONT+RED.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

009b70b2537a741977c37a483c7bdbe4f22acdbe518cfddeb8ca3227d9d7e013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 04:03:36 GMT
x-content-type-options: nosniff
age: 6741
content-disposition: inline;filename="GAME OVER FONT RED.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24857
x-xss-protection: 0
server: fife
etag: "v6c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 11 Apr 2022 03:34:42 GMT

GET
H3 200 OIP%20(3)(58).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 18 KB
18 KB 85ms
79ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(3)(58).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ea20734cb830a4ce3e4bc91ae7eaca73b1e95cb5b38515bb1dcfe9baed1fdf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 37224
cf-polished: origSize=19787, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18281
last-modified: Tue, 24 Aug 2021 23:22:20 GMT
server: cloudflare
etag: "61257f2c-4d4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 11 Apr 2023 01:23:03 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b7496aa7e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 P1bQd.oq1b-small-SITUATION-UPDATE-41022.jpg
sp.rmbl.ws/s8/1/P/1/b/Q/ 26 KB
27 KB 87ms
79ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/P/1/b/Q/P1bQd.oq1b-small-SITUATION-UPDATE-41022.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 88a999d61a11c97291e85461c870c5e774138a6ad3e1180c8801d87b9ab969e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
last-modified: Sun, 10 Apr 2022 21:37:14 GMT
server: nginx
etag: "0e32d88d9a7f3b95cfd0e1e32e5c6d0e"
x-hw: 1649742957.cds280.lo4.hn,1649742957.cds072.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=61491
accept-ranges: bytes
content-length: 26995

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 4 KB
5 KB 49ms
14ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQC64Oy9Bh_fy7g32aDl1ugCdhxTnZ4P2jZ6Q&usqp=CAU

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d98948799c284f9dc1ff12c90458951356e6274f205fd4e8756d2158e3329ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4494
x-xss-protection: 0
last-modified: Wed, 19 May 2021 09:41:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 12 Apr 2023 05:55:57 GMT

GET
H2 200 QIb9lik9bVIf_640x360.jpg
static-3.bitchute.com/live/cover_images/NYZMjDr6JOG3/ 28 KB
28 KB 40ms
11ms Image
image/jpeg 185.59.220.193
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/NYZMjDr6JOG3/QIb9lik9bVIf_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-601.bunnyinfra.net

Software

BunnyCDN-DE1-601 /

Resource Hash

e2bfe8391e7aa54de8ead4d07a475f416ce0a520e20403d145db64da855422f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cdn-edgestorageid: 874
x-amz-request-id: tx0000000000000027ef5c4-00625387f9-17c58732-nyc3a
cdn-cachedat: 04/11/2022 01:44:26
cdn-pullzone: 89010
content-length: 28162
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-601
last-modified: Sun, 10 Apr 2022 20:52:10 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 5dbb8a550c5934f1d2b075133b0f1193
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 R4126e9e83106f8fd2d91626bffc3a545.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 21 KB
22 KB 53ms
50ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/R4126e9e83106f8fd2d91626bffc3a545.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15b079ee71981952d6b22e562e22119491799e5d61143dba02347b92bcb81af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 81797
cf-polished: origSize=23294, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21863
last-modified: Sun, 16 May 2021 18:21:44 GMT
server: cloudflare
etag: "60a162b8-5afe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 10 Apr 2023 04:40:28 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b7494a75e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 w-1Qd.oq1b.2-small-3-Distinct-Undeniable-Stori.jpg
sp.rmbl.ws/s8/1/w/-/1/Q/ 49 KB
49 KB 77ms
50ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/w/-/1/Q/w-1Qd.oq1b.2-small-3-Distinct-Undeniable-Stori.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9bc1adb2991f3f8899fee41acedfc3fc9d9569eb328203292d9ca226dcbb5879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
last-modified: Tue, 12 Apr 2022 00:58:31 GMT
server: nginx
etag: "68ced2907f2455d6b624199187b75696"
x-hw: 1649742957.cds280.lo4.hn,1649742957.cds043.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=69672
accept-ranges: bytes
content-length: 50010

GET
H2 200 6c5l07.jpg
i.imgflip.com/ 62 KB
62 KB 60ms
29ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6c5l07.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88b56068bd0448cb937f321423af8eaf8475f8e3b2a02ee92d04086a48bd5478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cf-cache-status: HIT
age: 81152
cf-polished: origSize=63962
cf-ray: 6fa9b7498cba9957-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63309
x-amz-id-2: +SpmGqh6P/Nww779AGO/6HGT2P4/W34GVwmCvDghbE8Ezq5mdABiIf/c99nVxZ+HOyEOTebWITE=
last-modified: Mon, 11 Apr 2022 07:17:20 GMT
server: cloudflare
etag: "00c9096f51f55c6267e57474522c5f4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: S3RHS99560XMKTNK
access-control-allow-origin: *
expires: Fri, 09 Apr 2032 05:55:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 z3_Pd.cq1b.2-small-Ep.-2747b-F-Black-Sites-Are.jpg
sp.rmbl.ws/s8/1/z/3/_/P/ 55 KB
55 KB 71ms
63ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/z/3/_/P/z3_Pd.cq1b.2-small-Ep.-2747b-F-Black-Sites-Are.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3df9dc4f24d73115ccfd1cd025a550fade23dc4409066e59b524549277b573f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
last-modified: Sun, 10 Apr 2022 20:40:28 GMT
server: nginx
etag: "0b37ab7c611796c13c76181bce6bf41c"
x-hw: 1649742957.cds280.lo4.hn,1649742957.cds034.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=54544
accept-ranges: bytes
content-length: 56039

GET
H3 200 PPN%20GENE%20DECODE%20FULL.JPG
img.beforeitsnews.com/contributor/upload/819011/images/ 9 KB
10 KB 53ms
49ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/819011/images/PPN%20GENE%20DECODE%20FULL.JPG

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3567d2cc73ece41d0e203ba5c3fa05e804a687278f7331f1157e59fffb0a06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 16800
cf-polished: origSize=17914, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9605
last-modified: Tue, 12 Apr 2022 00:39:57 GMT
server: cloudflare
etag: "6254ca5d-45fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 12 Apr 2023 00:45:25 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b7494a7ce8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hwMreXzklEDM_320x180.jpg
static-3.bitchute.com/live/cover_images/NYZMjDr6JOG3/ 15 KB
16 KB 26ms
18ms Image
image/jpeg 185.59.220.193
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/NYZMjDr6JOG3/hwMreXzklEDM_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-601.bunnyinfra.net

Software

BunnyCDN-DE1-601 /

Resource Hash

1eea65c16e3fd11c5dc7363c752f3fe9d9b9e4fbd03a04d59e581a98d6f9da45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cdn-edgestorageid: 755
x-amz-request-id: tx000000000000001ac90b7-006250e75f-17c3d99e-nyc3a
cdn-cachedat: 04/09/2022 01:54:39
cdn-pullzone: 89010
content-length: 15388
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-601
last-modified: Fri, 08 Apr 2022 03:16:16 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: f6d45bece0eba6e6d0f961105433c854
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 OIP%20(3)(81).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 15 KB
15 KB 70ms
66ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(3)(81).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce628cae5a499a978e3786030f941b61fe70ae8bda2bc3f566186628775d58a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 30903
cf-polished: origSize=16493, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14931
last-modified: Fri, 15 Oct 2021 18:09:50 GMT
server: cloudflare
etag: "6169c3ee-406d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 11 Apr 2023 21:03:44 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b7494a7de8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 6bufzg.jpg
i.imgflip.com/ 82 KB
83 KB 43ms
18ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6bufzg.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a804dbe0924fff8668f93894b0ab7e1a1ce8ac79022c0f23e967cc0fac44da1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cf-cache-status: HIT
age: 340487
cf-polished: origSize=84310
cf-ray: 6fa9b7498cbe9957-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83938
x-amz-id-2: tEpJO/uhH17ZNvIgxY9p3gD9Mcikj3sZo5DZHhbBiqb41LnA0TWfLRti1I95tkihSdVEss92QVs=
last-modified: Fri, 08 Apr 2022 07:16:45 GMT
server: cloudflare
etag: "3c2a6bd836f504368ead40d4913675b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: AADJ7FN46SJB8NS0
access-control-allow-origin: *
expires: Fri, 09 Apr 2032 05:55:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 OIP%20(1)(90).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
13 KB 54ms
50ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(90).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a5def112a50a4851378065e3b8c8d5718ea46fb62bc32e04960803605e6b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2116658
cf-polished: origSize=13542, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12521
last-modified: Mon, 13 Sep 2021 00:31:55 GMT
server: cloudflare
etag: "613e9bfb-34e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 24 Feb 2023 22:37:35 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b7494a7ee8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Y19iAHMna7hH_640x360.jpg
static-3.bitchute.com/live/cover_images/d1urdmz7GL1P/ 11 KB
11 KB 17ms
15ms Image
image/jpeg 185.59.220.193
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/d1urdmz7GL1P/Y19iAHMna7hH_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-601.bunnyinfra.net

Software

BunnyCDN-DE1-601 /

Resource Hash

0ddf34576bda8e29b295f7bf54578d7c24d9332df696fd0acf903631dc13eb91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cdn-edgestorageid: 755
x-amz-request-id: tx0000000000000062b33b9-00622b98a0-14d1c90f-nyc3a
cdn-cachedat: 03/11/2022 18:44:48
cdn-pullzone: 89010
content-length: 11021
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-601
last-modified: Tue, 11 Jan 2022 21:40:45 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 6ca686a26ce4b098f8edfa6ee69e7ba6
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 virus_cell_coronavirus_covid19_1200x630-300x158.jpg
tapnewswire.com/wp-content/uploads/2022/04/ 14 KB
14 KB 1455ms
176ms Image
image/jpeg 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/uploads/2022/04/virus_cell_coronavirus_covid19_1200x630-300x158.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 , United Kingdom, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: 41db5ed8b5612ed992ddae898fdb02c713ef224276c6e6151ccdb79ae8797a05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
last-modified: Wed, 06 Apr 2022 11:13:33 GMT
server: nginx
accept-ranges: bytes
etag: "624d75dd-36bd"
content-length: 14013
content-type: image/jpeg

GET
H2 200 wLMNd.oq1b-small-SITUATION-UPDATE-4722.jpg
sp.rmbl.ws/s8/1/w/L/M/N/ 25 KB
26 KB 66ms
66ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/w/L/M/N/wLMNd.oq1b-small-SITUATION-UPDATE-4722.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: c70d1431cfc986a578b4ae5eded51cde8ff0777ff42f1b803b278a8ac0fb5fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
last-modified: Thu, 07 Apr 2022 18:29:38 GMT
server: nginx
etag: "3ae3e197d2d80c0a4d6c5f424b71c946"
x-hw: 1649742957.cds280.lo4.hn,1649742957.cds282.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=51373
accept-ranges: bytes
content-length: 26011

GET
H2 200 RESTORED.jpg
jamesredpillsamerica.com/images/ 575 KB
576 KB 110ms
35ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/RESTORED.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5786425ac74b2564fdd57fb190fe16bc253302bdfdb04621e00292f3b20bb4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95648
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 588976
last-modified: Sun, 24 Jan 2021 02:18:05 GMT
server: cloudflare
etag: "600cd8dd-8fcb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPSgTDkMdyU0SGK550f63ogJKGQQCTUZtbF%2FtUA3lBKq4iPQKx1LZOVE3txkeSJstcX3jr2WUY2wh%2B7PzY6c0ZgBHVGOkc4GWKEr2%2Frr%2FxYiyB3nziQn1BwbhWZV5PI%2BQpkZeWgHrhpJf3uKDzca9hReSoylVMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b74a18fb0e1a-MXP
expires: Tue, 11 Apr 2023 03:21:48 GMT

GET
H3 200 unnamed(88).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 46 KB
47 KB 68ms
65ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/unnamed(88).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e69fda028a323bc43dac18f4edb73a1b44081dc358350cedc92682078735517

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 64764
cf-polished: origSize=49863, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47243
last-modified: Thu, 18 Nov 2021 18:19:40 GMT
server: cloudflare
etag: "6196993c-c2c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 08 Apr 2023 01:58:35 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b7494a7fe8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 no-img.png
img.beforeitsnews.com/img/v3/ 1 KB
2 KB 67ms
64ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/no-img.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 59151
cf-polished: origFmt=png, origSize=1604
content-disposition: inline; filename="no-img.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1298
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-644"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 10 Apr 2023 14:00:17 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b7494a80e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 zLEvNGDGdckN_320x180.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 19 KB
20 KB 8ms
8ms Image
image/jpeg 185.59.220.193
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/zLEvNGDGdckN_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-601.bunnyinfra.net

Software

BunnyCDN-DE1-601 /

Resource Hash

0c3144d3b31299192150c38b9b4eb3806825d0804bafc9891c28d445c91935c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 04/11/2022 15:56:55
cdn-pullzone: 89010
content-length: 19433
x-amz-request-id: tx0000000000000008769b2-0062544fc7-17ac40a8-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-601
last-modified: Mon, 11 Apr 2022 14:45:50 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 14cd063e98f080ffb5a808c1ca610a3a
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 unnameddddddd.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 56 KB
57 KB 67ms
64ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/unnameddddddd.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0488ee06f43c2b00eb16be7cf745e9ed686e79061d5dd3dea7d54b38aa98067

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 40852
cf-polished: origSize=60496, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57609
last-modified: Fri, 28 Aug 2020 12:19:33 GMT
server: cloudflare
etag: "5f48f655-ec50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 10 Apr 2023 20:46:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b7494a81e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK download.jpg
gn-journal.com/wp-content/uploads/2022/04/ 91 KB
91 KB 330ms
87ms Image
image/jpeg 77.81.165.130
TLH-AS Pasaj SCAR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gn-journal.com/wp-content/uploads/2022/04/download.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 77.81.165.130 Bucharest, Romania, ASN59854 (TLH-AS Pasaj SCARILOR Nr 2, RO),
Reverse DNS: c3130.tlh.ro
Software: nginx /
Resource Hash: b417c5bbf48633d0f2723ed39be70059a5d4d1bb87b4a7001d0ff41ba1bcbfe0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Tue, 12 Apr 2022 05:55:59 GMT
Last-Modified: Fri, 08 Apr 2022 16:26:35 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93305
Content-Type: image/jpeg

GET
H2 200 9060941_f520.jpg
www.prepperfortress.com/wp-content/uploads/2018/04/ 26 KB
27 KB 79ms
27ms Image
image/jpeg 2606:4700:3034::ac43:8471
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prepperfortress.com/wp-content/uploads/2018/04/9060941_f520.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14fd65279cb2032703b829fe447d969ae829c5bb6a3015043067dd4c66412341

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6631
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26918
last-modified: Mon, 23 Apr 2018 15:06:33 GMT
server: cloudflare
etag: "6926-56a85621fd040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOZhr2LZj4eJU%2BlraIynIH8QFufxl2jdIZFFHoZZI0roJDUz5MUv7gFhetnEHF916JNMdG7%2FwgpRdzfdX4uB3d4h6oJeKHstayFMTXgXQHuZ3MAH9EvxLCIKX1XIm7TIgb73PuSy%2BuVPZhe11iuoXi6EzJHCzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fa9b749fac859e3-MXP

GET
H2 200 ULlvOxU0eYMW_320x180.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 16 KB
16 KB 11ms
11ms Image
image/jpeg 185.59.220.193
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ULlvOxU0eYMW_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-601.bunnyinfra.net

Software

BunnyCDN-DE1-601 /

Resource Hash

026203b28d6d1eed9cd606834d2163e38854c86fed406a899a5435f98544032d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cdn-edgestorageid: 865
age: 0
cdn-cachedat: 04/12/2022 03:38:23
cdn-pullzone: 89010
content-length: 16228
x-amz-request-id: tx00000000000000093348b-006254f42f-17ac40a8-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-601
last-modified: Tue, 12 Apr 2022 03:07:32 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: d7f973cef9b04f2187f452a15cfe4947
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 SPySIfCF0j1f_640x360.jpg
static-3.bitchute.com/live/cover_images/DS8OEwpzXyBL/ 42 KB
43 KB 12ms
12ms Image
image/jpeg 185.59.220.193
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/DS8OEwpzXyBL/SPySIfCF0j1f_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-601.bunnyinfra.net

Software

BunnyCDN-DE1-601 /

Resource Hash

a52ee0d1a6548638f3960ce300af3e03a08b73ce1d7c970d61538ea0fe207f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cdn-edgestorageid: 865
age: 0
cdn-cachedat: 04/10/2022 03:01:51
cdn-pullzone: 89010
content-length: 42982
x-amz-request-id: tx000000000000000654858-006252489d-17c413c3-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-601
last-modified: Tue, 08 Mar 2022 15:52:56 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: bda978261567789e349f37b246e84dde
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4vPJ05zOniqY_320x180.jpg
static-3.bitchute.com/live/cover_images/LaHSAbO1k83v/ 13 KB
14 KB 15ms
14ms Image
image/jpeg 185.59.220.193
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/LaHSAbO1k83v/4vPJ05zOniqY_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-601.bunnyinfra.net

Software

BunnyCDN-DE1-601 /

Resource Hash

3f6a51e72027f8fc74c6fe916e49e2d4a9822144648787cebe707bbfde1ad5e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 04/10/2022 21:25:49
cdn-pullzone: 89010
content-length: 13693
x-amz-request-id: tx000000000000000755972-0062534b5d-17af8ca8-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-601
last-modified: Sun, 10 Apr 2022 21:14:13 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: f096f597d90781afb37d7c679cc3f7a7
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 H2yPd.oq1b-small-SITUATION-UPDATE-4922.jpg
sp.rmbl.ws/s8/1/H/2/y/P/ 22 KB
22 KB 49ms
48ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/H/2/y/P/H2yPd.oq1b-small-SITUATION-UPDATE-4922.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 594adfa737f8d29bd8d488c6b089ab9ac0a3b3225fb0214babe33422170d0f8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
last-modified: Sat, 09 Apr 2022 23:56:19 GMT
server: nginx
etag: "2c4e53f55ec3499584b1791065814fd0"
x-hw: 1649742957.cds280.lo4.hn,1649742957.cds030.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=67030
accept-ranges: bytes
content-length: 22371

GET
H2 200 6atgbi.jpg
i.imgflip.com/ 62 KB
62 KB 23ms
22ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/6atgbi.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68a8fe1f631beef2ff44126e6a4ca9c5b0df5332c1d9feeb46822263ae485529

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cf-cache-status: HIT
age: 1032554
cf-polished: origSize=63843
cf-ray: 6fa9b7499ce99957-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63626
x-amz-id-2: 4nkqPfogbtw2NIELrIyfdI4CQGfIaenpb4yTJD5JUr9YblQdRvyOUaElk0QFKrKa0MERzoltrX0=
last-modified: Thu, 31 Mar 2022 07:00:11 GMT
server: cloudflare
etag: "87b6ceb894c014ebabe84d15f6965eef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 0GQN8YQYJ1NQ50JB
access-control-allow-origin: *
expires: Fri, 09 Apr 2032 05:55:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 A_Syringe0.jpg
img.beforeitsnews.com/contributor/upload/461640/images/ 21 KB
21 KB 84ms
83ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/461640/images/A_Syringe0.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2481371bfa0f684fdae04ff5e731b5eca020219ad3553e64c18eb919746d3ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 614500
cf-polished: origSize=22710, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21297
last-modified: Mon, 13 Sep 2021 21:47:57 GMT
server: cloudflare
etag: "613fc70d-58b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 01 Apr 2023 16:51:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b7494a84e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 Happy-Sunday.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 45 KB
45 KB 85ms
83ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Happy-Sunday.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f80df881f4300620113717b24686456d7bd64ead2731d5c319ac1f1fd0fff489

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 23793
cf-polished: origSize=46170, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45655
last-modified: Thu, 21 Jan 2021 16:49:28 GMT
server: cloudflare
etag: "6009b098-b45a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 Apr 2023 19:41:07 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b7494a85e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ZImQd.oq1b.1.jpg
sp.rmbl.ws/s8/6/Z/I/m/Q/ 27 KB
28 KB 49ms
48ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/Z/I/m/Q/ZImQd.oq1b.1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: e7a8a32aa53986c6aab50ca31c3c7308c2633c5d2887f731e52cd587beef3895

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
last-modified: Mon, 11 Apr 2022 03:27:39 GMT
server: nginx
etag: "a45978d954b68435580c7c348aad64bd"
x-hw: 1649742957.cds280.lo4.hn,1649742957.cds224.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=79595
accept-ranges: bytes
content-length: 28134

GET
H2 200 NlZQd.oq1b.jpg
sp.rmbl.ws/s8/6/N/l/Z/Q/ 18 KB
19 KB 49ms
48ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/N/l/Z/Q/NlZQd.oq1b.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 81f10e5e84fe916822db9b3bb732722b123aeac32da9591cce92827de54c4284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
last-modified: Tue, 12 Apr 2022 00:05:00 GMT
server: nginx
etag: "a1924b24ff82f885a435a69ed847293b"
x-hw: 1649742957.cds280.lo4.hn,1649742957.cds101.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=65404
accept-ranges: bytes
content-length: 18860

GET
H2 200 screen-shot-2022-04-11-at-7.19.16-am.png
justusaknight.files.wordpress.com/2022/04/ 370 KB
370 KB 70ms
12ms Image
image/webp 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://justusaknight.files.wordpress.com/2022/04/screen-shot-2022-04-11-at-7.19.16-am.png?w=1024

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

850e196941cfae327bbe92dc12e0e25f3366f0569ac15d20dec985559b45445b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT ams 23 np
date: Tue, 12 Apr 2022 05:55:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Apr 2022 14:28:33 GMT
server: nginx
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://justusaknight.wordpress.com
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 378686
access-control-allow-credentials: true
expires: Thu, 19 May 2022 07:54:50 GMT

GET
H3 200 DARK%20JOURNALIST%20JOSEPH%20FARRELL.JPG
img.beforeitsnews.com/contributor/upload/819011/images/ 46 KB
46 KB 85ms
84ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/819011/images/DARK%20JOURNALIST%20JOSEPH%20FARRELL.JPG

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

112bd5ab1ee2c31f855fe13dbc9167807a24fa61f01063e99a8815ee5edeeaee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1099
cf-polished: origSize=51537, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46827
last-modified: Tue, 12 Apr 2022 03:56:55 GMT
server: cloudflare
etag: "6254f887-c951"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 12 Apr 2023 03:59:50 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b7494a86e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 DR%20ARDIS%20PUBLIC%20ENEMY%201.JPG
img.beforeitsnews.com/contributor/upload/819011/images/ 45 KB
45 KB 89ms
88ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/819011/images/DR%20ARDIS%20PUBLIC%20ENEMY%201.JPG

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b508fce57aff5e612126283567d980f53d852812d09fef6de5cb8f460560f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 11049
cf-polished: origSize=48534, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45973
last-modified: Tue, 12 Apr 2022 02:02:40 GMT
server: cloudflare
etag: "6254ddc0-bd96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 12 Apr 2023 02:07:18 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b7494a87e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 U4MQd.oq1b.2-small-Ex-UN-Weapons-Inspector-Sco.jpg
sp.rmbl.ws/s8/1/U/4/M/Q/ 39 KB
39 KB 40ms
39ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/U/4/M/Q/U4MQd.oq1b.2-small-Ex-UN-Weapons-Inspector-Sco.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: bbd1d5965043d1a032fb0eecd6dda883ceb43603be6001b306cb733bf8a3d1f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
last-modified: Mon, 11 Apr 2022 18:12:34 GMT
server: nginx
etag: "cee2e79b5ad7e8a823d8a25ec94ccc06"
x-hw: 1649742957.cds280.lo4.hn,1649742957.cds236.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=44663
accept-ranges: bytes
content-length: 40070

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/w5RKNoIhE40/ 45 KB
45 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/w5RKNoIhE40/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7a5968b1287cb47bd0f02c529db80723b0ce51c3190b7f89fa9cf1bc84b0371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:53:41 GMT
x-content-type-options: nosniff
age: 136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45852
x-xss-protection: 0
server: sffe
etag: "1649674200"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 12 Apr 2022 05:58:41 GMT

GET
H3 200 prather%20point.JPG
img.beforeitsnews.com/contributor/upload/819011/images/ 40 KB
40 KB 98ms
97ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/819011/images/prather%20point.JPG

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc94f4fc5d9b80dda9e267f272590516c57a2f48045ff74f0bcc90df9f6fe258

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 11049
cf-polished: origSize=43677, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40817
last-modified: Tue, 12 Apr 2022 01:51:36 GMT
server: cloudflare
etag: "6254db28-aa9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 12 Apr 2023 01:55:03 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b7494a88e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
16 KB 90ms
90ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 594487
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 18 Mar 2023 13:09:52 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6fa9b7495a97e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame 1429 2 KB
1 KB 36ms
22ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20223125
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dfab4d0c5aaa10f4efb087ee57f2591d2e29c38ab7ad210415bd1862fa050ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2728
last-modified: Thu, 31 Mar 2022 15:11:15 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QF9PM2AEP39AYQHN
x-amz-id-2: +xD8yI97GcbkBEe9Yc7yk1chMvK8abNMp7XqmG327CFY28YK3yed1rGJzyilvXUPibIXL6XlYZY=
cf-bgj: minify
server: cloudflare
etag: W/"447f51a288b318d44154dda1ec6d2914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6fa9b7497cab9978-FRA
expires: Tue, 12 Apr 2022 08:55:57 GMT

GET
H2 200 ajs.js Show response
cdn2.customads.co/_js/ 5 KB
3 KB 70ms
7ms Script
application/javascript 2600:9000:2156:be00:18:9413:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.customads.co/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:be00:18:9413:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:14:20 GMT
via: 1.1 google, 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified: Sun, 10 Apr 2022 15:52:03 GMT
age: 21066
etag: W/"14de-180142cd251"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-encoding: gzip
x-amz-cf-id: xSdeSGQc7BB7M1cJTAGaSWcBENelQQUs13z9LdVV1Iy4p5rt6iwm5A==

GET
H3 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
43 KB 79ms
78ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 588115
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 05 Apr 2023 06:35:23 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6fa9b7496aa9e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 LARA-LOGAN-1.jpg
jamesredpillsamerica.com/images/ 1 MB
1 MB 74ms
62ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/LARA-LOGAN-1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 421ffa67a1b75367bca9af777c71989cd349d17183cb9c20ca8d976e2a6cd80d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 452928
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1257275
last-modified: Wed, 06 Apr 2022 23:10:52 GMT
server: cloudflare
etag: "624e1dfc-132f3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0JL%2BCt7IYFqGmxEsBddDTE%2Fv3cMUipIk%2Fu5xUxXHC5Wk8FGYaHu2D0FSHH%2FSZoCA%2B0FhVNr5z0%2Fy2DEbRjPM9q52Cl7D1%2FXwjGZ0J%2FP1Fz09By%2FzByjR743n3nbWMiBUbBq8u8Uj3fgzsjuBdQOE2AMdBlopFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b74a18fe0e1a-MXP
expires: Fri, 07 Apr 2023 00:07:09 GMT

GET
H2 200 679f96.jpg
i.imgflip.com/ 83 KB
83 KB 27ms
26ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/679f96.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeda1f19ef221f80fa47f884948c4cc56c932768ee79ace609e7545852bf2987

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cf-cache-status: HIT
age: 3437419
cf-polished: origSize=85434
cf-ray: 6fa9b7498cc09957-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84886
x-amz-id-2: VsDXR9uHOKFv6nrSWeTbz4NJstJBfKVKynXunMWFtR877bvuFIyHDtFUK2cjxxPVxOPVgXrCt8w=
last-modified: Thu, 03 Mar 2022 10:57:22 GMT
server: cloudflare
etag: "b3f155c001e9fbbab4e03cbdc60e02d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: P4AW3N6CXGSH1M9C
access-control-allow-origin: *
expires: Fri, 09 Apr 2032 05:55:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
53 KB 53ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68dc181689566973c3a336868aa1a8e8f6e320bb53f11dfaa1aa46aab32286fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53938
x-xss-protection: 0
server: cafe
etag: 12351778987618871730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Apr 2022 05:55:57 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
594 B 80ms
26ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9
last-modified: Mon, 11 Apr 2022 06:37:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PM3Es5jkoc32tyW9WL545oeDm8azT0oirxsrQyHw2xk2cTJ2eZPF7mqkASE0EMIisX8FbgRhdZKiral6YmwRo0tRFmcz7cLvP0zlKM5kQvFANDBbUu3mQCI%2B7sIEh0XZ0wEGEaKGhdjm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6fa9b74a79bf375f-MXP

GET
H2 200 adcode.png
rddywd.com/ 43 B
621 B 72ms
29ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69544
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqz1iTHr5E6F2XwQm3MayUcRa0RdICCHEAekZmCy87kvFE%2FCNxAUNYTiUQCHYAqLsQWrZc3nUpIZoiR632jJXVGgEabgDcDA4VR4T7bHndBXboQPnFvNIwzF8cMAs6K2onkrytqMjLCs"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6fa9b74a982c83be-MXP

GET
H2 204 generate_204
www.googleapis.com/ 0
178 B 44ms
7ms Image
text/plain 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 48ms
47ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20220327.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 458542
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 05 Apr 2023 01:18:31 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6fa9b749aacae8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 15 B
558 B 733ms
677ms XHR
text/html 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13b10170843ae661daf00334fe59d3a7e2131b214f62c76c732484057114eb64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6fa9b74a5aba59d7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15

GET
H3 200 beforeitsnews.com.720415.es6.js Show response
jsc.mgid.com/b/e/ 239 KB
71 KB 21ms
20ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c04a1d67e4819ba554cba5b79a86ad261fa2de0b0eae3bbe0cc5523d87b14130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2706
last-modified: Wed, 06 Apr 2022 13:33:08 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B5WWKZRCPTGPYFFR
x-amz-id-2: KTEwdpi/IULBiuEHZL2o3yptPWP0BeyXULgrj0z4FYnjFdrM5vQ/lH1g5bPd3uRcYuJZk+6/+JE=
cf-bgj: minify
server: cloudflare
etag: W/"82c293b4d86e9b72d350b7db462acb78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6fa9b749fd5d9978-FRA
expires: Tue, 12 Apr 2022 08:55:57 GMT

GET
H3 200 beforeitsnews.com.720413.es6.js Show response
jsc.mgid.com/b/e/ 239 KB
71 KB 36ms
35ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64bd547501d02ecc8284478d8e0b3e9a726a95a7aa4fc8781f3d4fda759f3d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 1989
last-modified: Wed, 06 Apr 2022 13:31:54 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 87H52THKBWQ3T3D0
x-amz-id-2: OeLkrxr6tppKxBGYrxWnTHU9XoI2p4QZTb8RV4mopr5e01cQt1zotdUojc1ItHizWDJIhrB61cE=
cf-bgj: minify
server: cloudflare
etag: W/"eaec1f89362550292117697dbbb38573"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6fa9b749fd5f9978-FRA
expires: Tue, 12 Apr 2022 08:55:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5926
date: Tue, 12 Apr 2022 04:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 12 Apr 2022 06:17:11 GMT

GET
H3 200 beforeitsnews.com.351459.es6.js Show response
jsc.mgid.com/b/e/ Frame 1429 238 KB
71 KB 22ms
21ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20223125
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad564c166f59b7f11fb1321424020fb0aeace18310447e7e4d3b577d57df7a40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 3158
last-modified: Wed, 06 Apr 2022 13:42:04 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: V9J3513MQJDHK9GR
x-amz-id-2: s3j2TJA3Cme256O/4v1wEtXrQaXzsLb1F0xynQhdt1msoFF/fzG0AKSzGUXvVWCn1mzRVfGzWLA=
cf-bgj: minify
server: cloudflare
etag: W/"b596905169a0919345db96d36af2fee9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6fa9b74a2d9b9978-FRA
expires: Tue, 12 Apr 2022 08:55:57 GMT

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame 9B85 19 KB
7 KB 66ms
7ms Document
text/html 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

de8561bf3c95e6a34282df3e2263974d7dfeee75bab9c42c7d4a3c59d90eb21a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src 'self' 'unsafe-eval' blob: https://.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://.doubleclick.net/ https://.googleadservices.com/ https://adservice.google.com/ https://.googlesyndication.com/ https://.ampproject.org/ https://.paypal.com/ https://platform.twitter.com 'nonce-2Y/kKrOa9RHYhgI89TqxYA=='; base-uri 'none'; report-uri /csp-report/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 20
cache-control: max-age=120
content-encoding: gzip
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src 'self' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com 'nonce-2Y/kKrOa9RHYhgI89TqxYA=='; base-uri 'none'; report-uri /csp-report/
content-type: text/html; charset=utf-8
date: Tue, 12 Apr 2022 05:55:37 GMT
expires: Tue, 12 Apr 2022 05:57:37 GMT
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-id: 5TBOH1x_hHm6ZnZKVKZl4XD_VFSFogJ7-Kc0tL_dJb18Sl96S434Yg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 8301289771671655 Show response
customads.co/lad/ Frame 5216 1 KB
2 KB 154ms
129ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Tue, 12 Apr 2022 05:55:57 GMT
via: 1.1 google

GET
H2 200 10864438442185062 Show response
customads.co/lad/ Frame 46A1 1 KB
1 KB 154ms
131ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Tue, 12 Apr 2022 05:55:57 GMT
via: 1.1 google

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/ Frame BD3D 10 KB
5 KB 44ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43965
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 17:43:12 GMT
etag: 14837630671339829333
expires: Mon, 25 Apr 2022 17:43:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en.2642d637618cae70.js Show response
s.tradingview.com/static/localization/translations/ Frame 9B85 518 KB
80 KB 7ms
7ms Script
application/javascript 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/localization/translations/en.2642d637618cae70.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

39dfc68ba0c0ac96e630e2553b84a52b699985d7889d6ff4d75f9d1ef1c493d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70132
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 11 Apr 2022 08:12:56 GMT
server: tv
etag: W/"6253e308-13d17"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: lOJXBrBP-7tz2kE_JQBg5d40jXkv6_hsa36wji7Y6O_texWNhax0ww==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.a6ea3ac7a04dff85f246.js Show response
s.tradingview.com/static/bundles/embed/ Frame 9B85 47 KB
25 KB 15ms
15ms Script
application/javascript 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/runtime.a6ea3ac7a04dff85f246.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

5d49b1823f09ea15bd92ae7c6067e799d63a65b741abf8aa334363ff8494c5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61853
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 11 Apr 2022 12:02:29 GMT
server: tv
etag: W/"625418d5-636d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: aKBVXOamPxnEpOpfePo2hPJG-QVbdggAE5nKI3frBsh5OXzPybFSoA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors_embed.e5a87639edf322b79a0c.js Show response
s.tradingview.com/static/bundles/embed/ Frame 9B85 147 KB
48 KB 7ms
6ms Script
application/javascript 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/vendors_embed.e5a87639edf322b79a0c.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

79292ca05a41222666bcef29f05c6a015e62907013534ca87dd2b2c82b15dbf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1106273
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:46 GMT
server: tv
etag: W/"624415ae-bea8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: WOFYx_NjLmdnt1C1E3xVlojimv3S8DYIYrMU8dsI6O_p2I-RNg92mQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.878893c0dcb3115e2225.js Show response
s.tradingview.com/static/bundles/embed/ Frame 9B85 295 KB
84 KB 8ms
8ms Script
application/javascript 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.878893c0dcb3115e2225.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

2e80ec01dea20c822f942ff7f9a8645117c32207f972b2fe6a1fb9edf6f230c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:02:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327232
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 08 Apr 2022 08:38:23 GMT
server: tv
etag: W/"624ff47f-14b79"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: -SuQXkI0askUPR3nCyh3-fil_xd0kUvjkDMl2dn7iwJPrxXjtfgCmw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3730.9257f8f29fa821be740b.css
s.tradingview.com/static/bundles/embed/ Frame 9B85 2 KB
1 KB 16ms
14ms Stylesheet
text/css 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/3730.9257f8f29fa821be740b.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

a84a8744a41ecc1f71092aa59cf2ba573713c61179e9ecad6e3a5da4aac7bde9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1106271
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:46 GMT
server: tv
etag: W/"624415ae-2e1"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: CxAjcnWk7DuA8LyLpQB6mMUUFh4WuJQL_Z1xb_X78bhlS_k252i7Lw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 63975.0d1fcc5f4fdd633672c7.css
s.tradingview.com/static/bundles/embed/ Frame 9B85 948 B
854 B 16ms
14ms Stylesheet
text/css 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/63975.0d1fcc5f4fdd633672c7.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

c7e58799078e5a29d5b03f677d5402d4c36edb7f2af33d6fad341cb998569ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1106272
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:45 GMT
server: tv
etag: W/"624415ad-164"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: NJ_Qi6j1Z2GvrVYnGp7-jH3k_FMcnq4iHqZhwt_oH0q05x0vAN1GWA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 50656.e7c578968176a2f9d12f.css
s.tradingview.com/static/bundles/embed/ Frame 9B85 9 KB
2 KB 16ms
14ms Stylesheet
text/css 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/50656.e7c578968176a2f9d12f.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

d79fee025b93dac74df8a60e0c1676b78b99f614e6f37fe2b1bb0de2bea3b3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1106272
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:45 GMT
server: tv
etag: W/"624415ad-58d"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: GuOz7tHT2vcbzHVHeyChipQUipNfuq2QPtFliO6AD5M3eBE-sb7hFw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 49879.721cbfb1a5d6784e3109.css
s.tradingview.com/static/bundles/embed/ Frame 9B85 2 KB
1 KB 16ms
15ms Stylesheet
text/css 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/49879.721cbfb1a5d6784e3109.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

d1b8a0fc8cd1e1cee4a88d59f5787fdd243f2fbf583f809d5c8d5028ea2b1162

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:45:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61852
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 11 Apr 2022 12:02:27 GMT
server: tv
etag: W/"625418d3-234"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: dgJ60wfA_1Losvj2TVQbGJw6U_NBxfqWVAveRH8fCc8Q9ohrtJpGkg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2795.8e18bc7354d4fe118116.css
s.tradingview.com/static/bundles/embed/ Frame 9B85 4 KB
1 KB 16ms
15ms Stylesheet
text/css 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/2795.8e18bc7354d4fe118116.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

c7266d5766f82bc006acb99f30b93d1baa16c0ec39247eccd9b7cd683f7ef9cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:45:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61852
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 11 Apr 2022 12:02:27 GMT
server: tv
etag: W/"625418d3-2da"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: WOltwImrFck_amqo3Fgh7C1zbtz054BuMBZ8Qxycr8Oek6OR-cPRdQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 96908.92f65bb7f1a45f95dd70.css
s.tradingview.com/static/bundles/embed/ Frame 9B85 1 KB
993 B 16ms
15ms Stylesheet
text/css 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/96908.92f65bb7f1a45f95dd70.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

49464ff796f9ad0ae71733bb09ca97b7a830625d69788b2fb82d389b7297a45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1106272
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:46 GMT
server: tv
etag: W/"624415ae-1ed"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: cRljxgwQSzP-cGxad_LuDodQ_dykjgAL0NfTEHRtZX7sByGOoUCaaA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 27614.57ed1f0e14de0ce7dcbb.css
s.tradingview.com/static/bundles/embed/ Frame 9B85 868 B
852 B 16ms
15ms Stylesheet
text/css 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/27614.57ed1f0e14de0ce7dcbb.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1106271
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:46 GMT
server: tv
etag: W/"624415ae-161"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: hfS1hnY6QSrtRW87flJg2eU2j-z7-I-MRXXEMDf_6FPVPHR78DYTLQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 63562.f1aaa4b56bfc5daefd58.css
s.tradingview.com/static/bundles/embed/ Frame 9B85 1 KB
844 B 16ms
16ms Stylesheet
text/css 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/63562.f1aaa4b56bfc5daefd58.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

85a3d8af7a1f1580c3d29069e046b0bc5cea5406a3015d7f2de17d76fdef8711

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1106271
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:45 GMT
server: tv
etag: W/"624415ad-157"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: al0tuA9esoiQIYlEWLLObtC8kLzFqht4dIRMl69BXlEdn6ehOcwuOw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 51803.be15964df34177eb183b.css
s.tradingview.com/static/bundles/embed/ Frame 9B85 7 KB
2 KB 16ms
16ms Stylesheet
text/css 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/51803.be15964df34177eb183b.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

358a77653047ad7c05b75d09bd99ac299045ff2721d5811ec2f4ab87437c98f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1106267
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:46 GMT
server: tv
etag: W/"624415ae-4f8"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: WJj2N67RFp4XICnHBUGPUJfNq45y03GH1u9aKmmHoacQlzwCjcPzWw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 315ms
15ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1845718235&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1122767080&gjid=1468332278&cid=1426939345.1649742957&tid=UA-16055024-1&_gid=1457577171.1649742957&_r=1&gtm=2ou460&z=1771009449

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Apr 2022 05:55:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 9B85 97 KB
38 KB 38ms
23ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.878893c0dcb3115e2225.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb5bd70a041d51ff459d93885a4e7154f39847a45eaafdee1b0d782b2cf5e0d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38435
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Apr 2022 05:55:57 GMT

GET
H2 200 85281.63e7bf3850e5300c30c6.css
s.tradingview.com/static/bundles/embed/ Frame 9B85 801 B
761 B 6ms
6ms Stylesheet
text/css 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/85281.63e7bf3850e5300c30c6.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.a6ea3ac7a04dff85f246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

21b6f7e53806831b90878a1db8cc8f9f30be536b98d75b388925c28374cbed22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1106270
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:46 GMT
server: tv
etag: W/"624415ae-107"
vary: Accept-Encoding
content-type: text/css
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: zene3KBDcZHM217lgDqILgqNQM__8CiT9wQYVC-xGpKTKD0Jc7z2OQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tradingview-copyright-data-impl.daf16313a49c23e46009.js Show response
s.tradingview.com/static/bundles/embed/ Frame 9B85 4 KB
3 KB 7ms
6ms Script
application/javascript 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.daf16313a49c23e46009.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.a6ea3ac7a04dff85f246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

tv /

Resource Hash

a0f893cdd27ad638374e84f2d6a4700d51817bfbad8c15885a40a976c201c119

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1106271
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 08:32:46 GMT
server: tv
etag: W/"624415ae-8b1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 4vIELAPWDOZRT8wQtLTOCaPO7bSgDYW5N63Sz9YKJ1VylxawRRvNew==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 5216 45 KB
17 KB 60ms
18ms Script
text/javascript 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 952
date: Tue, 12 Apr 2022 05:40:05 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Tue, 12 Apr 2022 07:40:05 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 46A1 45 KB
17 KB 66ms
24ms Script
text/javascript 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 952
date: Tue, 12 Apr 2022 05:40:05 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Tue, 12 Apr 2022 07:40:05 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 9B85 49 KB
20 KB 149ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5926
date: Tue, 12 Apr 2022 04:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 12 Apr 2022 06:17:11 GMT

GET
H2 200 s-and-p-500.svg
s3-symbol-logo.tradingview.com/indices/ Frame 9B85 2 KB
1 KB 59ms
9ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc9906ae2eb46a468151265d3cadd50e4f3fec3c9d2bd379748fef41d279b1ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:46:00 GMT
content-encoding: gzip
last-modified: Sat, 02 Apr 2022 07:42:51 GMT
server: AmazonS3
age: 597
etag: W/"d7dcef65c61349daf83b746ace461d47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: d7dcef65c61349daf83b746ace461d47
x-amz-cf-id: nFMekk48PDq3jk6XpRlpXubxo9IPe5P9eDNq5eaSfvd4QeWrYo8M5g==

GET
H2 200 meta-platforms.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 786 B
1 KB 62ms
13ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/meta-platforms.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:35:37 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Fri, 05 Nov 2021 11:07:13 GMT
server: AmazonS3
age: 1223
etag: "cafd1d7d717ad67e5dbe45b88fa3d47b"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: cafd1d7d717ad67e5dbe45b88fa3d47b
content-length: 786
x-amz-cf-id: OQH78NdKPwg3i8jndN-Xjvp7ASMu-7Hs7X3oTDqlsmiHtmMNijLAzA==

GET
H2 200 apple.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 1 KB
1 KB 59ms
10ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/apple.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:07:03 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
server: AmazonS3
age: 2946
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
x-amz-cf-id: FU97GOa_KSIKe1ofbgqwt6vw7yu0_s6BMkUEQE7MSGfJwQ6mDHvAqw==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 9B85 801 B
1 KB 59ms
10ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:47:45 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:03:52 GMT
server: AmazonS3
age: 497
etag: "107060b925841745f310697bd9f1f83d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
content-length: 801
x-amz-cf-id: Uljyahmn-SrfkfgmS9sFoi2aB-GGMv-HnQBjMUEp9TZ23efqEnGeUA==

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 9B85 523 B
921 B 62ms
14ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:44:27 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:05:18 GMT
server: AmazonS3
age: 692
etag: "4542d4ecd73f04c73affa787a4522596"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
content-length: 523
x-amz-cf-id: laI6L30E-Lezq_GVuji3nJXl9dQqcnKolIetC2hDzpWRaqP8YjjofQ==

GET
H2 200 ebay.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 1 KB
1 KB 62ms
14ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/ebay.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:41:48 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:07 GMT
server: AmazonS3
age: 903
etag: W/"10fc27643c8debeb225d244f546f3641"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: 10fc27643c8debeb225d244f546f3641
x-amz-cf-id: okVD388zIWNF7UwixZ51JttRJ56sKTgEWb_5U69L19nVcvTvPNF0RA==

GET
H2 200 nasdaq-100.svg
s3-symbol-logo.tradingview.com/indices/ Frame 9B85 1 KB
1 KB 42ms
8ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f627c7dd2a4af8ffa3d7ff2b7ce59e01539ff3e73cdf3fd8ee10f9b4ed56ca0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:34:35 GMT
content-encoding: gzip
last-modified: Sat, 02 Apr 2022 07:42:49 GMT
server: AmazonS3
age: 1287
etag: W/"2d70e9fa727864b2edac524d90d48e72"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: 2d70e9fa727864b2edac524d90d48e72
x-amz-cf-id: jq2JCjpWTJ6K8Hi_6w6NsXTXTuQ7RH5ycSqFtANPdoI1TB1-UVf1Yw==

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 9B85 3 KB
792 B 43ms
9ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:43:12 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
server: AmazonS3
age: 767
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
x-amz-cf-id: TIkyHwKqq5Ys4wPSt09phq8JC0GKdNEm8M7z9_DeeXlgVzWLVI42ZA==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 9B85 870 B
1 KB 47ms
13ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:48:38 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
server: AmazonS3
age: 444
etag: "e9173ef4613c3da43c45885ea39c4b96"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
content-length: 870
x-amz-cf-id: 8Rkav3Vrquhtt1wDEd1TosywYfeuT0uGPZiowVQw8W8TOzoE_gR7Ew==

GET
H2 200 gamestop.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 1 KB
1 KB 9ms
6ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/gamestop.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:05:25 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:53:53 GMT
server: AmazonS3
age: 3071
etag: W/"bbf56edc1acae4673f8e03ab9e3e2290"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: bbf56edc1acae4673f8e03ab9e3e2290
x-amz-cf-id: 3aliee_UkvLVVRHn3013gDOofJX_RzOVnVZoKl2IrhnAVfLbAbx6uA==

GET
H2 200 paypal.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 1 KB
1 KB 16ms
13ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/paypal.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:40:06 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:02:09 GMT
server: AmazonS3
age: 978
etag: W/"65eea60fcee5ecdfdbb1acd1ba7cc66b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: 65eea60fcee5ecdfdbb1acd1ba7cc66b
x-amz-cf-id: NXL6IVKTuSDxiEFdzR012xNnmhBzgCGqmHm7D-KwU8PGbsRME3RW4A==

GET
H2 200 united-parcel.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 1 KB
1 KB 16ms
13ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/united-parcel.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:21:21 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:56:05 GMT
server: AmazonS3
age: 2134
etag: W/"ffadcdfb231eca2a6bddb9ca0efde5be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: ffadcdfb231eca2a6bddb9ca0efde5be
x-amz-cf-id: 42EfEc8rksNqZuKzAXJa63VUXUWgsRQxLLH6EPDyrDB20ve4PyGgJQ==

GET
H2 200 fedex.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 182 B
581 B 16ms
13ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/fedex.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:40:22 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:21 GMT
server: AmazonS3
age: 1105
etag: "a4fcbd383e2f657b6528f4aa95844de5"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: a4fcbd383e2f657b6528f4aa95844de5
content-length: 182
x-amz-cf-id: Haqd9rZSN52lFq1wZ7Y6k1qycFIbfQaqMtbHlhbn_o5tXda6JYAvJw==

GET
H2 200 microsoft.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 304 B
701 B 16ms
13ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/microsoft.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:36:26 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
server: AmazonS3
age: 1201
etag: "074d127e2f9fd8c2e79c01a5f002979c"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
content-length: 304
x-amz-cf-id: sq8aWcK_y_y6bkIpXDSts8xFMaFiPbjR4YeVxK235nWPzhQqtla3zw==

GET
H2 200 tesla.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 508 B
898 B 12ms
9ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/tesla.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:33:24 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:16 GMT
server: AmazonS3
age: 1368
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
content-length: 508
x-amz-cf-id: Opv0WSD5MsmTKQxzudwOxvh2v9Hmi6U30Y9AFcnK8_S4Wk2NYS6Efw==

GET
H2 200 crispr-therapeutics-ag.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 1 KB
1 KB 16ms
14ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crispr-therapeutics-ag.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:49:07 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:03:06 GMT
server: AmazonS3
age: 1179
etag: W/"16a44c1a6154b68c7aa2fa206e59c817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: 16a44c1a6154b68c7aa2fa206e59c817
x-amz-cf-id: 83AbqNNMqTpNuQPPBzge4Ub1E5cHUiC5XYp5hpI1Zj2Lw0MSty9jNg==

GET
H2 200 amazon.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 1 KB
1 KB 18ms
16ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/amazon.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:25:18 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:49 GMT
server: AmazonS3
age: 1844
etag: W/"839d24db4574bb8543cec9624d3e1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
x-amz-cf-id: aqq02D7DtYFc8Tv3I5CHIblo8hRNWEzXG67j_L3nzG3a3vNbq6lw_Q==

GET
H2 200 twitter.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 635 B
1 KB 16ms
14ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/twitter.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:32:25 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:54:59 GMT
server: AmazonS3
age: 1422
etag: "4c66a5172a9c77ab75e140f5079218ec"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: 4c66a5172a9c77ab75e140f5079218ec
content-length: 635
x-amz-cf-id: buCuiToDBkmCuWj72-oKsqlQbVX_j4OEuslJHnTLMlhBqlkAaA1VqA==

GET
H2 200 dillards.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 522 B
920 B 18ms
16ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/dillards.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:49 GMT
server: AmazonS3
age: 320
etag: "fe0a346dd65be84d3e810b04e0ec4c77"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: fe0a346dd65be84d3e810b04e0ec4c77
content-length: 522
x-amz-cf-id: 6QiRZrFxz2QszXSUW6RJmPAaIYuy8073kuiWXZLR24Y0VB2eZHJGMw==

GET
H2 200 berkshire-hathaway.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 1 KB
1 KB 17ms
14ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/berkshire-hathaway.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:17:57 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:25 GMT
server: AmazonS3
age: 2659
etag: W/"7c18bc7ae368cb48e47ba8066bb6f18d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: 7c18bc7ae368cb48e47ba8066bb6f18d
x-amz-cf-id: lbsLqBIJkoFnxcdA9RRDgBkxJiScxmg3nvdIMMmFU_dMinm7yPZAqA==

GET
H2 200 alphabet.svg
s3-symbol-logo.tradingview.com/ Frame 9B85 761 B
1 KB 13ms
12ms Image
image/svg+xml 2600:9000:2156:6400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/alphabet.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:35:38 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:55:20 GMT
server: AmazonS3
age: 1220
etag: "d721ee9258a9e765f67ec5dfb05d72f2"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA50-C1
x-amz-meta-hash: d721ee9258a9e765f67ec5dfb05d72f2
content-length: 761
x-amz-cf-id: 5HcmDgvhP6Ez_7kiO326PjPNtYisxGyDmIAxgjcHDqvq424m0iqc5w==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 39ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16055024-1&cid=1426939345.1649742957&jid=1122767080&gjid=1468332278&_gid=1457577171.1649742957&_u=YEBAAUAAAAAAAC~&z=631408993

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 12 Apr 2022 05:55:57 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 9B85 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1527944629&t=pageview&_s=1&dl=https%3A%2F%2Fs.tradingview.com%2Fembed-widget%2Fticker-tape%2F%3Flocale%3Den&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Ticker%20Tape%20Widget&sd=24-bit&sr=1600x1200&vp=775x46&je=0&_u=YEAAAQAB~&cid=1105729733.1649742958&tid=UA-132755435-1&_gid=1105995348.1649742958&gtm=2ou460&gcs=G1-0&z=167079590

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:39:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65774
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 40ms
16ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16055024-1&cid=1426939345.1649742957&jid=1122767080&_u=YEBAAUAAAAAAAC~&z=1026679710

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Apr 2022 05:55:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 40ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16055024-1&cid=1426939345.1649742957&jid=1122767080&_u=YEBAAUAAAAAAAC~&z=1026679710

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Apr 2022 05:55:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jsDynamic-bin-rev-20220304.js Show response
beforeitsnews.com/static/js-v3/ 4 KB
2 KB 36ms
36ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20220304.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220327.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 444425
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:03 GMT
server: cloudflare
etag: W/"6240c117-105e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6fa9b74e1f84e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 11 Apr 2022 07:19:57 GMT

GET
H3 200 responsive-bin-rev-20220304.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
1 KB 32ms
31ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20220304.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220327.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 685251
cf-polished: origSize=1728
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:03 GMT
server: cloudflare
etag: W/"6240c117-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6fa9b74e1f85e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 11 Apr 2022 07:19:57 GMT

GET
H3 200 validate-bin-rev-20220304.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 33ms
32ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20220304.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220327.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 444425
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:04 GMT
server: cloudflare
etag: W/"6240c118-19fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6fa9b74e1f86e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 11 Apr 2022 07:19:57 GMT

GET
H3 200 loadmore-bin-rev-20220304.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
3 KB 47ms
46ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20220304.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220327.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 685251
cf-polished: origSize=14745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:03 GMT
server: cloudflare
etag: W/"6240c117-3999"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6fa9b74e1f87e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 11 Apr 2022 07:19:57 GMT

GET
H3 200 lazy-loading-bin-rev-20220304.js Show response
beforeitsnews.com/static/js-v3/ 124 B
653 B 34ms
34ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/lazy-loading-bin-rev-20220304.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220327.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 685251
cf-polished: origSize=173
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 19:55:03 GMT
server: cloudflare
etag: W/"6240c117-ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6fa9b74e1f89e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 11 Apr 2022 07:19:57 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 77 KB
27 KB 47ms
25ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20220327.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d325c95ca2cb6b6a6861891fb51cb25cf6fbd8b9f68da3ba636db37018d1bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showing.php Show response
a1.beforeitsnews.com/dAjax/ 123 KB
13 KB 648ms
638ms XHR
text/html 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.beforeitsnews.com/dAjax/showing.php?_=1649742957814

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b241575c8cd0ef6a20a70b6449990891da4da6109290de8a0d4c85072b19095

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private
cf-ray: 6fa9b74e7a5d59d7-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 170ms
127ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20220327.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6fa9b74ebb4883b5-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 15 Apr 2022 05:55:57 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 34ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Akn9xFSX5nA.O/d=1/rs=AN8SPfpzKDUiGQZTZ6Sla4JGiAW_MGkJOA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 12 Apr 2022 06:33:35 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Akn9xFSX5nA.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfqegR0YGVsAbVYCONEPz-5hOvtlmw/ 226 KB
77 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Akn9xFSX5nA.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfqegR0YGVsAbVYCONEPz-5hOvtlmw/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Akn9xFSX5nA.O/d=1/rs=AN8SPfpzKDUiGQZTZ6Sla4JGiAW_MGkJOA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62127c39846e7a539f9a93704e16534af10e56c0ae09cd9c107f993b9aca6819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79008
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 09:26:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 20:02:50 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
44 B 117ms
108ms Script
text/plain 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1649742957871982109355&uniqId=0da05&lct=1649203200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=6255146e-1205a&pageView=1&pvid=1801c57cd3087b6dec9&site=310742&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6fa9b74ec8659bb6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 25ms
17ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 957
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FG34RV4K6FMDV6G1
x-amz-id-2: tEFXSmgkprG5Jw7iBcEcrDj5Gfr2Arr7AwwbY8NJ5BDjB4bRL9nehzAWxlrhvKW6ZW8KK7LheRI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6fa9b74ee8ad9bb6-FRA
expires: Wed, 13 Apr 2022 05:55:57 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
904 B 21ms
13ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 1994
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FG3F0R94819AK0XK
x-amz-id-2: 7EhZ7v77SUBqZG4SmP3QHGaUmQNEvQoqbc8skzEQkltu7S81gkYpZZr/vAozukpnbKgCzFi8C08=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6fa9b74ed8a89bb6-FRA
expires: Wed, 13 Apr 2022 05:55:57 GMT

GET
H3 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 22ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 17:23:17 GMT
x-content-type-options: nosniff
age: 563560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 17:23:17 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 31ms
9ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:46:38 GMT
x-content-type-options: nosniff
age: 559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 12 Apr 2023 05:46:38 GMT

GET
H3 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 3309 18 KB
3 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Akn9xFSX5nA.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfqegR0YGVsAbVYCONEPz-5hOvtlmw/m=el_main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 12 Apr 2022 06:33:35 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
936 B 29ms
10ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:44:46 GMT
x-content-type-options: nosniff
age: 671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 12 Apr 2023 05:44:46 GMT

GET
H3 200 cleardot.gif
www.google.com/images/ 43 B
65 B 33ms
16ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Apr 2022 05:55:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/720415/ 1 KB
836 B 34ms
25ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720415/1?pv=5&cbuster=1649742957992913587273&uniqId=0da05&lct=1649203200&niet=4g&nisd=false&jsv=es6&w=370&h=330&cols=1&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=6255146e-1205a&pageView=1&pvid=1801c57cd3087b6dec9&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c98e06172634e30a4049c9ab3c316c679b7a6da3dd1b5d8ed0b6cd8b9294a675

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 6fa9b74f8a2e9bb6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/720413/ 1 KB
999 B 31ms
23ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720413/1?w=370&h=330&cols=1&pv=5&cbuster=164974295799359966577&uniqId=04721&lct=1649203200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=6255146e-1205a&pageView=0&pvid=1801c57cd3087b6dec9&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0971088e6adebc29262cf9bda1dde733624956b101f486af7d4987fa077a1b4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 6fa9b74f8a2a9bb6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 4 KB
2 KB 34ms
28ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=370&h=1095&cols=1&pv=5&cbuster=1649742957994233050295&lct=1649203200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=6255146e-1205a&pageView=0&pvid=1801c57cd3087b6dec9&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9cb7cf2a597c5c59d7aa75060254a8e3a7c77a0cd4ed0b6d16f242aef23f300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 6fa9b74f8a2b9bb6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 supportedLanguages Show response
translate-pa.googleapis.com/v1/ Frame 8CDE 14 KB
2 KB 63ms
34ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-length: 1213
x-xss-protection: 0
expires: Tue, 12 Apr 2022 05:55:58 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 56ms
36ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1454
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6fa9b74faaa659b9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 15 Apr 2022 05:55:58 GMT

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 20ms
20ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 6144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FG3990ZGHWERAW28
x-amz-id-2: ht/HtSBJKSQOrGLlvZuaYqF6dJxITEY6JGRVTTiETq6SKu/tmGxMNYvDT2MzuZYZIs4qbDqnGZk=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6fa9b74fcd379978-FRA
expires: Wed, 13 Apr 2022 05:55:58 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 16ms
16ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 7139
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FG38KV8M26FJED0H
x-amz-id-2: l3mAmuVjrUpypqS5VMdKU9TSK4C8/XeNHrmQdJJY1qaVIia26ovBa8AH+EEpwEVsS3UTtkQfoiM=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6fa9b74fcd3a9978-FRA
expires: Wed, 13 Apr 2022 05:55:58 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9iODllZjkyNzM2NDdkYWMxM...
s-img.mgid.com/g/11533331/492x328/-/ 10 KB
10 KB 43ms
18ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533331/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9iODllZjkyNzM2NDdkYWMxMDI2YzhiMWIxYjc5NDg0ZS5qcGVn.webp?v=1649742958-jTmswr5tAu7Qt3Jj1ye5f43N7AR-NJZs9Sc-huJ00g4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f614b78a18f61bd104bd2d8175650df16a6060a2e9a45c00c3510a847aeb60f2

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:23:53 GMT
x-mg-request-uuid: 8f923559-fd5b-4067-832b-00e2ac4876ee
age: 680671
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b74feba09be2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9954
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzkwOTJiNWU3Y2NkNjllMjk4ODVmNTc5ZjFjMDlkMmE1LmpwZWc.webp
s-img.mgid.com/g/4147871/492x328/30x0x1083x722/ 13 KB
14 KB 40ms
16ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4147871/492x328/30x0x1083x722/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzkwOTJiNWU3Y2NkNjllMjk4ODVmNTc5ZjFjMDlkMmE1LmpwZWc.webp?v=1649742958-551dlHw8uUsiiNy4N-xEAarHUuogOauBdOI9_w1G38g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc9301b2d9fbb7099d5d62ccd0067caea1ec5a3ffa5cfa577fedd43a440e85d7

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:26:29 GMT
x-mg-request-uuid: d0562449-8442-431e-b9c0-937a17807341
age: 3681589
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b74feba49be2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13730
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMTAxMix5XzEzNjYvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0Lzc3M...
s-img.mgid.com/g/12581125/492x277/-/ 11 KB
12 KB 40ms
23ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12581125/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMTAxMix5XzEzNjYvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0Lzc3MzU1M2U4ZjcxMTc3NmVmNDBkNjAxMTA1ZDBjZDBjLmpwZWc.webp?v=1649742958-ygBPiy6G423cy1pw0qQQE-4La1hIFLE6yIOlh384_Uw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07cd93aaf40528d8402e57fae379a7fe2ff24090292d4b425263965e73316323

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 09:36:38 GMT
x-mg-request-uuid: 947c286a-a2a8-47bb-82a7-db9fbc0b1871
age: 680926
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b74feba39be2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11492
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvNjBlMGU0MmIwMjdiYTM5N...
s-img.mgid.com/g/12068045/492x277/-/ 6 KB
7 KB 34ms
18ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12068045/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvNjBlMGU0MmIwMjdiYTM5NTViODk0NDE1Y2Q2M2IyMWUuanBlZw.webp?v=1649742958-iwz29offRM4st_irhDIprRfUQzQV6remfNy959pGVmQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8768352c16f81516a29b94a173d935723accb45d92374c785778140bbc58670

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 14:13:34 GMT
x-mg-request-uuid: bc7e4cd9-8107-4ee9-b4dc-439cdd29dd10
age: 679861
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b74feba59be2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6460
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzNkNzE5MzI2Y2FhZjA4NTQ0YmVlM2JlMDQ4NDYwOGIxLmpwZWc.webp
s-img.mgid.com/g/10881030/492x277/44x0x1078x718/ 9 KB
10 KB 33ms
17ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10881030/492x277/44x0x1078x718/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzNkNzE5MzI2Y2FhZjA4NTQ0YmVlM2JlMDQ4NDYwOGIxLmpwZWc.webp?v=1649742958-78GYoIjjuPecSvtvg_DoJlYYKMNAFMKzN2tHcifugUM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926ec79b7f094b42ffb0ca281672b644feb72f50c0dc9f023233f4a93c53cc86

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:56:24 GMT
x-mg-request-uuid: 2435d55c-39a9-40ee-9b71-550666b39912
age: 680838
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b74feba79be2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9706
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzYzYjUxYjZjMmFmYWRlMGQxNWZiOGU4ODM5M2Q4YTMxLmpwZWc.webp
s-img.mgid.com/g/6946115/492x277/0x0x1023x682/ 13 KB
13 KB 32ms
16ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6946115/492x277/0x0x1023x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzYzYjUxYjZjMmFmYWRlMGQxNWZiOGU4ODM5M2Q4YTMxLmpwZWc.webp?v=1649742958-4mytsz2aXH0iFL1wNZna4CLWJenc94143REjdxGtlPU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d86d3c71089ae9b0ce434e248437e61feab3fbc565a5f243fa79446268d160c

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:54:20 GMT
x-mg-request-uuid: cc0e2364-1a44-4b86-bc54-0911ab0d63ba
age: 680898
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa9b74feba99be2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12814
server: cloudflare

GET
H2 200 web Show response
onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/ 4 KB
2 KB 156ms
147ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be7498d143b20bc28a3664713ecd549d4d2267b3eea5b56f6e3f3a0670b83cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 25
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b9ffe017-7f92-4f3e-a722-997a616bd685
x-runtime: 0.024490
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"be7498d143b20bc28a3664713ecd549d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6fa9b7508e8d83b5-MXP
access-control-allow-headers: SDK-Version
expires: Tue, 12 Apr 2022 06:55:58 GMT

GET
H3 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 7ms
7ms Image
image/gif 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 18:00:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 42958
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 11 Apr 2023 18:00:00 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 0
102 B 124ms
115ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1649742958157680474835
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Apr 2022 05:55:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6fa9b7508c509bb6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 31AA 0
38 B 111ms
111ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=164974295820041646133
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Apr 2022 05:55:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6fa9b750ccca9bb6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 o4aTg6Rqx88 Show response
www.youtube.com/embed/ Frame 7234 61 KB
26 KB 83ms
68ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/o4aTg6Rqx88

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cb26c9bb1dafab31e58b0c587700cbbe9aff23b051afc36013d96cca21486e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Tue, 12 Apr 2022 05:55:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
rumble.com/embed/vy049k/ Frame 9831 17 KB
7 KB 325ms
111ms Document
text/html 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/vy049k/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

9625ed140623bbc59d7468187eead3e842139c5f32b90c8a5e213b8348864b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 12 Apr 2022 05:55:58 GMT
link: <https://rumble.com/v10ma9u-in-spite-of-the-law-they-keep-pushing.html>; rel="canonical"
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
vary: Accept-Encoding

GET
H3 200 04bdacd4adddceeb0f49f54eb7e40ba364dcbc0c.jpeg
beforeitsnews.com/img/i2022/04/ 15 KB
16 KB 37ms
36ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2022/04/04bdacd4adddceeb0f49f54eb7e40ba364dcbc0c.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e68cf33196c29d0ce9fe1d9dd5051bb7d6aaa6b3f10f137cf38dc1155d0f34ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 122612
cf-polished: origSize=16373, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15336
last-modified: Wed, 27 Mar 2019 21:14:29 GMT
server: cloudflare
etag: "5c9be7b5-3ff5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 01 Apr 2023 04:00:18 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6fa9b7528c0ae8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 94ffcdb0680690132d3ef97592cbc74e20387484.jpeg
beforeitsnews.com/img/i2022/04/ 16 KB
16 KB 38ms
36ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2022/04/94ffcdb0680690132d3ef97592cbc74e20387484.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c56f2323f2989f02aae3d11743ea8798eec7b75206035cacc2cdce72eafb9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 610232
cf-polished: origSize=17070, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16067
last-modified: Wed, 30 Jan 2019 00:31:53 GMT
server: cloudflare
etag: "5c50f079-42ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 01 Apr 2023 04:00:01 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6fa9b7528c0be8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 4d414e65062e5cf65657538917dbd86cddece9f2.jpg
beforeitsnews.com/img/banner_contract/ 51 KB
52 KB 35ms
33ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/4d414e65062e5cf65657538917dbd86cddece9f2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba8bc161394d0f1fd1a2117405b99c2ff97fdd2bbf274310faeeba1f4129b1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 598677
cf-polished: origSize=59870, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52616
last-modified: Mon, 01 Nov 2021 22:43:47 GMT
server: cloudflare
etag: "61806da3-e9de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 17 Mar 2023 12:53:23 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6fa9b7528c0ce8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg
beforeitsnews.com/img/banner_contract/ 46 KB
46 KB 36ms
34ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58edc25ba1976b550899f5f02fe9344f4f5fccfd573a379df3451e743f8a8c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 476203
cf-polished: origSize=51812, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46896
last-modified: Sat, 22 May 2021 12:15:55 GMT
server: cloudflare
etag: "60a8f5fb-ca64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 Apr 2023 17:06:52 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6fa9b7528c0de8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
beforeitsnews.com/img/banner_contract/ 36 KB
36 KB 38ms
37ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 598677
cf-polished: origSize=36512, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36504
last-modified: Sat, 22 May 2021 12:16:37 GMT
server: cloudflare
etag: "60a8f625-8ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 16 Mar 2023 15:37:01 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6fa9b7528c0ee8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg
beforeitsnews.com/img/banner_contract/ 81 KB
82 KB 50ms
49ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/1603bff92f39286d4d00b8a58bec693adfaa0b09.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 685251
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83236
last-modified: Fri, 04 Mar 2022 07:11:55 GMT
server: cloudflare
etag: "6221bbbb-14524"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 04 Apr 2023 07:12:12 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6fa9b7528c11e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 dcf09c8773644d031c1df11dd4352afcab7d6112.jpg
beforeitsnews.com/img/banner_contract/ 59 KB
59 KB 37ms
36ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/dcf09c8773644d031c1df11dd4352afcab7d6112.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed390e84c9cbc129328c6da9ead576f839b6fec67eb9ace1b32740f4641953a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 365233
cf-polished: origFmt=jpeg, origSize=149331
content-disposition: inline; filename="dcf09c8773644d031c1df11dd4352afcab7d6112.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60198
last-modified: Mon, 11 Oct 2021 07:26:58 GMT
server: cloudflare
etag: "6163e742-24753"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 06 Apr 2023 23:31:19 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6fa9b7528c12e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK anvload.html Show response
w3.mp.lura.live/player/prod/v3/ Frame FBAB 562 B
1 KB 112ms
20ms Document
text/html 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiMTA1MzI3NCIsImFudmFjayI6Imw1UXczZHczZG1Vam9rTVVsVTdXNllHVEJHSzJsUTlSIiwic2hhcmVMaW5rIjoiaHR0cHM6Ly93d3cuZm94MmRldHJvaXQuY29tL25ld3Mvd2F0Y2gtbGl2ZS10cnVtcC1yYWxseS1pbi13YXNoaW5ndG9uLXRvd25zaGlwIiwicGx1Z2lucyI6eyJjdXN0b21Db21zY29yZVBsdWdpbiI6eyJjMyI6IkZPWCAyIERldHJvaXQiLCJjNiI6ImZ0cyIsInNjcmlwdCI6Imh0dHBzOi8vc3RhdGljLmZveHR2LmNvbS9zdGF0aWMvb3Jpb24vc2NyaXB0cy9jb3JlL3V0aWxzL2NvbXNjb3JlL0N1c3RvbUNvbXNjb3JlUGx1Z2luLmpzIiwic2RrIjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvY29tc2NvcmUuanMiLCJjbGllbnRJZCI6IjYwNDI5MDEiLCJuc19zdF9zdCI6IldKQksiLCJ0aXRsZSI6IlRydW1wIHJhbGx5IGluIFdhc2hpbmd0b24gVG93bnNoaXAiLCJuc19zdF9jaSI6IjEwNTMyNzQifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJ3amJrIiwiYXBwX25hbWUiOiJmb3gyZGV0cm9pdC5jb20iLCJhcHBfcGxhdGZvcm0iOiJ3ZWIiLCJhcHBfdmVyc2lvbiI6IjEuMC4wIiwic2VnbWVudElkIjoidW8yWW02RVUxNmpWVXlBNUx3WlpGVW81bTllRmJmMmciLCJwbGF5ZXJVbmlxdWVJZCI6InBsYXllci1hYWYyMDYxYy04MzJlLTQ2YzQtODIxOC03MzQxZDFlZDFlMzEifSwiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS82Mzc5MDU2NC93amJrX2ZveDImZGVzY3JpcHRpb25fdXJsPVtwbGFjZWhvbGRlcl0mZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPSZ0ZmNkPTAmbnBhPTAmZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZzej0xMDAxeDEwMDEmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZjbXNpZD0yNTQxMDM3JnZpZD0xMDUzMjc0Iiwia2V5VmFsdWVzIjp7InN0eXBlIjpbIm5ld3MiXSwicHR5cGUiOiJ2aWRlby1jbGlwIiwiYyI6WyJuZXdzIiwibWkiLCJ1cyJdLCJkIjoid2ViIiwidXNfcHJpdmFjeSI6IjEtLS0ifX19fSwiaHRtbDUiOnRydWUsImZvcm1hdCI6Im0zdTgiLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUoyYVdRaU9pSXhNRFV6TWpjMElpd2lhWE56SWpvaWJEVlJkek5rZHpOa2JWVnFiMnROVld4Vk4xYzJXVWRVUWtkTE1teFJPVklpTENKbGVIQWlPakUyTkRrd09USTRNRFlzSW1saGRDSTZNVFkwT1RBNE9USXdObjAuSEdhUGh0S2Y1RlJ0aGhjN2Y3MURuN3JQU0ZiQjRjZXJzSjJKUHdQWUVKOCJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 7e4737e7c4ec7eb997104bae7f89d6f865d25e7fdba20f5237819fa5bbab6bf4

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 292
Content-Type: text/html
Date: Tue, 12 Apr 2022 05:55:58 GMT
ETag: "9d967b1f65ac81dd226533f6acb62bc3"
Last-Modified: Wed, 06 Apr 2022 11:29:20 GMT
Server: UploadServer
X-GUploader-UploadID: ADPycduwvfcuWvnxrOWF9Um23MOP2U8pZdKk1hKIOCXwyJMLDepjLJXM9Im_IsuZwNCRvMyf8zIE9c_eKGoYIkoYxxEPkDxypu6H
X-HW: 1649742958.dop215.lo4.t,1649742958.cds292.lo4.shn,1649742958.dop215.lo4.t,1649742958.cds258.lo4.c
x-goog-generation: 1649244560955352
x-goog-hash: crc32c=pxvwJg== md5=nZZ7H2Wsgd0iZTP2rLYrww==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 292

GET
H3 200 www-player.css
www.youtube.com/s/player/1e29bfc0/ Frame 7234 346 KB
46 KB 25ms
8ms Stylesheet
text/css 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1e29bfc0/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o4aTg6Rqx88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

745ceabc71fc51c9e19807a454ec780584da7f59f0f568edd02562343749c0b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/o4aTg6Rqx88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47431
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:15:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 14:57:04 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/1e29bfc0/www-embed-player.vflset/ Frame 7234 278 KB
86 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1e29bfc0/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o4aTg6Rqx88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd040a9506a3805bd492a729bc7a28a8deb8260f710329b18314b9db58208fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/o4aTg6Rqx88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87824
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:15:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 14:57:04 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/ Frame 7234 2 MB
524 KB 34ms
18ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o4aTg6Rqx88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89d58fdff13041d4c1df61f7de952d3932f3daa36ae7deaac5a6566c9ca0a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/o4aTg6Rqx88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 536308
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:15:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 14:57:04 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/1e29bfc0/fetch-polyfill.vflset/ Frame 7234 9 KB
3 KB 34ms
17ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1e29bfc0/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o4aTg6Rqx88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/o4aTg6Rqx88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:15:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 14:57:04 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7234 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o4aTg6Rqx88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 564557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 17:06:41 GMT

GET
H/1.1 200
OK anvplayer.min.js Show response
w3.mp.lura.live/player/prod/v3/90632594/scripts/ Frame FBAB 2 MB
703 KB 21ms
20ms Script
text/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiMTA1MzI3NCIsImFudmFjayI6Imw1UXczZHczZG1Vam9rTVVsVTdXNllHVEJHSzJsUTlSIiwic2hhcmVMaW5rIjoiaHR0cHM6Ly93d3cuZm94MmRldHJvaXQuY29tL25ld3Mvd2F0Y2gtbGl2ZS10cnVtcC1yYWxseS1pbi13YXNoaW5ndG9uLXRvd25zaGlwIiwicGx1Z2lucyI6eyJjdXN0b21Db21zY29yZVBsdWdpbiI6eyJjMyI6IkZPWCAyIERldHJvaXQiLCJjNiI6ImZ0cyIsInNjcmlwdCI6Imh0dHBzOi8vc3RhdGljLmZveHR2LmNvbS9zdGF0aWMvb3Jpb24vc2NyaXB0cy9jb3JlL3V0aWxzL2NvbXNjb3JlL0N1c3RvbUNvbXNjb3JlUGx1Z2luLmpzIiwic2RrIjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvY29tc2NvcmUuanMiLCJjbGllbnRJZCI6IjYwNDI5MDEiLCJuc19zdF9zdCI6IldKQksiLCJ0aXRsZSI6IlRydW1wIHJhbGx5IGluIFdhc2hpbmd0b24gVG93bnNoaXAiLCJuc19zdF9jaSI6IjEwNTMyNzQifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJ3amJrIiwiYXBwX25hbWUiOiJmb3gyZGV0cm9pdC5jb20iLCJhcHBfcGxhdGZvcm0iOiJ3ZWIiLCJhcHBfdmVyc2lvbiI6IjEuMC4wIiwic2VnbWVudElkIjoidW8yWW02RVUxNmpWVXlBNUx3WlpGVW81bTllRmJmMmciLCJwbGF5ZXJVbmlxdWVJZCI6InBsYXllci1hYWYyMDYxYy04MzJlLTQ2YzQtODIxOC03MzQxZDFlZDFlMzEifSwiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS82Mzc5MDU2NC93amJrX2ZveDImZGVzY3JpcHRpb25fdXJsPVtwbGFjZWhvbGRlcl0mZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPSZ0ZmNkPTAmbnBhPTAmZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZzej0xMDAxeDEwMDEmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZjbXNpZD0yNTQxMDM3JnZpZD0xMDUzMjc0Iiwia2V5VmFsdWVzIjp7InN0eXBlIjpbIm5ld3MiXSwicHR5cGUiOiJ2aWRlby1jbGlwIiwiYyI6WyJuZXdzIiwibWkiLCJ1cyJdLCJkIjoid2ViIiwidXNfcHJpdmFjeSI6IjEtLS0ifX19fSwiaHRtbDUiOnRydWUsImZvcm1hdCI6Im0zdTgiLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUoyYVdRaU9pSXhNRFV6TWpjMElpd2lhWE56SWpvaWJEVlJkek5rZHpOa2JWVnFiMnROVld4Vk4xYzJXVWRVUWtkTE1teFJPVklpTENKbGVIQWlPakUyTkRrd09USTRNRFlzSW1saGRDSTZNVFkwT1RBNE9USXdObjAuSEdhUGh0S2Y1RlJ0aGhjN2Y3MURuN3JQU0ZiQjRjZXJzSjJKUHdQWUVKOCJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 7feedef5ec2be919df16ee6ef2e80ecdd8b80daf012093c742829599b8d4bfe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiMTA1MzI3NCIsImFudmFjayI6Imw1UXczZHczZG1Vam9rTVVsVTdXNllHVEJHSzJsUTlSIiwic2hhcmVMaW5rIjoiaHR0cHM6Ly93d3cuZm94MmRldHJvaXQuY29tL25ld3Mvd2F0Y2gtbGl2ZS10cnVtcC1yYWxseS1pbi13YXNoaW5ndG9uLXRvd25zaGlwIiwicGx1Z2lucyI6eyJjdXN0b21Db21zY29yZVBsdWdpbiI6eyJjMyI6IkZPWCAyIERldHJvaXQiLCJjNiI6ImZ0cyIsInNjcmlwdCI6Imh0dHBzOi8vc3RhdGljLmZveHR2LmNvbS9zdGF0aWMvb3Jpb24vc2NyaXB0cy9jb3JlL3V0aWxzL2NvbXNjb3JlL0N1c3RvbUNvbXNjb3JlUGx1Z2luLmpzIiwic2RrIjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvY29tc2NvcmUuanMiLCJjbGllbnRJZCI6IjYwNDI5MDEiLCJuc19zdF9zdCI6IldKQksiLCJ0aXRsZSI6IlRydW1wIHJhbGx5IGluIFdhc2hpbmd0b24gVG93bnNoaXAiLCJuc19zdF9jaSI6IjEwNTMyNzQifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJ3amJrIiwiYXBwX25hbWUiOiJmb3gyZGV0cm9pdC5jb20iLCJhcHBfcGxhdGZvcm0iOiJ3ZWIiLCJhcHBfdmVyc2lvbiI6IjEuMC4wIiwic2VnbWVudElkIjoidW8yWW02RVUxNmpWVXlBNUx3WlpGVW81bTllRmJmMmciLCJwbGF5ZXJVbmlxdWVJZCI6InBsYXllci1hYWYyMDYxYy04MzJlLTQ2YzQtODIxOC03MzQxZDFlZDFlMzEifSwiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS82Mzc5MDU2NC93amJrX2ZveDImZGVzY3JpcHRpb25fdXJsPVtwbGFjZWhvbGRlcl0mZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPSZ0ZmNkPTAmbnBhPTAmZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZzej0xMDAxeDEwMDEmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZjbXNpZD0yNTQxMDM3JnZpZD0xMDUzMjc0Iiwia2V5VmFsdWVzIjp7InN0eXBlIjpbIm5ld3MiXSwicHR5cGUiOiJ2aWRlby1jbGlwIiwiYyI6WyJuZXdzIiwibWkiLCJ1cyJdLCJkIjoid2ViIiwidXNfcHJpdmFjeSI6IjEtLS0ifX19fSwiaHRtbDUiOnRydWUsImZvcm1hdCI6Im0zdTgiLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUoyYVdRaU9pSXhNRFV6TWpjMElpd2lhWE56SWpvaWJEVlJkek5rZHpOa2JWVnFiMnROVld4Vk4xYzJXVWRVUWtkTE1teFJPVklpTENKbGVIQWlPakUyTkRrd09USTRNRFlzSW1saGRDSTZNVFkwT1RBNE9USXdObjAuSEdhUGh0S2Y1RlJ0aGhjN2Y3MURuN3JQU0ZiQjRjZXJzSjJKUHdQWUVKOCJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=KFd+GQ==, md5=5dYgcr2A4h+PMRC6I1x0Xw==
Date: Tue, 12 Apr 2022 05:55:58 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdssVdRAQcw7kAZEkQ095LNyHVQU2zDM69IBGWzkXXZ109IX-dWTxwxZ1gsyRYwe4YvCnUJUIMCZeHGa9y1v41Wsh42dDbgj
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 718608
Last-Modified: Wed, 06 Apr 2022 11:29:18 GMT
Server: UploadServer
ETag: "e5d62072bd80e21f8f3110ba235c745f"
X-HW: 1649742958.dop215.lo4.t,1649742958.cds292.lo4.shn,1649742958.dop215.lo4.t,1649742958.cds205.lo4.c
x-goog-generation: 1649244558622767
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 718608
Accept-Ranges: bytes
Content-Type: text/javascript

GET
H/1.1 200
OK anvhtml5.css
w3.mp.lura.live/player/prod/v3/ Frame FBAB 47 KB
10 KB 54ms
19ms Stylesheet
text/css 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/anvhtml5.css
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiMTA1MzI3NCIsImFudmFjayI6Imw1UXczZHczZG1Vam9rTVVsVTdXNllHVEJHSzJsUTlSIiwic2hhcmVMaW5rIjoiaHR0cHM6Ly93d3cuZm94MmRldHJvaXQuY29tL25ld3Mvd2F0Y2gtbGl2ZS10cnVtcC1yYWxseS1pbi13YXNoaW5ndG9uLXRvd25zaGlwIiwicGx1Z2lucyI6eyJjdXN0b21Db21zY29yZVBsdWdpbiI6eyJjMyI6IkZPWCAyIERldHJvaXQiLCJjNiI6ImZ0cyIsInNjcmlwdCI6Imh0dHBzOi8vc3RhdGljLmZveHR2LmNvbS9zdGF0aWMvb3Jpb24vc2NyaXB0cy9jb3JlL3V0aWxzL2NvbXNjb3JlL0N1c3RvbUNvbXNjb3JlUGx1Z2luLmpzIiwic2RrIjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvY29tc2NvcmUuanMiLCJjbGllbnRJZCI6IjYwNDI5MDEiLCJuc19zdF9zdCI6IldKQksiLCJ0aXRsZSI6IlRydW1wIHJhbGx5IGluIFdhc2hpbmd0b24gVG93bnNoaXAiLCJuc19zdF9jaSI6IjEwNTMyNzQifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJ3amJrIiwiYXBwX25hbWUiOiJmb3gyZGV0cm9pdC5jb20iLCJhcHBfcGxhdGZvcm0iOiJ3ZWIiLCJhcHBfdmVyc2lvbiI6IjEuMC4wIiwic2VnbWVudElkIjoidW8yWW02RVUxNmpWVXlBNUx3WlpGVW81bTllRmJmMmciLCJwbGF5ZXJVbmlxdWVJZCI6InBsYXllci1hYWYyMDYxYy04MzJlLTQ2YzQtODIxOC03MzQxZDFlZDFlMzEifSwiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS82Mzc5MDU2NC93amJrX2ZveDImZGVzY3JpcHRpb25fdXJsPVtwbGFjZWhvbGRlcl0mZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPSZ0ZmNkPTAmbnBhPTAmZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZzej0xMDAxeDEwMDEmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZjbXNpZD0yNTQxMDM3JnZpZD0xMDUzMjc0Iiwia2V5VmFsdWVzIjp7InN0eXBlIjpbIm5ld3MiXSwicHR5cGUiOiJ2aWRlby1jbGlwIiwiYyI6WyJuZXdzIiwibWkiLCJ1cyJdLCJkIjoid2ViIiwidXNfcHJpdmFjeSI6IjEtLS0ifX19fSwiaHRtbDUiOnRydWUsImZvcm1hdCI6Im0zdTgiLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUoyYVdRaU9pSXhNRFV6TWpjMElpd2lhWE56SWpvaWJEVlJkek5rZHpOa2JWVnFiMnROVld4Vk4xYzJXVWRVUWtkTE1teFJPVklpTENKbGVIQWlPakUyTkRrd09USTRNRFlzSW1saGRDSTZNVFkwT1RBNE9USXdObjAuSEdhUGh0S2Y1RlJ0aGhjN2Y3MURuN3JQU0ZiQjRjZXJzSjJKUHdQWUVKOCJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 7bd643bb9b42175959a170232380d03397a1d4b2c1be6753e07702830f7f7dd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiMTA1MzI3NCIsImFudmFjayI6Imw1UXczZHczZG1Vam9rTVVsVTdXNllHVEJHSzJsUTlSIiwic2hhcmVMaW5rIjoiaHR0cHM6Ly93d3cuZm94MmRldHJvaXQuY29tL25ld3Mvd2F0Y2gtbGl2ZS10cnVtcC1yYWxseS1pbi13YXNoaW5ndG9uLXRvd25zaGlwIiwicGx1Z2lucyI6eyJjdXN0b21Db21zY29yZVBsdWdpbiI6eyJjMyI6IkZPWCAyIERldHJvaXQiLCJjNiI6ImZ0cyIsInNjcmlwdCI6Imh0dHBzOi8vc3RhdGljLmZveHR2LmNvbS9zdGF0aWMvb3Jpb24vc2NyaXB0cy9jb3JlL3V0aWxzL2NvbXNjb3JlL0N1c3RvbUNvbXNjb3JlUGx1Z2luLmpzIiwic2RrIjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvY29tc2NvcmUuanMiLCJjbGllbnRJZCI6IjYwNDI5MDEiLCJuc19zdF9zdCI6IldKQksiLCJ0aXRsZSI6IlRydW1wIHJhbGx5IGluIFdhc2hpbmd0b24gVG93bnNoaXAiLCJuc19zdF9jaSI6IjEwNTMyNzQifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJ3amJrIiwiYXBwX25hbWUiOiJmb3gyZGV0cm9pdC5jb20iLCJhcHBfcGxhdGZvcm0iOiJ3ZWIiLCJhcHBfdmVyc2lvbiI6IjEuMC4wIiwic2VnbWVudElkIjoidW8yWW02RVUxNmpWVXlBNUx3WlpGVW81bTllRmJmMmciLCJwbGF5ZXJVbmlxdWVJZCI6InBsYXllci1hYWYyMDYxYy04MzJlLTQ2YzQtODIxOC03MzQxZDFlZDFlMzEifSwiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS82Mzc5MDU2NC93amJrX2ZveDImZGVzY3JpcHRpb25fdXJsPVtwbGFjZWhvbGRlcl0mZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPSZ0ZmNkPTAmbnBhPTAmZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZzej0xMDAxeDEwMDEmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZjbXNpZD0yNTQxMDM3JnZpZD0xMDUzMjc0Iiwia2V5VmFsdWVzIjp7InN0eXBlIjpbIm5ld3MiXSwicHR5cGUiOiJ2aWRlby1jbGlwIiwiYyI6WyJuZXdzIiwibWkiLCJ1cyJdLCJkIjoid2ViIiwidXNfcHJpdmFjeSI6IjEtLS0ifX19fSwiaHRtbDUiOnRydWUsImZvcm1hdCI6Im0zdTgiLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUoyYVdRaU9pSXhNRFV6TWpjMElpd2lhWE56SWpvaWJEVlJkek5rZHpOa2JWVnFiMnROVld4Vk4xYzJXVWRVUWtkTE1teFJPVklpTENKbGVIQWlPakUyTkRrd09USTRNRFlzSW1saGRDSTZNVFkwT1RBNE9USXdObjAuSEdhUGh0S2Y1RlJ0aGhjN2Y3MURuN3JQU0ZiQjRjZXJzSjJKUHdQWUVKOCJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=AzRjdQ==, md5=WbMLtBgSa7E0paNazEVRGw==
Date: Tue, 12 Apr 2022 05:55:58 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdvJL7nt_WxZbtb3Bzrm6eXPvwoomEZnUl8XCEJIhFxPhYptdmAsPpg1arOs2siVxB3uUjfsaoOSM1Jt0ZdNS96MJ18eZTP4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 9178
Last-Modified: Wed, 23 Mar 2022 11:25:58 GMT
Server: UploadServer
ETag: "59b30bb418126bb134a5a35acc45511b"
X-HW: 1649742958.dop009.lo4.shc,1649742958.dop009.lo4.t,1649742958.cds063.lo4.c
x-goog-generation: 1648034758554580
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 9178
Accept-Ranges: bytes
Content-Type: text/css

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 24ms
23ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1640
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 6fa9b753ba2659b9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 12 May 2022 05:55:58 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 7234
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

16ms
15ms

XHR
application/json

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o4aTg6Rqx88

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1632715ef332ce390b04320ecf6b822e056e8cc813075e747afec3b5fb097c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Apr 2022 05:55:58 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 7234 29 B
588 B 28ms
6ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:44:42 GMT
x-content-type-options: nosniff
age: 676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Apr 2022 05:59:42 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 38ms
14ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 12 Apr 2022 05:55:58 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7234 45 KB
22 KB 35ms
19ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7cf6db00237ac7369206dca94840e45d9edb67aeca792fb1bf564e87a879659d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22389
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/ Frame 7234 118 KB
37 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a438c03a8281036c5669b91c1ce9c99a80ea3f1554b86387fc7e6b628b168ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/o4aTg6Rqx88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37640
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:15:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 14:57:04 GMT

GET
H3 200 X4M1xYlOt0vHAadVOaVB3KGXK1uoSDukxBS7d6ULwgc.js Show response
www.google.com/js/th/ Frame 7234 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/X4M1xYlOt0vHAadVOaVB3KGXK1uoSDukxBS7d6ULwgc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f8335c5894eb74bc701a75539a541dca1972b5ba8483ba4c414bb77a50bc207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 12:07:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 496132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 13:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 12:07:06 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/ Frame 7234 27 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2599a1d88ac7b6beab2d4b6f1ba3480b94ce5bd1413350e3d88e8ad5d9d1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/o4aTg6Rqx88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8164
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:15:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 14:57:04 GMT

GET
DATA 200
OK truncated
/ Frame 7234 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQw6KbEYJ4_a7X1svR2JAdf6gw51PI40xVc3_PL=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 7234 5 KB
5 KB 30ms
8ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQw6KbEYJ4_a7X1svR2JAdf6gw51PI40xVc3_PL=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o4aTg6Rqx88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

60c75dbd33a76d3b77c123860edb584370828f1b45e6f27deece8145799c9bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 03:01:01 GMT
x-content-type-options: nosniff
age: 10497
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4765
x-xss-protection: 0
server: fife
etag: "v1c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 13:40:35 GMT

GET
H3 200 hqdefault.jpg
i.ytimg.com/vi/o4aTg6Rqx88/ Frame 7234 23 KB
23 KB 24ms
7ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/o4aTg6Rqx88/hqdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o4aTg6Rqx88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cd78527f81d0cec4287991d7eb5effda48047f624af9914aa0d6125cf729572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:41 GMT
x-content-type-options: nosniff
age: 17
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23359
x-xss-protection: 0
server: sffe
etag: "1649724635"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 12 Apr 2022 06:00:41 GMT

GET
H2 200 l5Qw3dw3dmUjokMUlU7W6YGTBGK2lQ9R Show response
access.mp.lura.live/anvacks/ Frame FBAB 888 B
1 KB 375ms
114ms XHR
application/json 35.224.142.165
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://access.mp.lura.live/anvacks/l5Qw3dw3dmUjokMUlU7W6YGTBGK2lQ9R?apikey=3hwbSuqqT690uxjNYBktSQpa5ZrpYYR0Iofx7NcJHyA
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.224.142.165 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 165.142.224.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 3114fc33f2736ee0b0157d2234740e587f03616ee1b924212677467e93d614c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://w3.mp.lura.live
date: Tue, 12 Apr 2022 05:55:59 GMT
access-control-allow-credentials: true
server: istio-envoy
x-envoy-upstream-service-time: 1
content-length: 888
content-type: application/json

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame 9831 69 KB
25 KB 106ms
106ms Script
application/javascript 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=308

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vy049k/?pub=hw409

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

eb0b44522322e3379c9c3519c63813eab096880b9860a50a17712c5f085580e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/vy049k/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
content-encoding: br
last-modified: Thu, 30 Dec 2021 22:19:53 GMT
server: nginx
etag: W/"61ce3089-11246"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 cgOQd.OvCc-small-In-Spite-of-the-Law-They-Ke.jpg
sp.rmbl.ws/s8/1/c/g/O/Q/ Frame 9831 59 KB
59 KB 20ms
20ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/c/g/O/Q/cgOQd.OvCc-small-In-Spite-of-the-Law-They-Ke.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vy049k/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 53480910be5956cc20cf1675d6a28d405b806f9f4d09125a6870410809323997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
last-modified: Mon, 11 Apr 2022 18:47:11 GMT
server: nginx
etag: "7b3545bf5a75bf1f3784ceccaabef69d"
x-hw: 1649742958.cds280.lo4.hn,1649742958.cds038.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=47135
accept-ranges: bytes
content-length: 60671

GET
H2 206 cgOQd.caa.rec.mp4
sp.rmbl.ws/s8/2/c/g/O/Q/ Frame 9831 6 MB
0 21ms
21ms Media
video/mp4 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/c/g/O/Q/cgOQd.caa.rec.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vy049k/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://rumble.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 12 Apr 2022 05:55:58 GMT
last-modified: Mon, 11 Apr 2022 20:58:43 GMT
server: nginx
access-control-allow-origin: *
etag: "8c1455fe9f1ff17182586a30926a44cf-69"
x-hw: 1649742958.cds280.lo4.hn,1649742958.cds089.lo4.c
content-type: video/mp4
Content-Range: bytes 0-361044784/361044785
cache-control: max-age=54215
accept-ranges: bytes
Content-Length: 361044785

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 7234 4 KB
2 KB 165ms
149ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Apr 2022 05:55:59 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 7234 0
9 B 9ms
8ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Uc3y8w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/o4aTg6Rqx88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 9831 49 KB
20 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5928
date: Tue, 12 Apr 2022 04:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 12 Apr 2022 06:17:11 GMT

POST
H2 200 view...y049k.1yhhuln
rumble.com/l/ Frame 9831 35 B
191 B 101ms
101ms Ping
image/gif 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...y049k.1yhhuln?p=2.3&r=97121479&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=308

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/vy049k/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 12 Apr 2022 05:55:59 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7234 98 B
142 B 64ms
64ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a5f5d90f9f495e879a6dcb40ac5770c9227b306174cacf02b326f1742b510a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 12 Apr 2022 05:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
15ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 12 Apr 2022 05:55:59 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 9831 4 B
24 B 33ms
33ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1949365666&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.vy049k%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=In%20Spite%20of%20the%20Law%2C%20They%20Keep%20Pushing%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&_u=YEBAAEABAAAAAC~&jid=1475420047&gjid=301045604&cid=1238067560.1649742959&tid=UA-44331619-1&_gid=1817195247.1649742959&_r=1&_slc=1&z=227540519

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Apr 2022 05:55:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 9831 35 B
55 B 10ms
10ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1949365666&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.vy049k%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=In%20Spite%20of%20the%20Law%2C%20They%20Keep%20Pushing%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&ec=Embed&ea=View&el=vy049k&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1238067560.1649742959&tid=UA-44331619-1&_gid=1817195247.1649742959&z=579965150

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vy049k/?pub=hw409

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:39:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65776
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/ 44 B
575 B 185ms
130ms Fetch
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 06da4ca3-f921-4a1c-9554-6ff0c073fa56
x-runtime: 0.014576
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e51140cdcd044ad76335646936ec5319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6fa9b756c9185a07-MXP
access-control-allow-headers: SDK-Version

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/100/ Frame 7234 52 KB
15 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/100/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15463
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 16:04:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 12 Apr 2022 10:54:13 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 9831 4 B
25 B 32ms
31ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-44331619-1&cid=1238067560.1649742959&jid=1475420047&gjid=301045604&_gid=1817195247.1649742959&_u=YEBAAEAAAAAAAC~&z=74476421

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 12 Apr 2022 05:55:59 GMT
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 9831 42 B
63 B 20ms
19ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44331619-1&cid=1238067560.1649742959&jid=1475420047&_u=YEBAAEAAAAAAAC~&z=2063196126

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Apr 2022 05:55:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame 9831 42 B
107 B 321ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44331619-1&cid=1238067560.1649742959&jid=1475420047&_u=YEBAAEAAAAAAAC~&z=2063196126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Apr 2022 05:55:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 server_time Show response
tkx.mp.lura.live/rest/v2/ Frame FBAB 28 B
216 B 372ms
125ms XHR
application/json 35.209.67.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tkx.mp.lura.live/rest/v2/server_time?anvack=l5Qw3dw3dmUjokMUlU7W6YGTBGK2lQ9R&anvtrid=w90632594b6dd0461f95a9b78cc529af1
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.67.224 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.67.209.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 59fb517fd0452c9bcdcf43a645b0de5b1ba8e2a75a13dc36d6c4632cdd6056d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:59 GMT
via: 1.1 google
server: istio-envoy
content-type: application/json
access-control-allow-origin: https://w3.mp.lura.live
access-control-allow-credentials: true
x-onetkx-ver: ~~~~
x-envoy-upstream-service-time: 3
alt-svc: clear

GET
H3 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
2 KB 39ms
39ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:59 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 79967
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 07 Apr 2023 08:23:22 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6fa9b7579904e8eb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FBAB 374 KB
125 KB 51ms
23ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e56b7e66a75203914f5f0cb9cf1c4e95c065f101ace2189cc31de2da60f61e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127633
x-xss-protection: 0
expires: Tue, 12 Apr 2022 05:55:59 GMT

POST
H2 200 1053274 Show response
tkx.mp.lura.live/rest/v2/mcp/video/ Frame FBAB 13 KB
14 KB 144ms
143ms XHR
application/x-javascript 35.209.67.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tkx.mp.lura.live/rest/v2/mcp/video/1053274?anvack=l5Qw3dw3dmUjokMUlU7W6YGTBGK2lQ9R&anvtrid=w9063259487f65b456d06120c28073bbc&rtyp=fp&X-Anvato-Adst-Auth=1oe07%2BfXIVcSkFdCTF4gYpGsthDCADz0%2FMF1who%2Bjb0H1vJe8d5MeZlo%2FFJCPXLVqUD9TDohxsPffvK09PQHNw%3D%3D
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.67.224 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.67.209.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: a4e5a136a99bfc631b62434a1d8c2210166c491a826a3750714a32b65abf7908

Request headers

Referer: https://w3.mp.lura.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 12 Apr 2022 05:55:59 GMT
via: 1.1 google
server: istio-envoy
content-type: application/x-javascript
access-control-allow-origin: https://w3.mp.lura.live
access-control-allow-credentials: true
x-onetkx-ver: ~~~~
x-envoy-upstream-service-time: 20
alt-svc: clear

GET
H2 200 master.m3u8 Show response
dcs-vod.mp.lura.live/vod/p/ Frame FBAB 332 B
491 B 132ms
107ms XHR
application/json 35.244.172.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-vod.mp.lura.live/vod/p/master.m3u8?encp=Vno0mem-aEiRptxJqt6A0Q:HCIDBjeM_DMzk6wxyHk7ZwM1u1hJmEtgUzq9bPQcA34Z8A9pSGZW2RbHZNh87wE7tud0DOFovTM0DUE1FLtoPU6ktaepBlcP08a7IN9iqxbDU_ctQE7O3xkJq6zyfVjCG3ezF0XX9QqRuPk9jLac-rHx38Bsv05WwvLNAxsKj11EE8YzgQaTvAG8B1Rx3EtR-I0xV_V2Fn2cKOv4JDlEr5R6n4umqBIgG8TsUydZ0CQoNWaFZ6v5amwMuReCi8m9lALeB_Z6_h-6DpUqreiQ1KmoR_6E8wuufI-QiT03uTg9IN4YxEhtkNTYu30kLCmQ6sjLtq8tihGzXFPM9SbaxE9IRFo_6UtkAfnfHT4RYKobL0ohvA7dCjXyKrw67Yop&anvtrid=59b9e86224198c8f0926c57bb99fe82b&anvauth=tb=0~te=1649743049~sgn=6898637b913b4d2ed4d38a0ac9ab79eacdc043d22a0b1ff79bf0fe7b2a3a4952&t=1649742959&_vpng=0
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.172.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 227.172.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d6156fc16bcbace2a42f7eea42d10b10d782db90cc33177cbba4f1ac99996602

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:55:59 GMT
content-encoding: gzip
content-type: application/json
server: nginx
access-control-allow-origin: https://w3.mp.lura.live
x-anv-ver: ~~
vary: Accept-Encoding
vmap-check-d-tracking: 0
vmap-check-t-tracking: 0
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-anv-auth-status: valid
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK anvatoextension.js Show response
w3.mp.lura.live/player/prod/v3/90632594/lib/ Frame FBAB 288 B
1009 B 22ms
22ms Script
text/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/90632594/lib/anvatoextension.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: b510a882c697c69a11442c364a3e878dd12729f27c01c3b8054c643456034932

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiRVBGT1giLCJ2IjoiMTA1MzI3NCIsImFudmFjayI6Imw1UXczZHczZG1Vam9rTVVsVTdXNllHVEJHSzJsUTlSIiwic2hhcmVMaW5rIjoiaHR0cHM6Ly93d3cuZm94MmRldHJvaXQuY29tL25ld3Mvd2F0Y2gtbGl2ZS10cnVtcC1yYWxseS1pbi13YXNoaW5ndG9uLXRvd25zaGlwIiwicGx1Z2lucyI6eyJjdXN0b21Db21zY29yZVBsdWdpbiI6eyJjMyI6IkZPWCAyIERldHJvaXQiLCJjNiI6ImZ0cyIsInNjcmlwdCI6Imh0dHBzOi8vc3RhdGljLmZveHR2LmNvbS9zdGF0aWMvb3Jpb24vc2NyaXB0cy9jb3JlL3V0aWxzL2NvbXNjb3JlL0N1c3RvbUNvbXNjb3JlUGx1Z2luLmpzIiwic2RrIjoiaHR0cHM6Ly9zdGF0aWMuZm94dHYuY29tL3N0YXRpYy9vcmlvbi9zY3JpcHRzL2NvcmUvdXRpbHMvY29tc2NvcmUvY29tc2NvcmUuanMiLCJjbGllbnRJZCI6IjYwNDI5MDEiLCJuc19zdF9zdCI6IldKQksiLCJ0aXRsZSI6IlRydW1wIHJhbGx5IGluIFdhc2hpbmd0b24gVG93bnNoaXAiLCJuc19zdF9jaSI6IjEwNTMyNzQifSwiY3VzdG9tU2VnbWVudFBsdWdpbiI6eyJzY3JpcHQiOiJodHRwczovL3N0YXRpYy5mb3h0di5jb20vc3RhdGljL29yaW9uL3NjcmlwdHMvY29yZS91dGlscy9DdXN0b21TZWdtZW50UGx1Z2luLmpzIiwicHJpbWFyeV9idXNpbmVzc191bml0IjoiZnRzIiwic2Vjb25kYXJ5X2J1c2luZXNzX3VuaXQiOiJ3amJrIiwiYXBwX25hbWUiOiJmb3gyZGV0cm9pdC5jb20iLCJhcHBfcGxhdGZvcm0iOiJ3ZWIiLCJhcHBfdmVyc2lvbiI6IjEuMC4wIiwic2VnbWVudElkIjoidW8yWW02RVUxNmpWVXlBNUx3WlpGVW81bTllRmJmMmciLCJwbGF5ZXJVbmlxdWVJZCI6InBsYXllci1hYWYyMDYxYy04MzJlLTQ2YzQtODIxOC03MzQxZDFlZDFlMzEifSwiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS82Mzc5MDU2NC93amJrX2ZveDImZGVzY3JpcHRpb25fdXJsPVtwbGFjZWhvbGRlcl0mZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPSZ0ZmNkPTAmbnBhPTAmZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZzej0xMDAxeDEwMDEmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZjbXNpZD0yNTQxMDM3JnZpZD0xMDUzMjc0Iiwia2V5VmFsdWVzIjp7InN0eXBlIjpbIm5ld3MiXSwicHR5cGUiOiJ2aWRlby1jbGlwIiwiYyI6WyJuZXdzIiwibWkiLCJ1cyJdLCJkIjoid2ViIiwidXNfcHJpdmFjeSI6IjEtLS0ifX19fSwiaHRtbDUiOnRydWUsImZvcm1hdCI6Im0zdTgiLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUoyYVdRaU9pSXhNRFV6TWpjMElpd2lhWE56SWpvaWJEVlJkek5rZHpOa2JWVnFiMnROVld4Vk4xYzJXVWRVUWtkTE1teFJPVklpTENKbGVIQWlPakUyTkRrd09USTRNRFlzSW1saGRDSTZNVFkwT1RBNE9USXdObjAuSEdhUGh0S2Y1RlJ0aGhjN2Y3MURuN3JQU0ZiQjRjZXJzSjJKUHdQWUVKOCJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=GsSnlg==, md5=iK4RmR1W/ZkNQKV+NmfhEw==
Date: Tue, 12 Apr 2022 05:56:00 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdv1xCjc5aZtq1DYQSsa210MwUxw-Zrx91yvJz8sEMqMucjSacwrB1DaLYJaUPuXeH2nYXMoBFM7nuRwWSMqbrJIiTXCNZcj
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 195
Last-Modified: Wed, 06 Apr 2022 11:29:09 GMT
Server: UploadServer
ETag: "88ae11991d56fd990d40a57e3667e113"
X-HW: 1649742958.dop215.lo4.t,1649742958.cds292.lo4.shn,1649742959.dop215.lo4.t,1649742959.cds060.lo4.c
x-goog-generation: 1649244549556975
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 195
Accept-Ranges: bytes
Content-Type: text/javascript

GET
H3 200 bridge3.509.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame FCA8 632 KB
205 KB 35ms
8ms Document
text/html 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d78fa11d49d6f5896519ee387440209a4ad363f68a816146c03b732b3fd45809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://w3.mp.lura.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 99780
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209648
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 02:13:00 GMT
expires: Tue, 11 Apr 2023 02:13:00 GMT
last-modified: Mon, 04 Apr 2022 21:52:50 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FBAB 44 KB
17 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Apr 2022 05:56:00 GMT

GET
DATA 200
OK truncated
/ Frame FBAB 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame FBAB 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 993c58ad3f0e7d5344de2eb67b12ea9b747a6200c990b88e0b7922a211966bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 398F15ACDA3B2A0AD8B7BABA54A9E5C1.jpg
m107833-mcdn.mp.lura.live/iupl/398/F15/ Frame FBAB 132 KB
133 KB 34ms
8ms Image
image/jpeg 34.117.147.45
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m107833-mcdn.mp.lura.live/iupl/398/F15/398F15ACDA3B2A0AD8B7BABA54A9E5C1.jpg?Expires=1649746559&KeyName=mcpkey1&Signature=77SuWNKheyjdS63sb4-kBLw9-us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.147.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.147.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 88849077748f50e5f7d546d975571053b7a23bfd7c1908bfa8dd268bc0e07a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:50:41 GMT
age: 319
x-guploader-uploadid: ADPycds-_rxey3Vb7O2wRAYuMKi_BunyAltIJnzs7WCMpA16IqzSIL0fE8yKqDayiYF3cIGJcaQIH8UN8UY1aiRILGolWg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135116
last-modified: Sun, 03 Apr 2022 01:24:56 GMT
server: UploadServer
etag: "a87622bd60bd9a98f2796b8a48e29d44"
x-goog-hash: crc32c=8ZE6Rg==, md5=qHYivWC9mpjyeWuKSOKdRA==
x-goog-generation: 1648949096690460
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 135116
accept-ranges: bytes
content-type: image/jpeg

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CEC9 37 KB
13 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 12 Apr 2022 06:43:45 GMT

GET
H2 200 CustomComscorePlugin.js Show response
static.foxtv.com/static/orion/scripts/core/utils/comscore/ Frame FBAB 6 KB
2 KB 63ms
9ms Script
text/javascript 2a02:26f0:ef::5c7b:c2ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.foxtv.com/static/orion/scripts/core/utils/comscore/CustomComscorePlugin.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2ba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39d5529c99e122941f803afe8832aa07ab116119cfc87f4574dce2fd9e5086b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:56:00 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 15:29:13 GMT
server: AmazonS3
x-amz-request-id: AN8AFADZC9RVNZPZ
etag: "1ed7a20263f017f09565e95f6681b71e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=182148
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 1870
x-amz-id-2: Zl0AL8WgY/g1tOfH+a/BKjD1T9u3PdYt/MtIveIsae5nxrZLrpuKlOBGZzStjmnJkkSptTEMTkc=
expires: Thu, 14 Apr 2022 08:31:48 GMT

GET
H3 200 398F15ACDA3B2A0AD8B7BABA54A9E5C1.jpg
m107833-mcdn.mp.lura.live/iupl/398/F15/ Frame FBAB 132 KB
132 KB 18ms
8ms Image
image/jpeg 34.117.147.45
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m107833-mcdn.mp.lura.live/iupl/398/F15/398F15ACDA3B2A0AD8B7BABA54A9E5C1.jpg?Expires=1649746559&KeyName=mcpkey1&Signature=77SuWNKheyjdS63sb4-kBLw9-us
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.147.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.147.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 88849077748f50e5f7d546d975571053b7a23bfd7c1908bfa8dd268bc0e07a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:50:41 GMT
age: 319
x-guploader-uploadid: ADPycds-_rxey3Vb7O2wRAYuMKi_BunyAltIJnzs7WCMpA16IqzSIL0fE8yKqDayiYF3cIGJcaQIH8UN8UY1aiRILGolWg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135116
last-modified: Sun, 03 Apr 2022 01:24:56 GMT
server: UploadServer
etag: "a87622bd60bd9a98f2796b8a48e29d44"
x-goog-hash: crc32c=8ZE6Rg==, md5=qHYivWC9mpjyeWuKSOKdRA==
x-goog-generation: 1648949096690460
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 135116
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 CustomSegmentPlugin.js Show response
static.foxtv.com/static/orion/scripts/core/utils/ Frame FBAB 19 KB
5 KB 10ms
9ms Script
text/javascript 2a02:26f0:ef::5c7b:c2ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.foxtv.com/static/orion/scripts/core/utils/CustomSegmentPlugin.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2ba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a85f13107d6d16140d0f04b0f906426fe7c9f933b3fe5bd65564118720460ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:56:00 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 15:29:06 GMT
server: AmazonS3
x-amz-request-id: 95JPDR5C3JHVQHH5
etag: "dd188f5e51ab8e7a0d2f26415b537458"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=120890
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 4755
x-amz-id-2: NBzegoOj5slLEncKvf8d92GwfFNIO1VHJcYDe9CgXMg1rHEOF8Q5NfqUPoKd4g+eahMMzrKQf+M=
expires: Wed, 13 Apr 2022 15:30:50 GMT

GET
H2 200 comscore.js Show response
static.foxtv.com/static/orion/scripts/core/utils/comscore/ Frame FBAB 168 KB
49 KB 15ms
15ms Script
text/javascript 2a02:26f0:ef::5c7b:c2ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.foxtv.com/static/orion/scripts/core/utils/comscore/comscore.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/90632594/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2ba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2aa05ae825bcb3519f2d7838b7cfe1038d934d891beef9c3907b53421445809

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:56:00 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 15:29:18 GMT
server: AmazonS3
x-amz-request-id: G4R3Q744J5J3CGXR
etag: "2c4cb769f3a6bf429b6c6fcb905a856c"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=137908
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
x-amz-id-2: J0Kbl7ESXsuR6vUNkEx5mNI/IBXGsbyIcxTZ0UpEahJd18nOpZVXHsFLMRUYkSSHhfJE0n0jB2M=
expires: Wed, 13 Apr 2022 20:14:28 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 7234 28 B
54 B 26ms
25ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/o4aTg6Rqx88
X-YouTube-Client-Version: 1.20220410.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt0TEJsQklKMXJEMCjuqNSSBg%3D%3D
X-YouTube-Ad-Signals: dt=1649742958711&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C367%2C245&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 12 Apr 2022 05:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 12 Apr 2022 05:56:00 GMT

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M0.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 103 KB
104 KB 101ms
20ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M0.jpg?aktaexp=1649746559&aktasgn=2c8254cc832d9838b8b02c8b829a2584
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: ef8e4f21e130cbc16f421630f4d1f5bdc6350c1a6b6f6353f4854d9d81a843db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=chV+JA==, md5=8ZdlYQ5knHK0yi9AtSc7dQ==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdvOP-AwBOHn0nSAII8ogDob7fR-aolMJ2INWVqqmH8DqKveMGZeMCeQbP6ykXycgSA3BTxoiuIFxV-7YJnBNg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 105380
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "f19765610e649c72b4ca2f40b5273b75"
X-HW: 1649742961.dop073.lo4.t,1649742961.cds206.lo4.shn,1649742961.dop073.lo4.t,1649742961.cds011.lo4.c
x-goog-generation: 1648950992249774
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 105380
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M1.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 99 KB
100 KB 101ms
20ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M1.jpg?aktaexp=1649746559&aktasgn=527ffba4b8ff4337e6c0c2e14b113e41
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 685530e71232c03ceb6dafc772edeb39ffc4ac54a508fbb2310eab72aa7efb24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=M2fotA==, md5=3/FPRCLdUk2aHxOYTZ9LCQ==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycduoyFhA3ctE76i7W7WJ6UUzwESjwqpYk36wdlz9hGVE4x3mkQ4ryJhUd2dm-UaBsMf-ERlEaNcKDZEaDyOB3r2MznDVkw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 101487
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "dff14f4422dd524d9a1f13984d9f4b09"
X-HW: 1649742961.dop227.lo4.t,1649742961.cds079.lo4.shn,1649742961.dop227.lo4.t,1649742961.cds012.lo4.c
x-goog-generation: 1648950992309860
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 101487
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M2.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 95 KB
96 KB 102ms
20ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M2.jpg?aktaexp=1649746559&aktasgn=479d891df32a00f239d3be7514d76a62
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 98a2cb3a17c838354e94266022a1fe77ee586049d9eba9e59a8bf6de95d31bc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=NddHGA==, md5=R35Bfd14MZ/e68mFGvoHWA==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdshoaRQubb2uYcfops0Yz2XPGIbv2E1HBAiTBX7JE4t-sHb2Dy8eiLm9RYOvrHXXsEH71Eu8JgboztkEyjwJEutvUYfG11t
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 97596
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "477e417ddd78319fdeebc9851afa0758"
X-HW: 1649742961.dop211.lo4.t,1649742961.cds078.lo4.shn,1649742961.dop211.lo4.t,1649742961.cds234.lo4.c
x-goog-generation: 1648950992386330
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 97596
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M3.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 95 KB
96 KB 103ms
21ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M3.jpg?aktaexp=1649746559&aktasgn=b7e9e38f3cc7a8aa0fae021ccb6b6938
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 9834ca3586d66be8d05107db717ddc235db6479498868007319da66855c51d44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=vPcpnQ==, md5=lY5vW99acKHSCbBbMFuFYA==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdslDBAIQ8ZUMoTsalUlaQTAhRuAnBcvSrnw1BVqkQwc6mpXekHsXYDJ2xyL6aJe9dgL9KN_L6Hv2gA4dYz-JtSdn9o2Ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 97586
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "958e6f5bdf5a70a1d209b05b305b8560"
X-HW: 1649742961.dop023.lo4.t,1649742961.cds063.lo4.shn,1649742961.dop023.lo4.t,1649742961.cds042.lo4.c
x-goog-generation: 1648950992447018
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 97586
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M4.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 96 KB
97 KB 104ms
21ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M4.jpg?aktaexp=1649746559&aktasgn=e39592f8f03d3802a31845727576ba1c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: b0ab77a1efb951105f36b78a23a02b9212f5f356de812d587ef78006a6b8ee2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=ywS/bA==, md5=GqQ6STQld1cbsCK/fnsD3Q==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdvj-LMlc4yzwtwNaqQZTfWbCTYzrRThhdVD7xQzfwnFdM8-TufBwJlWIQbh9tkrjHgYCyOVGl1pgzuD34vFHSOe
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 98499
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "1aa43a49342577571bb022bf7e7b03dd"
X-HW: 1649742961.dop010.lo4.t,1649742961.cds003.lo4.shn,1649742961.dop010.lo4.t,1649742961.cds009.lo4.c
x-goog-generation: 1648950992502038
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 98499
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M5.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 102 KB
103 KB 157ms
20ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M5.jpg?aktaexp=1649746559&aktasgn=c7c2fb80548bcd1b85e75053a5fd55c7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 524819c848e033d304a8c4a3bba95075b39efaed14a8148d7956fd7a75ac0d1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=/y2gBA==, md5=WPOBtHwgsTKASpOWLadYyQ==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycduef6ix6vZgTdNluikSsiCqxwi1euULtbgUOr0EHQsk66o0XZoF1a9T_hSQ4j7XhSYW6Bolq6wudyqbof9uQ1Lfl-pm_w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 104113
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "58f381b47c20b132804a93962da758c9"
X-HW: 1649742961.dop211.lo4.t,1649742961.cds078.lo4.shn,1649742961.dop211.lo4.t,1649742961.cds032.lo4.c
x-goog-generation: 1648950992553240
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 104113
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M6.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 97 KB
98 KB 23ms
21ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M6.jpg?aktaexp=1649746559&aktasgn=0f9182fe12a15b68e78cb14e5a79e456
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 132903897f549a18b6d66988675f65ec9db2f539748ee67d6a5c1b8f60b83c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=WZILlw==, md5=3sKdTBFqCaHz8YfjSVJKew==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdv_meCWbj7Es37UpQwRjyO2kzwK1jurVuPjiKRqqsOAFUwapDvAXsas-tr4ym-4j-bXqMe1DPMnS-ReWvqNy7jttSXA18TV
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 99140
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "dec29d4c116a09a1f3f187e349524a7b"
X-HW: 1649742961.dop073.lo4.t,1649742961.cds206.lo4.shn,1649742961.dop073.lo4.t,1649742961.cds043.lo4.c
x-goog-generation: 1648950992608093
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 99140
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M7.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 105 KB
106 KB 19ms
18ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M7.jpg?aktaexp=1649746559&aktasgn=785311889bffaf84c3a637e3fd3b7972
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 2f97bff3cceb5bad2c4c25f49040500c5e39075c6d47d4aa2b0380e53ec9f70d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=kpRLQg==, md5=8OcjL4o7zw/pPCyW0jbNXw==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdtzmqXRFlbYPReMBW7SeO0O-yxLuxcM9oNZOQdJUXb1rOsgrQaYK_GzhbuNjvmqWPOIQ9wqkRI1JAP_sUW1QVVZ0LOp0oWe
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 107444
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "f0e7232f8a3bcf0fe93c2c96d236cd5f"
X-HW: 1649742961.dop023.lo4.t,1649742961.cds063.lo4.shn,1649742961.dop023.lo4.t,1649742961.cds042.lo4.c
x-goog-generation: 1648950992659398
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 107444
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M8.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 110 KB
111 KB 21ms
20ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M8.jpg?aktaexp=1649746559&aktasgn=28f0350f8463cb3556334f42f79e0e81
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: cf449a3eceffa39c99b91ed1f9f2e2ba46b54c7c1c177be38a1404031ba68463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=VUMfWA==, md5=rAg3JrlC/ofylox8Xj995w==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdtD7QNwwvq8vZGPVFAwlEgBuJiZdycnSZAq88tiyn-_3auTWBon1WTxB2vxO_U594CyV9vLAfb10rWKXR8pm82eNUNzRUsL
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 112311
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "ac083726b942fe87f2968c7c5e3f7de7"
X-HW: 1649742961.dop010.lo4.t,1649742961.cds003.lo4.shn,1649742961.dop010.lo4.t,1649742961.cds260.lo4.c
x-goog-generation: 1648950992714134
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 112311
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M9.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 98 KB
99 KB 20ms
19ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M9.jpg?aktaexp=1649746559&aktasgn=2c6f3ff927075a14ef600d3725f2ecb9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 92a5ddaf5ce3836ea526daee5582730fbc4a93078d5343d2ede8ce45290df0fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=jkRpNA==, md5=+Hc1/4jktXZvGvYx79kaBQ==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdvrKTpIDPMPxw0C5XHKoiYMBk69zQi-jrkYxbdVRuA8yzVklQdCYZo9NrCQciLG1TLis0wqJCYhCgJSFxFp3TcP6bqt6CwZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 100799
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "f87735ff88e4b5766f1af631efd91a05"
X-HW: 1649742961.dop227.lo4.t,1649742961.cds079.lo4.shn,1649742961.dop227.lo4.t,1649742961.cds253.lo4.c
x-goog-generation: 1648950992765378
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 100799
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M10.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 100 KB
101 KB 48ms
20ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M10.jpg?aktaexp=1649746559&aktasgn=467abaabb2f1ed1f50868489b7152600
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 523beb159be2a5e835f9c150f07471d58bad526d0668de7bbaba507b10427ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=x4fFrw==, md5=B5P/m85TjImHzgli8mN7ug==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycduLiA7G-hcslMzJ2yACj_97ZrxiFlLBBVCr6MC_aDjrS3jXHrS_nFDyEx-iSIqblpPX5mzlOcXU_hc-P0e1lrLy6Fa-TkLd
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 102141
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "0793ff9bce538c8987ce0962f2637bba"
X-HW: 1649742961.dop211.lo4.t,1649742961.cds078.lo4.shn,1649742961.dop211.lo4.t,1649742961.cds240.lo4.c
x-goog-generation: 1648950992818016
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 102141
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M11.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 97 KB
98 KB 23ms
21ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M11.jpg?aktaexp=1649746559&aktasgn=cbd4d01854afa04661b8366b2fd6724c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: d432412148b6b92ee52b350dd4b2cc61f2dd76036214fd0fde72788bc9158c1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=SO4MKQ==, md5=efhXJCbQGXQMM0f1b08DPg==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycduW8NYOVnqVnPGE6RcK7Ekk-MoXjPP4dqmupBZl61Npufa4i4oLakrttEi9FLkoXUIRPS3Y8hYT6a7z6s7ECtk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 99273
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "79f8572426d019740c3347f56f4f033e"
X-HW: 1649742961.dop073.lo4.t,1649742961.cds206.lo4.shn,1649742961.dop073.lo4.t,1649742961.cds074.lo4.c
x-goog-generation: 1648950992876623
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 99273
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M12.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 97 KB
98 KB 20ms
20ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M12.jpg?aktaexp=1649746559&aktasgn=67f9fdfd7f50b2aa60700fa24c096054
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 0bc3175dfad7d74cdf9bde074bf6059cf5153167c31d95dfdc2ff92a75bc4d8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=NfkUXA==, md5=OWG0jwtva5n+VUlPJ4+/aQ==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdtrzo7xtOKkUX52plODJrlFGf5mD0e0vPXfYq7uTKjjaBI58adUCljv3jwFOpdhfEtdfP4gQDlaSzDT_N8TjedMoSFO0Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 99290
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "3961b48f0b6f6b99fe55494f278fbf69"
X-HW: 1649742961.dop023.lo4.t,1649742961.cds063.lo4.shn,1649742961.dop023.lo4.t,1649742961.cds010.lo4.c
x-goog-generation: 1648950992926772
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 99290
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M13.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 97 KB
98 KB 20ms
20ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M13.jpg?aktaexp=1649746559&aktasgn=c7a50988273ff5b5569630326afabac2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: e2f5a5a55cd6453b2c02e2d98db5c2e86f5652807d78a50c93a37616f5c196f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=IgOEww==, md5=XMA9rqtNWDzFmo8+M64kjQ==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdsZJ2sw-75Y2bG8jrCmln20ce1n0k-f9hEbxLTpqXhHXV4HRndsU3vZw-LwF6R_EQ2QkFTs7xJyrjEmL51TfxY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 99751
Last-Modified: Sun, 03 Apr 2022 01:56:32 GMT
Server: UploadServer
ETag: "5cc03daeab4d583cc59a8f3e33ae248d"
X-HW: 1649742961.dop227.lo4.t,1649742961.cds079.lo4.shn,1649742961.dop227.lo4.t,1649742961.cds061.lo4.c
x-goog-generation: 1648950992978998
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 99751
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M14.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 96 KB
97 KB 21ms
20ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M14.jpg?aktaexp=1649746559&aktasgn=9aaf51b60e48ec14a6b9185df57915dc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 7516973fd6152d7a24a2b64cadf4afb4c036b6ad0537b010459e61c9cbd05879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=sdpjAg==, md5=9eHbniwRb05tmkNe35jPIQ==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdtQohVStSksEIKl2g2HkVM2iCjo4yo2WsecAWEbMyPf6ZJMrZ85zj0bCnA_tdYCnw0yE4VRwNuGtPq_JEwRtCYppW-NZe34
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 98041
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "f5e1db9e2c116f4e6d9a435edf98cf21"
X-HW: 1649742961.dop010.lo4.t,1649742961.cds003.lo4.shn,1649742961.dop010.lo4.t,1649742961.cds275.lo4.c
x-goog-generation: 1648950993027116
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 98041
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M15.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 101 KB
102 KB 44ms
20ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M15.jpg?aktaexp=1649746559&aktasgn=b8a2fc78afb813cbd8cef3f794d30fdb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: d8320dd5880e4fa4824a76034658b646580c16cc4279a8186df89803beb9bca2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=3WEF5w==, md5=Y6iHXZgAVLet3FDbO2CfCA==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycduxO8Pr6FjX4U-1WIIYerv4qIo3rizx9E1IlgXKwwmGaBLKIakemXYBQlD1ffaBL8EORtEfwxmzZCfavGZKd1sOtQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 103846
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "63a8875d980054b7addc50db3b609f08"
X-HW: 1649742961.dop211.lo4.t,1649742961.cds078.lo4.shn,1649742961.dop211.lo4.t,1649742961.cds203.lo4.c
x-goog-generation: 1648950993086562
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 103846
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M00.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 125 KB
126 KB 23ms
21ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M00.jpg?aktaexp=1649746559&aktasgn=dd634cb176403af3b1d4b03f1d7382f6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: feb41c509f43810ca3cdd52e858716c922fb97476f78d695e3d1f335b504ba53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=SYn+kw==, md5=VRU9nsakrqR2a9k56VxoIQ==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdsEe4xIss6ZH2keK7zU0FndbxPC4U5oe2i7ubSxQFsgbI2rPHD5Qu2xYCAg7amY6hSpSAghO5imRSqyYaO9NY5BttfaWSKa
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 128500
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "55153d9ec6a4aea4766bd939e95c6821"
X-HW: 1649742961.dop227.lo4.t,1649742961.cds079.lo4.shn,1649742961.dop227.lo4.t,1649742961.cds103.lo4.c
x-goog-generation: 1648950993141005
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 128500
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M01.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 128 KB
129 KB 21ms
20ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M01.jpg?aktaexp=1649746559&aktasgn=10b118b54ae005b78bcad5f173c08c9f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 63eb5d1f28f8e1d33405126b6f2bb9ead2a1ee82be5d495aad4a7612dbf46830

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=AK+MXg==, md5=VhYOb3wqURNvjvUfSy3wKA==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdvqWSq801NbEZWIzu2fU1iN_56ONsNlYabk8GUBQuYt_CA8ABATtWkfQhzQIUp4O7MmBa-pHYzgEN-Jwl7IIQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 130585
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "56160e6f7c2a51136f8ef51f4b2df028"
X-HW: 1649742961.dop023.lo4.t,1649742961.cds063.lo4.shn,1649742961.dop023.lo4.t,1649742961.cds063.lo4.c
x-goog-generation: 1648950993195422
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 130585
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M02.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 130 KB
131 KB 18ms
18ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M02.jpg?aktaexp=1649746559&aktasgn=71e7c94ad6194bdbdfe39bb40b5fedcc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: cea4f9d1cf9509fed75ec685f44051486c6520fa65fa05f407b8d84b9ad1c919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=FRxSCQ==, md5=68buH0zHZy4OCN2ZuStOdw==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycduwMeJIu8eQnMTNq5NAngykK5GHi6CW75fZMOurwCzgL0kLYnKnksWiRW40kJtd-hhG156Bw0ymsGhgUHLLd-2TNlp7UJzu
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 133508
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "ebc6ee1f4cc7672e0e08dd99b92b4e77"
X-HW: 1649742961.dop010.lo4.t,1649742961.cds003.lo4.shn,1649742961.dop010.lo4.t,1649742961.cds275.lo4.c
x-goog-generation: 1648950993245408
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 133508
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-M03.jpg
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 128 KB
129 KB 19ms
18ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-M03.jpg?aktaexp=1649746559&aktasgn=b9ea6de6e271fa69469c54f7f4b1e464
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 2369d50fc4dddacdfadae06c66594a000c734b24ab49574c445e644a5607a1f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=8xZoWg==, md5=OqqQXq3OeYzW/bisdhf63Q==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdtRkkS3JV3Zr2WjEviAUxlhM9KgxPmLcgaHBhduMMtfYN4UuV8MwXPAt0VmZy6im6gyyTRD5kqsBp7_1yMs5Y8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 131265
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "3aaa905eadce798cd6fdb8ac7617fadd"
X-HW: 1649742961.dop073.lo4.t,1649742961.cds206.lo4.shn,1649742961.dop073.lo4.t,1649742961.cds074.lo4.c
x-goog-generation: 1648950993302532
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 131265
Accept-Ranges: bytes
Content-Type: image/jpeg

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-hi.bif
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 112 KB
112 KB 46ms
20ms Image
binary/octet-stream 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-hi.bif?aktaexp=1649746559&aktasgn=ae9057c11f3577965abedd2c7fafb345
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=6XFxdw==, md5=Q1UglCzioTr6UEwC5HHOAw==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdvbJKtOWWZuVas1-TnppT7RkXlbxenWyJHR6Qu68jHwHCMLmucJGw-k_vxD_7F5gl1bM0YSUx6UTXtikbCS96I
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 23816790
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "435520942ce2a13afa504c02e471ce03"
X-HW: 1649742961.dop211.lo4.t,1649742961.cds078.lo4.shn,1649742961.dop211.lo4.t,1649742961.cds072.lo4.c
x-goog-generation: 1648950993611627
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 23816790
Accept-Ranges: bytes
Content-Type: binary/octet-stream

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-med.bif
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 144 KB
144 KB 24ms
21ms Image
binary/octet-stream 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-med.bif?aktaexp=1649746559&aktasgn=9b0f8edaefc146c04d91910d9c7cce87
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=9pkzgA==, md5=mjUrwUNAWQwrAJpIf5PaJw==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdtnkWO2OiyS_eAZjcY-KMe-ZOWztzdFhW7Xg7zcAmkpG_u1Xqu0IOyGJbFuKvc5cwcqx7B_0ym1ZscSjNJhJx_HRCurFQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 8580937
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "9a352bc14340590c2b009a487f93da27"
X-HW: 1649742961.dop010.lo4.t,1649742961.cds003.lo4.shn,1649742961.dop010.lo4.t,1649742961.cds035.lo4.c
x-goog-generation: 1648950993823136
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 8580937
Accept-Ranges: bytes
Content-Type: binary/octet-stream

GET
H/1.1 200
OK AB98437D3757D0FBF95B1FA6701AC788_pvw-lo.bif
h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/ Frame FBAB 144 KB
144 KB 21ms
20ms Image
binary/octet-stream 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h107833-ecdn.mp.lura.live/1/200002/pvw/AB9/843/AB98437D3757D0FBF95B1FA6701AC788_pvw-lo.bif?aktaexp=1649746559&aktasgn=363e616b4df80820fbf658c9391b1a8e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=or/pBA==, md5=4BtE4skF4oRyFiAnukqrVA==
Date: Tue, 12 Apr 2022 05:56:01 GMT
X-GUploader-UploadID: ADPycdsj6aU-OvuTasTRldp3EPNw7Zs6uZBtENr5E0PyHiosnalf0khbQRbAp-04TI-gZYql1B3DjIcvz1ow8QX1Zwbiwx5Fd3Ch
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 2977551
Last-Modified: Sun, 03 Apr 2022 01:56:33 GMT
Server: UploadServer
ETag: "e01b44e2c905e28472162027ba4aab54"
X-HW: 1649742961.dop023.lo4.t,1649742961.cds063.lo4.shn,1649742961.dop023.lo4.t,1649742961.cds040.lo4.c
x-goog-generation: 1648950993949533
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control: max-age=3600,public
x-goog-stored-content-length: 2977551
Accept-Ranges: bytes
Content-Type: binary/octet-stream

Verdicts & Comments Add Verdict or Comment

300 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s3
beforeitsnews.com/	1970-01-20 02:15:51	Name: __cflb Value: 04dToerZmTfQcfwEHt8ULGdndf17BZ3yk8XYeVGMio
.mgid.com/	1970-01-20 02:15:44	Name: __cf_bm Value: rei8Drjql3ScdAgstrdbIeGgkMGjK2D52yg0dAul4Ws-1649742956-0-AYwI2xdg4yvrcPRasns2tkprwoHiMvL/LJQcOgrQEo+73j2JEED7cwqRT34hZfTW0oJdDeOR4MrrZehyui7Ndpc=
beforeitsnews.com/	1970-01-21 02:15:42	Name: b4in-uuid Value: b83d079e-9734-4a3e-919a-4cb660ecb4aa
.beforeitsnews.com/	1970-01-20 19:46:54	Name: _ga Value: GA1.2.1426939345.1649742957
.beforeitsnews.com/	1970-01-20 02:17:09	Name: _gid Value: GA1.2.1457577171.1649742957
.beforeitsnews.com/	1970-01-20 02:15:43	Name: _gat_gtag_UA_16055024_1 Value: 1
beforeitsnews.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22iBxhD_HUY%22%7D%2C%22C720415%22%3A%7B%22page%22%3A1%2C%22time%22%3A1649742958040%7D%2C%22C720413%22%3A%7B%22page%22%3A1%2C%22time%22%3A1649742958038%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1649742958047%7D%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: fz61KsDy7kI
.youtube.com/	1970-01-20 06:34:54	Name: VISITOR_INFO1_LIVE Value: tLBlBIJ1rD0
.rumble.com/	1970-01-20 19:46:54	Name: _ga Value: GA1.2.1238067560.1649742959
.rumble.com/	1970-01-20 02:17:09	Name: _gid Value: GA1.2.1817195247.1649742959
.rumble.com/	1970-01-20 02:15:43	Name: _gat_rumble Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js Message: Allow attribute will take precedence over 'allowfullscreen'.
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://st.depositphotos.com/3246347/4454/i/950/depositphotos_44540573-stock-photo-calendar-12-april.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/819011/images/DARK%20JOURNALIST%20JOSEPH%20FARRELL.JPG'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://answersforthefaith.com/prayerline/wp-content/uploads/2014/11/image_thumb3.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://endoftheamericandream.com/wp-content/uploads/2022/04/Snip20220411_36-600x537.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/819011/images/KHAZARIAN%20NAZI%20WITCH.JPG'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/821322/images/god%20gene.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/819011/images/DR%20ARDIS%20PUBLIC%20ENEMY%201.JPG'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
a1.beforeitsnews.com
access.mp.lura.live
ajax.beforeitsnews.com
beforeitsnews.com
c.mgid.com
cdn.mgid.com
cdn.onesignal.com
cdn2.customads.co
cm.mgid.com
customads.co
dcs-vod.mp.lura.live
encrypted-tbn0.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gn-journal.com
googleads.g.doubleclick.net
h107833-ecdn.mp.lura.live
i.imgflip.com
i.ytimg.com
i2.wp.com
imasdk.googleapis.com
img.beforeitsnews.com
img.youtube.com
jamesredpillsamerica.com
jnn-pa.googleapis.com
jsc.mgid.com
justusaknight.files.wordpress.com
m107833-mcdn.mp.lura.live
onesignal.com
pagead2.googlesyndication.com
rddywd.com
rumble.com
s-img.mgid.com
s.tradingview.com
s0.2mdn.net
s3-symbol-logo.tradingview.com
s3.tradingview.com
sctewbeans.xyz
servicer.mgid.com
sonsoflibertymedia.com
sp.rmbl.ws
static-3.bitchute.com
static.doubleclick.net
static.foxtv.com
stats.g.doubleclick.net
tapnewswire.com
tkx.mp.lura.live
translate-pa.googleapis.com
translate.google.com
translate.googleapis.com
w3.mp.lura.live
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.prepperfortress.com
www.youtube.com
yt3.ggpht.com
104.18.255.14
104.19.132.78
142.93.183.185
151.139.128.11
169.55.146.12
185.59.220.193
192.0.72.23
192.0.77.2
209.58.165.79
2600:9000:2156:6400:1f:2f70:3e80:93a1
2600:9000:2156:be00:18:9413:7780:93a1
2606:4700:10::6816:4b8a
2606:4700:3034::ac43:8471
2606:4700::6812:e134
2a00:1450:4001:800::200a
2a00:1450:4001:800::200e
2a00:1450:4001:801::2008
2a00:1450:4001:803::2004
2a00:1450:4001:803::200a
2a00:1450:4001:808::2006
2a00:1450:4001:808::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2006
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:813::2016
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:400c:c0c::9b
2a02:26f0:ef::5c7b:c2ba
2a06:98c1:3120::7
2a06:98c1:3121::7
34.117.147.45
35.190.30.115
35.209.67.224
35.224.142.165
35.244.172.227
52.85.47.3
69.16.175.10
69.16.175.42
77.81.165.130
99.86.4.91
009b70b2537a741977c37a483c7bdbe4f22acdbe518cfddeb8ca3227d9d7e013
026203b28d6d1eed9cd606834d2163e38854c86fed406a899a5435f98544032d
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
05b98e9b082338c6ee8f49334d4d24929fcd2a64625fc4620c3ed4ee7d26feb0
07cd93aaf40528d8402e57fae379a7fe2ff24090292d4b425263965e73316323
0971088e6adebc29262cf9bda1dde733624956b101f486af7d4987fa077a1b4f
0aa69ea2305fb24d5d1e2d88911532706a9d1ba62dce572df46787e1b1a63dde
0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8
0b508fce57aff5e612126283567d980f53d852812d09fef6de5cb8f460560f8a
0bc3175dfad7d74cdf9bde074bf6059cf5153167c31d95dfdc2ff92a75bc4d8c
0c3144d3b31299192150c38b9b4eb3806825d0804bafc9891c28d445c91935c4
0db5e67f3f812f0c608715d2f530ced8877f1cd01854c8a82f2643a99f59304f
0ddf34576bda8e29b295f7bf54578d7c24d9332df696fd0acf903631dc13eb91
0ea20734cb830a4ce3e4bc91ae7eaca73b1e95cb5b38515bb1dcfe9baed1fdf3
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
112bd5ab1ee2c31f855fe13dbc9167807a24fa61f01063e99a8815ee5edeeaee
12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
132903897f549a18b6d66988675f65ec9db2f539748ee67d6a5c1b8f60b83c27
13b10170843ae661daf00334fe59d3a7e2131b214f62c76c732484057114eb64
13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1
14fd65279cb2032703b829fe447d969ae829c5bb6a3015043067dd4c66412341
15b079ee71981952d6b22e562e22119491799e5d61143dba02347b92bcb81af5
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1d989b550c40f16ec4c592bf96b8787f43bdc88dbce9e25ee54ea3ab5538680e
1e69fda028a323bc43dac18f4edb73a1b44081dc358350cedc92682078735517
1eea65c16e3fd11c5dc7363c752f3fe9d9b9e4fbd03a04d59e581a98d6f9da45
21b6f7e53806831b90878a1db8cc8f9f30be536b98d75b388925c28374cbed22
226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d
22e56b7e66a75203914f5f0cb9cf1c4e95c065f101ace2189cc31de2da60f61e
2369d50fc4dddacdfadae06c66594a000c734b24ab49574c445e644a5607a1f3
23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b
2481371bfa0f684fdae04ff5e731b5eca020219ad3553e64c18eb919746d3ad6
24a5def112a50a4851378065e3b8c8d5718ea46fb62bc32e04960803605e6b80
284c735f09e74e7203ebda5a6cdd938ef9ba925dc6d1035c61b2001387e82774
293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e80ec01dea20c822f942ff7f9a8645117c32207f972b2fe6a1fb9edf6f230c5
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
2f97bff3cceb5bad2c4c25f49040500c5e39075c6d47d4aa2b0380e53ec9f70d
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
3114fc33f2736ee0b0157d2234740e587f03616ee1b924212677467e93d614c0
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d
358a77653047ad7c05b75d09bd99ac299045ff2721d5811ec2f4ab87437c98f3
39d5529c99e122941f803afe8832aa07ab116119cfc87f4574dce2fd9e5086b4
39dfc68ba0c0ac96e630e2553b84a52b699985d7889d6ff4d75f9d1ef1c493d7
3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde
3ba0ec89a08dac2b188edb29fdd61033e516049fef6709cfb7c9839794f98f77
3df9dc4f24d73115ccfd1cd025a550fade23dc4409066e59b524549277b573f8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f627c7dd2a4af8ffa3d7ff2b7ce59e01539ff3e73cdf3fd8ee10f9b4ed56ca0
3f6a51e72027f8fc74c6fe916e49e2d4a9822144648787cebe707bbfde1ad5e0
41db5ed8b5612ed992ddae898fdb02c713ef224276c6e6151ccdb79ae8797a05
421ffa67a1b75367bca9af777c71989cd349d17183cb9c20ca8d976e2a6cd80d
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
43c56f2323f2989f02aae3d11743ea8798eec7b75206035cacc2cdce72eafb9b
471014faf7c67e8e84460099d7d702efdf578bdca4eb275aac5cb6daf4f4812f
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
49464ff796f9ad0ae71733bb09ca97b7a830625d69788b2fb82d389b7297a45d
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4c7f143de591c58b364772f049c84ef152a561c25ab903d061b8547716174e83
4d20f67113d1757b2a95a627d8124216e1a65ae5cd53bcb3f0a8365ae07ff2b2
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
523beb159be2a5e835f9c150f07471d58bad526d0668de7bbaba507b10427ec2
524819c848e033d304a8c4a3bba95075b39efaed14a8148d7956fd7a75ac0d1f
53480910be5956cc20cf1675d6a28d405b806f9f4d09125a6870410809323997
5786425ac74b2564fdd57fb190fe16bc253302bdfdb04621e00292f3b20bb4cd
58edc25ba1976b550899f5f02fe9344f4f5fccfd573a379df3451e743f8a8c06
594adfa737f8d29bd8d488c6b089ab9ac0a3b3225fb0214babe33422170d0f8f
59fb517fd0452c9bcdcf43a645b0de5b1ba8e2a75a13dc36d6c4632cdd6056d4
5a5f5d90f9f495e879a6dcb40ac5770c9227b306174cacf02b326f1742b510a9
5a85f13107d6d16140d0f04b0f906426fe7c9f933b3fe5bd65564118720460ac
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5cb26c9bb1dafab31e58b0c587700cbbe9aff23b051afc36013d96cca21486e8
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5d49b1823f09ea15bd92ae7c6067e799d63a65b741abf8aa334363ff8494c5eb
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5f8335c5894eb74bc701a75539a541dca1972b5ba8483ba4c414bb77a50bc207
60c75dbd33a76d3b77c123860edb584370828f1b45e6f27deece8145799c9bc9
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62127c39846e7a539f9a93704e16534af10e56c0ae09cd9c107f993b9aca6819
63eb5d1f28f8e1d33405126b6f2bb9ead2a1ee82be5d495aad4a7612dbf46830
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
685530e71232c03ceb6dafc772edeb39ffc4ac54a508fbb2310eab72aa7efb24
68a8fe1f631beef2ff44126e6a4ca9c5b0df5332c1d9feeb46822263ae485529
68dc181689566973c3a336868aa1a8e8f6e320bb53f11dfaa1aa46aab32286fc
6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4
6c5472b311cc5cb731d6d9ded2dc1ef1143e97e79a444dd85e58cbb199f1fe62
6cd78527f81d0cec4287991d7eb5effda48047f624af9914aa0d6125cf729572
6d86d3c71089ae9b0ce434e248437e61feab3fbc565a5f243fa79446268d160c
6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965
6dfab4d0c5aaa10f4efb087ee57f2591d2e29c38ab7ad210415bd1862fa050ab
708e15f646a4a88e3398f55ae92a59a527aeeff35f3a801ba5e575aa1a2ea038
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
745ceabc71fc51c9e19807a454ec780584da7f59f0f568edd02562343749c0b9
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
7516973fd6152d7a24a2b64cadf4afb4c036b6ad0537b010459e61c9cbd05879
79292ca05a41222666bcef29f05c6a015e62907013534ca87dd2b2c82b15dbf1
798a1e48a936af26830e70876c55987da4315ec9f33bfa930b0258390b2c0346
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7bd643bb9b42175959a170232380d03397a1d4b2c1be6753e07702830f7f7dd6
7cf6db00237ac7369206dca94840e45d9edb67aeca792fb1bf564e87a879659d
7e4737e7c4ec7eb997104bae7f89d6f865d25e7fdba20f5237819fa5bbab6bf4
7ec48012cdb99cf78673d4eedd9af2c0016e6dd867d24aa32545d2c2b10ae8b5
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7feedef5ec2be919df16ee6ef2e80ecdd8b80daf012093c742829599b8d4bfe9
80b9efd9b21348dab44deb944acf94010de9739b57a1cd4fd7acd6be951be5db
81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7
81f10e5e84fe916822db9b3bb732722b123aeac32da9591cce92827de54c4284
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850e196941cfae327bbe92dc12e0e25f3366f0569ac15d20dec985559b45445b
85a3d8af7a1f1580c3d29069e046b0bc5cea5406a3015d7f2de17d76fdef8711
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88849077748f50e5f7d546d975571053b7a23bfd7c1908bfa8dd268bc0e07a46
88a999d61a11c97291e85461c870c5e774138a6ad3e1180c8801d87b9ab969e4
88b56068bd0448cb937f321423af8eaf8475f8e3b2a02ee92d04086a48bd5478
89d58fdff13041d4c1df61f7de952d3932f3daa36ae7deaac5a6566c9ca0a75f
8a46105885c5a86da7684c935f2647f6dd95b168d24968484041c704525fbd31
8b241575c8cd0ef6a20a70b6449990891da4da6109290de8a0d4c85072b19095
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
926ec79b7f094b42ffb0ca281672b644feb72f50c0dc9f023233f4a93c53cc86
92a5ddaf5ce3836ea526daee5582730fbc4a93078d5343d2ede8ce45290df0fd
92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
9625ed140623bbc59d7468187eead3e842139c5f32b90c8a5e213b8348864b02
96800a7ff9c30b0a1d28e4553531189730086f363d7fc510d6c8961ffab2fba2
9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f
9834ca3586d66be8d05107db717ddc235db6479498868007319da66855c51d44
98a2cb3a17c838354e94266022a1fe77ee586049d9eba9e59a8bf6de95d31bc6
993c58ad3f0e7d5344de2eb67b12ea9b747a6200c990b88e0b7922a211966bc4
9bc1adb2991f3f8899fee41acedfc3fc9d9569eb328203292d9ca226dcbb5879
9d325c95ca2cb6b6a6861891fb51cb25cf6fbd8b9f68da3ba636db37018d1bb8
a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a
a0f893cdd27ad638374e84f2d6a4700d51817bfbad8c15885a40a976c201c119
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a438c03a8281036c5669b91c1ce9c99a80ea3f1554b86387fc7e6b628b168ec3
a4e5a136a99bfc631b62434a1d8c2210166c491a826a3750714a32b65abf7908
a52ee0d1a6548638f3960ce300af3e03a08b73ce1d7c970d61538ea0fe207f75
a804dbe0924fff8668f93894b0ab7e1a1ce8ac79022c0f23e967cc0fac44da1e
a84a8744a41ecc1f71092aa59cf2ba573713c61179e9ecad6e3a5da4aac7bde9
a9133ce4738bf2d0d12282d16afe84b60f83a270af9750330b287429b360782a
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ad564c166f59b7f11fb1321424020fb0aeace18310447e7e4d3b577d57df7a40
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0ab77a1efb951105f36b78a23a02b9212f5f356de812d587ef78006a6b8ee2c
b3567d2cc73ece41d0e203ba5c3fa05e804a687278f7331f1157e59fffb0a06a
b417c5bbf48633d0f2723ed39be70059a5d4d1bb87b4a7001d0ff41ba1bcbfe0
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
b510a882c697c69a11442c364a3e878dd12729f27c01c3b8054c643456034932
b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
ba8bc161394d0f1fd1a2117405b99c2ff97fdd2bbf274310faeeba1f4129b1d8
bbd1d5965043d1a032fb0eecd6dda883ceb43603be6001b306cb733bf8a3d1f1
bd040a9506a3805bd492a729bc7a28a8deb8260f710329b18314b9db58208fa3
be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c
be7498d143b20bc28a3664713ecd549d4d2267b3eea5b56f6e3f3a0670b83cf5
c04a1d67e4819ba554cba5b79a86ad261fa2de0b0eae3bbe0cc5523d87b14130
c5f6ce20c8335afe6681c7d7b77000c57c50437f77d073020aa6be09cf3fb202
c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7
c70d1431cfc986a578b4ae5eded51cde8ff0777ff42f1b803b278a8ac0fb5fed
c7266d5766f82bc006acb99f30b93d1baa16c0ec39247eccd9b7cd683f7ef9cc
c7a5968b1287cb47bd0f02c529db80723b0ce51c3190b7f89fa9cf1bc84b0371
c7e58799078e5a29d5b03f677d5402d4c36edb7f2af33d6fad341cb998569ba2
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
c93c3f1d5dd72fb5ef58f311ad8b640e1f5401eced34dc12d2cf95b77b8b8c8c
c98e06172634e30a4049c9ab3c316c679b7a6da3dd1b5d8ed0b6cd8b9294a675
c9cb7cf2a597c5c59d7aa75060254a8e3a7c77a0cd4ed0b6d16f242aef23f300
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cc94f4fc5d9b80dda9e267f272590516c57a2f48045ff74f0bcc90df9f6fe258
ce2599a1d88ac7b6beab2d4b6f1ba3480b94ce5bd1413350e3d88e8ad5d9d1b4
ce628cae5a499a978e3786030f941b61fe70ae8bda2bc3f566186628775d58a2
cea4f9d1cf9509fed75ec685f44051486c6520fa65fa05f407b8d84b9ad1c919
cf449a3eceffa39c99b91ed1f9f2e2ba46b54c7c1c177be38a1404031ba68463
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d0488ee06f43c2b00eb16be7cf745e9ed686e79061d5dd3dea7d54b38aa98067
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1b8a0fc8cd1e1cee4a88d59f5787fdd243f2fbf583f809d5c8d5028ea2b1162
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619
d432412148b6b92ee52b350dd4b2cc61f2dd76036214fd0fde72788bc9158c1e
d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3
d6156fc16bcbace2a42f7eea42d10b10d782db90cc33177cbba4f1ac99996602
d78fa11d49d6f5896519ee387440209a4ad363f68a816146c03b732b3fd45809
d79fee025b93dac74df8a60e0c1676b78b99f614e6f37fe2b1bb0de2bea3b3f2
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8320dd5880e4fa4824a76034658b646580c16cc4279a8186df89803beb9bca2
d98948799c284f9dc1ff12c90458951356e6274f205fd4e8756d2158e3329ccb
da69f6ccfa05256e6a49dd676b486cc9cd36756d773b663fc49e4c26cdbf71e4
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391
dc9301b2d9fbb7099d5d62ccd0067caea1ec5a3ffa5cfa577fedd43a440e85d7
de2380b9e68de126204550877e9ef976acc360ba0a0bd88ba903d07a1040f365
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de8561bf3c95e6a34282df3e2263974d7dfeee75bab9c42c7d4a3c59d90eb21a
e1632715ef332ce390b04320ecf6b822e056e8cc813075e747afec3b5fb097c7
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2bfe8391e7aa54de8ead4d07a475f416ce0a520e20403d145db64da855422f9
e2f5a5a55cd6453b2c02e2d98db5c2e86f5652807d78a50c93a37616f5c196f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e64bd547501d02ecc8284478d8e0b3e9a726a95a7aa4fc8781f3d4fda759f3d4
e68cf33196c29d0ce9fe1d9dd5051bb7d6aaa6b3f10f137cf38dc1155d0f34ee
e7a8a32aa53986c6aab50ca31c3c7308c2633c5d2887f731e52cd587beef3895
ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770
eb0b44522322e3379c9c3519c63813eab096880b9860a50a17712c5f085580e3
ed390e84c9cbc129328c6da9ead576f839b6fec67eb9ace1b32740f4641953a5
edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eeda1f19ef221f80fa47f884948c4cc56c932768ee79ace609e7545852bf2987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8e4f21e130cbc16f421630f4d1f5bdc6350c1a6b6f6353f4854d9d81a843db
f2aa05ae825bcb3519f2d7838b7cfe1038d934d891beef9c3907b53421445809
f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897
f614b78a18f61bd104bd2d8175650df16a6060a2e9a45c00c3510a847aeb60f2
f80df881f4300620113717b24686456d7bd64ead2731d5c319ac1f1fd0fff489
f8768352c16f81516a29b94a173d935723accb45d92374c785778140bbc58670
fb5bd70a041d51ff459d93885a4e7154f39847a45eaafdee1b0d782b2cf5e0d9
fc776911317ac423163b4fa9b702b1942cefc52a9d43b7805a56f9f02753c959
fc9906ae2eb46a468151265d3cadd50e4f3fec3c9d2bd379748fef41d279b1ac
feb41c509f43810ca3cdd52e858716c922fb97476f78d695e3d1f335b504ba53
ff04d6b84bf181bc57b1af04902e28cf7f395ac25a87303d017aaf15f8c3046a

beforeitsnews.com Open in urlscan Pro 2606:4700:10::6816:4b8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

256 Requests

100 %HTTPS

62 %IPv6

33 Domains

61 Subdomains

51 IPs

6 Countries

10950 kBTransfer

24276 kBSize

13 Cookies

33 Outgoing links

Redirected requests

256 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Screenshot
Live screenshot

Full Image

256
Requests

100 %
HTTPS

62 %
IPv6

33
Domains

61
Subdomains

51
IPs

6
Countries

10950 kB
Transfer

24276 kB
Size

13
Cookies

256 HTTP transactions
4 data transactions