beforeitsnews.com Open in urlscan Pro
104.22.75.138 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://beforeitsnews.com/
Submission: On September 13 via manual (September 13th 2021, 4:07:53 pm UTC) from IN — Scanned from DE

Summary HTTP 156 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 39 domains to perform 156 HTTP transactions. The main IP is 104.22.75.138, located in and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2021. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	104.22.75.138 104.22.75.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.74.106 142.250.74.106	15169 (GOOGLE) (GOOGLE)
1	54.230.206.113 54.230.206.113	16509 (AMAZON-02) (AMAZON-02)
1	142.250.74.118 142.250.74.118	15169 (GOOGLE) (GOOGLE)
1	172.67.215.185 172.67.215.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.74.40 142.250.74.40	15169 (GOOGLE) (GOOGLE)
3	216.58.207.195 216.58.207.195	15169 (GOOGLE) (GOOGLE)
5	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
9	89.187.169.39 89.187.169.39	60068 (CDN77 ^_^) (CDN77 ^_^)
8	104.18.64.15 104.18.64.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	216.58.207.238 216.58.207.238	15169 (GOOGLE) (GOOGLE)
3	209.58.165.79 209.58.165.79	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	52.222.179.124 52.222.179.124	16509 (AMAZON-02) (AMAZON-02)
3	40.114.178.124 40.114.178.124	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.21.45.30 104.21.45.30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.72.23 192.0.72.23	2635 (AUTOMATTIC) (AUTOMATTIC)
1	142.250.74.65 142.250.74.65	15169 (GOOGLE) (GOOGLE)
1	192.124.249.6 192.124.249.6	30148 (SUCURI-SEC) (SUCURI-SEC)
1	142.250.74.33 142.250.74.33	15169 (GOOGLE) (GOOGLE)
1	192.124.249.17 192.124.249.17	30148 (SUCURI-SEC) (SUCURI-SEC)
18	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.74.2 142.250.74.2	15169 (GOOGLE) (GOOGLE)
2	104.21.64.241 104.21.64.241	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	52.222.186.26 52.222.186.26	16509 (AMAZON-02) (AMAZON-02)
3	142.250.74.46 142.250.74.46	15169 (GOOGLE) (GOOGLE)
10	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	52.222.186.42 52.222.186.42	16509 (AMAZON-02) (AMAZON-02)
1 3	52.222.179.24 52.222.179.24	16509 (AMAZON-02) (AMAZON-02)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	209.205.219.146 209.205.219.146	55081 (24SHELLS) (24SHELLS)
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
5 5	35.157.197.70 35.157.197.70	16509 (AMAZON-02) (AMAZON-02)
2 2	18.192.249.156 18.192.249.156	16509 (AMAZON-02) (AMAZON-02)
1	5.135.96.59 5.135.96.59	16276 (OVH) (OVH)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	216.58.211.2 216.58.211.2	15169 (GOOGLE) (GOOGLE)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	64.233.164.157 64.233.164.157	15169 (GOOGLE) (GOOGLE)
1	216.58.207.228 216.58.207.228	15169 (GOOGLE) (GOOGLE)
1	216.58.207.227 216.58.207.227	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
1	216.58.207.226 216.58.207.226	() ()
156	39

31 104.22.75.138 (None, )

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.106 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.206.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-113.ham50.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.118 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.215.185 (United States)

ASN13335 (CLOUDFLARENET, US)

calabeshes.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.40 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s22-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.207.195 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn11s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 89.187.169.39 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-39.cdn77.com

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.64.15 (None, )

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.207.238 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn09s19-in-f14.1e100.net

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.58.165.79 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: opal2.opalstack.com

tapnewswire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.179.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-124.ham50.r.cloudfront.net

photos.brighteon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.114.178.124 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

external-content.duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.45.30 (None, )

ASN13335 (CLOUDFLARENET, US)

thewashingtonstandard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.72.23 (United States)

ASN2635 (AUTOMATTIC, US)

justusaknight.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.65 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s23-in-f1.1e100.net

ci5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.6 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10006.sucuri.net

www.nowtheendbegins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.33 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s22-in-f1.1e100.net

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.17 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10017.sucuri.net

themillenniumreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.2 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s21-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.64.241 (None, )

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.222.186.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-186-26.ham50.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.46 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s22-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 52.222.186.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-186-42.ham50.r.cloudfront.net

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.179.24 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-24.ham50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.205.219.146 (Piscataway, United States)

ASN55081 (24SHELLS, US)
PTR: static-146-219-205-209.24shells.net

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.197.70 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-197-70.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.249.156 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-249-156.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.135.96.59 (France)

ASN16276 (OVH, FR)

dispatcher.adxcore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.211.2 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: arn09s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.164.157 (United States)

ASN15169 (GOOGLE, US)
PTR: lf-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.228 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn09s19-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.227 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn09s19-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.139.243 (Piscataway, United States) 1 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.226 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	beforeitsnews.com beforeitsnews.com img.beforeitsnews.com ajax.beforeitsnews.com	479 KB
29	tradingview.com s3.tradingview.com s.tradingview.com s3-symbol-logo.tradingview.com	255 KB
28	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	287 KB
9	bitchute.com static-3.bitchute.com	389 KB
8	imgflip.com i.imgflip.com	589 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	rmbl.ws sp.rmbl.ws	646 KB
4	doubleclick.net 2 redirects cm.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	6 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	google-analytics.com www.google-analytics.com	39 KB
3	duckduckgo.com external-content.duckduckgo.com	97 KB
3	tapnewswire.com tapnewswire.com	40 KB
3	youtube.com img.youtube.com	88 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	755 B
2	adsrvr.org 2 redirects match.adsrvr.org	904 B
2	adtelligent.com 1 redirects s.adtelligent.com sync.adtelligent.com	1 KB
2	rddywd.com rddywd.com	1 KB
2	wordpress.com justusaknight.files.wordpress.com	1 MB
2	googletagmanager.com www.googletagmanager.com	81 KB
2	googleapis.com fonts.googleapis.com www.googleapis.com	1 KB
1	google.de www.google.de	522 B
1	google.com www.google.com	522 B
1	lentainform.com cm.lentainform.com	495 B
1	idealmedia.io cm.idealmedia.io	412 B
1	adxcore.com dispatcher.adxcore.com	260 B
1	googlesyndication.com pagead2.googlesyndication.com	49 KB
1	themillenniumreport.com themillenniumreport.com	69 KB
1	blogspot.com 1.bp.blogspot.com	58 KB
1	nowtheendbegins.com www.nowtheendbegins.com	375 KB
1	googleusercontent.com ci5.googleusercontent.com	441 B
1	thewashingtonstandard.com thewashingtonstandard.com	125 KB
1	brighteon.com photos.brighteon.com	20 KB
1	calabeshes.xyz calabeshes.xyz	42 KB
1	ytimg.com i.ytimg.com	11 KB
0	e-volution.ai Failed sync.e-volution.ai Failed
156	39

	Domain	Requested by
19	s3-symbol-logo.tradingview.com	beforeitsnews.com
16	beforeitsnews.com	beforeitsnews.com
14	img.beforeitsnews.com	beforeitsnews.com
10	s-img.mgid.com	beforeitsnews.com jsc.mgid.com
9	s.tradingview.com	s3.tradingview.com s.tradingview.com
9	static-3.bitchute.com	beforeitsnews.com
8	cm.mgid.com	jsc.mgid.com beforeitsnews.com s.adtelligent.com
8	i.imgflip.com	beforeitsnews.com
5	x.bidswitch.net	5 redirects
5	sp.rmbl.ws	beforeitsnews.com
4	jsc.mgid.com	beforeitsnews.com jsc.mgid.com
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com beforeitsnews.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	external-content.duckduckgo.com	beforeitsnews.com
3	tapnewswire.com	beforeitsnews.com
3	img.youtube.com	beforeitsnews.com
3	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com
2	creativecdn.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	prod.perf-serving.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	match.adsrvr.org	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	servicer.mgid.com	jsc.mgid.com
2	cdn.mgid.com	beforeitsnews.com
2	c.mgid.com	jsc.mgid.com beforeitsnews.com
2	rddywd.com	beforeitsnews.com
2	justusaknight.files.wordpress.com	beforeitsnews.com
2	www.googletagmanager.com	beforeitsnews.com s.tradingview.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	sync.adtelligent.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	www.google.de	beforeitsnews.com
1	www.google.com	beforeitsnews.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cm.lentainform.com	beforeitsnews.com
1	cm.idealmedia.io	beforeitsnews.com
1	dispatcher.adxcore.com	beforeitsnews.com
1	s.adtelligent.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	ajax.beforeitsnews.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	themillenniumreport.com	beforeitsnews.com
1	1.bp.blogspot.com	beforeitsnews.com
1	www.nowtheendbegins.com	beforeitsnews.com
1	ci5.googleusercontent.com	beforeitsnews.com
1	thewashingtonstandard.com	beforeitsnews.com
1	photos.brighteon.com	beforeitsnews.com
1	calabeshes.xyz	beforeitsnews.com
1	i.ytimg.com	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
0	sync.e-volution.ai Failed	beforeitsnews.com
156	54

This site contains links to these domains. Also see Links.

Domain
www.herbanomics.com
www.tradingview.com
forum.beforeitsnews.com
www.youtube.com
widgets.mgid.com
www.mgid.com
herbeauty.co
telegram.org
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-14` - `2022-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.tradingview.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
sp.rmbl.ws R3	`2021-07-19` - `2021-10-17`	3 months	crt.sh
static-3.bitchute.com R3	`2021-08-26` - `2021-11-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
tapnewswire.com R3	`2021-08-14` - `2021-11-12`	3 months	crt.sh
brighteon.com Amazon	`2021-07-23` - `2022-08-21`	a year	crt.sh
*.duckduckgo.com DigiCert SHA2 Secure Server CA	`2021-07-01` - `2021-11-25`	5 months	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-21` - `2022-01-21`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
nowtheendbegins.com Go Daddy Secure Certificate Authority - G2	`2021-01-24` - `2022-02-23`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
themillenniumreport.com Go Daddy Secure Certificate Authority - G2	`2021-03-03` - `2022-04-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-08-05` - `2021-11-03`	3 months	crt.sh
*.adxcore.com Gandi Standard SSL CA 2	`2021-01-23` - `2022-01-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 0D25B58735B12AE024FDF1D222FC9594
Requests: 110 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202181316
Frame ID: E0EE1F6CD37127F6A3662FF3592602A9
Requests: 4 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202181316
Frame ID: 2300E3FAD42BE1FC4EC7A75F629ADC75
Requests: 6 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: EB1AF6BD19187A47FB92A82025158CDC
Requests: 30 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1631549257998369209824
Frame ID: 7DA7CA2F831B7BF52D681806DCB50C02
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 65E1D98A3CE416D4F440099D57DAC243
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: E0B813B6E6BB479CBE46D6A3F0E46F4F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Frame ID: 7E5C2D7B6923407B1A46848A543C7F2D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before It's News | People Powered News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Advert Stream (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:ad\.advertstream\.com|adxcore\.com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

156
Requests

99 %
HTTPS

0 %
IPv6

39
Domains

54
Subdomains

39
IPs

6
Countries

5181 kB
Transfer

6861 kB
Size

32
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Ticker Tape

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720412

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://herbeauty.co/beauty/7-most-common-reasons-you-regain-the-weight-youve-lost/

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/relationships/he-is-totally-in-love-with-you-if-he-does-these-7-things/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/fashion/15-style-tips-from-asian-women/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/relationships/10-reasons-why-an-ultimatum-destroys-your-relationship/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/entertainment/these-celebrity-photos-will-confuse-you-so-much/

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 136

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 138

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=aefa848e-c201-4035-817e-bfd7b2675c5e&ttl=1634141258

Request Chain 139

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=c006d051-0cbf-447e-aa95-c673a4e844f7

Request Chain 140

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=a0e56bcf-f802-4a55-978f-0960ead6cb6e&ssp=mgid&user_group=1 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=4dd7b991-18d7-4e72-9f83-371bb272e66e&gdpr=&gdpr_consent=&us_privacy=

Request Chain 141

https://x.bidswitch.net/sync?dsp_id=303&user_id=l8dBAwuxfc79 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l8dBAwuxfc79 HTTP 302
https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=4dd7b991-18d7-4e72-9f83-371bb272e66e

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDhkQkF3dXhmYzc5&muidn=l8dBAwuxfc79 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDhkQkF3dXhmYzc5&muidn=l8dBAwuxfc79&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=l8dBAwuxfc79&google_ula={guid},5&google_gid=CAESENwiqdtbweoetVcPQYC6nFw&google_cver=1

Request Chain 145

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=U97F4c0GpNv9UBIzQioL&pi=mgid&tc=1

Request Chain 147

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1631549258369&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1631549258369&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=

Request Chain 153

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
https://cm.mgid.com/m?cdsp=617666&c=5455b7c638ffe7db

156 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
beforeitsnews.com/ 121 KB
24 KB 748ms
611ms Document
text/html 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adbd739715ee66f4b6dd172d5e42f2facaec07dc5966032750f2f22b7c3a709a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: beforeitsnews.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-type: text/html; charset=UTF-8
cf-ray: 68e2a11e7d1c218d-DUS
access-control-allow-origin: *
cache-control: private
set-cookie: SERVERID=s3; path=/ __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5; SameSite=Lax; path=/; expires=Mon, 13-Sep-21 18:25:35 GMT; HttpOnly
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-max-age: 3628800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 _KRSshvvWcFjj8eVhUL7TTu75W0.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 62ms
60ms Script
application/javascript 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8774063
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 9Z3F1AF7ERA7Q7D5
x-amz-id-2: MgONIFnx55fdLovamre/LKtXZgJKUL9xP3WdgSiLcEzak722isZk+F4s/XfywSx6mTZ1TtKMTVg=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7f176f4cc71059e93db3ae6263ce5c62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: iruw_GjpCNwc.7p7jDS427AkLHWsll2i
cf-ray: 68e2a1228c4d218d-DUS

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 463ms
106ms Stylesheet
text/css 142.250.74.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s10-in-f10.1e100.net

Software

ESF /

Resource Hash

27ade501ed1979a72641c4341d674b0ac8268a928ab4f256f55603fef19dc7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 15:51:17 GMT
server: ESF
date: Mon, 13 Sep 2021 16:07:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Sep 2021 16:07:36 GMT

GET
H2 200 global-bin-rev-202108091.css
beforeitsnews.com/static/css-v3/ 15 KB
4 KB 74ms
72ms Stylesheet
text/css 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c6b9a83f42cb144aa389cd13ebf0d3349818b28170449f11813094ae2492c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/global-bin-rev-202108091.css
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 422746
cf-polished: origSize=15789
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 08 Aug 2021 18:37:45 GMT
server: cloudflare
etag: W/"61102479-3dad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 68e2a1228c4f218d-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 15 Sep 2021 18:41:50 GMT

GET
H2 200 fancybox-bin-rev-202108091.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 75ms
74ms Stylesheet
text/css 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-202108091.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/fancybox-bin-rev-202108091.css
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 422746
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 08 Aug 2021 18:37:45 GMT
server: cloudflare
etag: W/"61102479-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 68e2a1228c51218d-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 15 Sep 2021 18:41:50 GMT

GET
H2 200 home-bin-rev-202108091.css
beforeitsnews.com/static/css-v3/ 28 KB
7 KB 71ms
70ms Stylesheet
text/css 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-202108091.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdac3b2e717d6b9c56e993749d915b26847520b8bd7dfb90d1f9089fffe09e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/home-bin-rev-202108091.css
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 422746
cf-polished: origSize=29134
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 08 Aug 2021 18:37:45 GMT
server: cloudflare
etag: W/"61102479-71ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 68e2a1228c52218d-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 15 Sep 2021 18:41:50 GMT

GET
H2 200 responsive-bin-rev-202108091.css
beforeitsnews.com/static/css-v3/ 20 KB
4 KB 111ms
110ms Stylesheet
text/css 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-202108091.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

708e15f646a4a88e3398f55ae92a59a527aeeff35f3a801ba5e575aa1a2ea038

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/responsive-bin-rev-202108091.css
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 422746
cf-polished: origSize=20565
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 08 Aug 2021 18:37:45 GMT
server: cloudflare
etag: W/"61102479-5055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 68e2a1228c53218d-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 15 Sep 2021 18:41:50 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
57 KB 75ms
74ms Script
application/javascript 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/jquery-fancybox-mobiledetect-uuid.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1704537
cf-polished: origSize=149701
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 68e2a1228c55218d-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 31 Aug 2021 22:38:39 GMT

GET
H2 200 global-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 12 KB
4 KB 110ms
110ms Script
application/javascript 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/global-bin-rev-202108091.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 422746
cf-polished: origSize=12613
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 08 Aug 2021 18:37:07 GMT
server: cloudflare
etag: W/"61102453-3145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 68e2a1228c56218d-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 15 Sep 2021 18:41:50 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 126ms
73ms Image
image/webp 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 417638
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 08 Sep 2022 20:06:58 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a1251969218d-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 233ms
58ms Script
text/javascript 54.230.206.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-113.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da8688a50b98af6cfcb106a460d4371795eed39b580da7672083e79149c6f3f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 11:09:51 GMT
via: 1.1 c46d7c5a8bf0a3035249184c40b6aea4.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 11:09:45 GMT
server: AmazonS3
age: 17865
etag: "21900f307f22135fe5dafa6a070e7222"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-length: 10981
x-amz-cf-id: 7W33YbBnGs3VGhsfET7z1jYzbQM3EWSp_vAO-iMjgb5pWJW6xDl0-Q==

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 73ms
72ms Image
image/webp 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 418836
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14030
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 08 Sep 2022 19:47:00 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a1257a3d218d-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
583 B 72ms
71ms Image
image/webp 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 516741
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 07 Sep 2022 16:35:15 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a1257a40218d-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/4i5BfMI_OiM/ 11 KB
11 KB 357ms
113ms Image
image/jpeg 142.250.74.118
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/4i5BfMI_OiM/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.118 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s10-in-f22.1e100.net

Software

sffe /

Resource Hash

a5b43883fca3c506e71719ae00609cab2801128ac5adb9ecb05eb14839b59fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
x-content-type-options: nosniff
server: sffe
etag: "1576396766"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11386
x-xss-protection: 0
expires: Mon, 13 Sep 2021 18:07:36 GMT

GET
H3 200 tabs-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 148 B
728 B 74ms
74ms Script
application/javascript 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/tabs-bin-rev-202108091.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 422745
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 08 Aug 2021 18:37:10 GMT
server: cloudflare
etag: W/"61102456-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 68e2a1234b792151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 15 Sep 2021 18:41:50 GMT

GET
H2 200 12098 Show response
calabeshes.xyz/easylist/ 203 KB
42 KB 702ms
352ms Script
text/javascript 172.67.215.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://calabeshes.xyz/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.215.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc8c6fec9bb0b930a6b19617437c25978b733fbfe7f06c80cae45efa001637f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"500511bc3980d5ff9cd69edb32f422caa4d824c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACg2EuIOrvRGOQ%2BE6ZYUwFEFfIff4zxuzhQEWRZ0wiaaiCdKfHCBwiUIi%2FjChOoWia1oBeWpWBlc8NiDSMB%2Bzworf7Q3x1N0yIqENEdgvRs56p1sdyNUHPmuzC3hgrTD%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 68e2a127ff005a5d-IAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
41 KB 375ms
133ms Script
application/javascript 142.250.74.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0f71e3a5b759b240c58f8298fa49dfac02958e28f620781ec5a7fb9148b5e85b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41175
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Sep 2021 16:07:36 GMT

GET
H3 200 jsDeferParsing-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 65ms
65ms Script
application/javascript 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

135d33fda618989589e4d6f2d10fd7febe414dc38724db75a3c92710ccb9a1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/jsDeferParsing-bin-rev-202108091.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 422746
cf-polished: origSize=6188
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 08 Aug 2021 18:37:09 GMT
server: cloudflare
etag: W/"61102455-182c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 68e2a123cc4e2151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 15 Sep 2021 18:41:50 GMT

GET
H3 200 DN2ljmq1lJUOI91HMatC4Qo4fdo.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 85ms
85ms Script
application/javascript 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/DN2ljmq1lJUOI91HMatC4Qo4fdo.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /cdn-cgi/apps/body/DN2ljmq1lJUOI91HMatC4Qo4fdo.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8774062
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 9Z39RJEC8TAKBCPA
x-amz-id-2: mtgogLv5ZSF9nt0N5OMp8LAGhsT88Fd/jCPOATc+fFRggwKMXxz0efEUGCvMrlMz4vTNt9IHg6o=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7a6e84d6417ab337f05fd7000f282762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: aBVNeaiVU3H7gys1mI2xPATDTQBfk7Cv
cf-ray: 68e2a1257fd22151-DUS

GET
H3 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
736 B 84ms
84ms Image
image/webp 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/v3/top-bg.png
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 420414
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 100
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 08 Sep 2022 19:20:42 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 68e2a1258fd42151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 search.png
beforeitsnews.com/img/b4in/ 686 B
1 KB 83ms
82ms Image
image/webp 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/b4in/search.png
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 413496
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 686
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 08 Sep 2022 21:16:00 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 68e2a1258fe62151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v40/ 16 KB
16 KB 316ms
86ms Font
font/woff2 216.58.207.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s04-in-f3.1e100.net

Software

sffe /

Resource Hash

5eb3ad1dc64d18b21f026e0b6c3bd3535da6c8f0e4fe3f63f60503508baef2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 21:17:08 GMT
x-content-type-options: nosniff
age: 67828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16364
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 21:17:08 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v9/ 15 KB
15 KB 403ms
173ms Font
font/woff2 216.58.207.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s04-in-f3.1e100.net

Software

sffe /

Resource Hash

978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 03:10:25 GMT
x-content-type-options: nosniff
age: 219431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15124
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:18:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Sep 2022 03:10:25 GMT

GET
H2 200 lpTpc.UQ4e-small-Ep.-2574b-I-Do-Believe-They.jpg
sp.rmbl.ws/s8/1/l/p/T/p/ 166 KB
166 KB 680ms
179ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/l/p/T/p/lpTpc.UQ4e-small-Ep.-2574b-I-Do-Believe-They.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6fe4b0605c1e67e77011a4b562a758817905d3d4e38193cb1d4d1bded580eef6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
last-modified: Sun, 12 Sep 2021 23:36:56 GMT
etag: "6162bd7f0c5320a311bb90673c521277"
x-hw: 1631549257.cds078.am5.hn,1631549257.cds149.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=29226
accept-ranges: bytes
content-length: 170190

GET
H3 200 OIP%20(1)(90).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
13 KB 233ms
233ms Image
image/jpeg 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(90).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e535f97fe2b8929b51cf044fb4ff6a156d50308aa87096c52546db979190991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 54236
cf-polished: origSize=13542, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12535
last-modified: Mon, 13 Sep 2021 00:31:55 GMT
server: cloudflare
etag: "613e9bfb-34e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 13 Sep 2022 01:03:40 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a125c8c42151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 PGZngyujl8qk_640x360.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 41 KB
42 KB 352ms
152ms Image
image/jpeg 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/PGZngyujl8qk_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-39.cdn77.com

Software

BunnyCDN-DE1-755 /

Resource Hash

b2dee149dd43956b1cd83b54166026728596375a3eb7b0da78a1568f7adb81ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 09/13/2021 16:50:20
cdn-pullzone: 89010
content-length: 42058
x-amz-request-id: tx0000000000000031011c6-00613f652c-66554fe-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-755
last-modified: Mon, 13 Sep 2021 14:42:54 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: db147bfc4c50a27a9c6284737c7ef98f
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 F8HEg3STtwf8_640x360.jpg
static-3.bitchute.com/live/cover_images/Iw2kiviwZpwx/ 26 KB
26 KB 352ms
152ms Image
image/jpeg 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/Iw2kiviwZpwx/F8HEg3STtwf8_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-39.cdn77.com

Software

BunnyCDN-DE1-755 /

Resource Hash

efa890a48d0fc41c1728ec50a1af70b3fa91d1ae9ef1c55d4781c769baebb375

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx000000000000008d39bae-00613f56a8-67d82fc-nyc3a
cdn-cachedat: 09/13/2021 15:48:24
cdn-pullzone: 89010
content-length: 26165
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-755
last-modified: Thu, 09 Sep 2021 02:02:03 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 64a7e91f717425fdf7517b516d4b6af2
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 RYRMtWLENxbx_320x180.jpg
static-3.bitchute.com/live/cover_images/Htw7sVXytG2m/ 16 KB
16 KB 352ms
153ms Image
image/jpeg 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/Htw7sVXytG2m/RYRMtWLENxbx_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-39.cdn77.com

Software

BunnyCDN-DE1-755 /

Resource Hash

720bd4aaf5cea736823769de87288a457a579c0b24f63fcad86788075faa234e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
cdn-edgestorageid: 755
x-amz-request-id: tx0000000000000088aea5d-00613e7a89-67d82fc-nyc3a
cdn-cachedat: 2021-09-12 22:09:35
x-rgw-object-type: Normal
cdn-pullzone: 89010
content-length: 15934
last-modified: Sun, 12 Sep 2021 21:49:01 GMT
server: BunnyCDN-DE1-755
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 19a9b4f35ca0f6c5ad83cb25d4fc78a2
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 5mqfs8.jpg
i.imgflip.com/ 59 KB
59 KB 237ms
65ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5mqfs8.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e5ca5353e9d1e16a7857e83019f27dad54cb79c2e0e751dd4e00d8aa4180f41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
cf-cache-status: HIT
age: 74186
cf-polished: origSize=60345
cf-ray: 68e2a126ed9021a5-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 59939
x-amz-id-2: a74I/Ee+x7tv/k2dtoCa8ojb6DnaTHr+hQsSHIvjJypyLRlWWVXH4wdsBtrcDgaZACc34B+zb1Y=
last-modified: Sun, 12 Sep 2021 19:22:08 GMT
server: cloudflare
etag: "ce1e0e2c3af40200e061b7b302d3d615"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: STHY5F5V5371JQ0B
access-control-allow-origin: *
expires: Thu, 11 Sep 2031 16:07:36 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 mythodical%20illusions.jpg
img.beforeitsnews.com/contributor/upload/695008/images/ 21 KB
22 KB 70ms
69ms Image
image/jpeg 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/695008/images/mythodical%20illusions.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9e81e77d80c608ebce071087d430ed06989ca88406773a09a6ee971d6d221b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 21756
cf-polished: origSize=24928, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21472
last-modified: Wed, 21 Jul 2021 04:47:14 GMT
server: cloudflare
etag: "60f7a6d2-6160"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 13 Sep 2022 10:05:00 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a125c8ca2151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 JlTpc.OvCc.jpg
sp.rmbl.ws/s8/6/J/l/T/p/ 34 KB
34 KB 653ms
179ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/J/l/T/p/JlTpc.OvCc.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 952c2f63e4c0562ed3ec421cbdb64ad78a24c14887527f99f673ec0f6b455b86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
last-modified: Mon, 13 Sep 2021 00:00:13 GMT
etag: "610ac0d265f396c90cbc7c1e88c2993b"
x-hw: 1631549257.cds078.am5.hn,1631549257.cds073.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=29153
accept-ranges: bytes
content-length: 34823

GET
H2 200 cZbZVRp3xtIb_640x360.jpg
static-3.bitchute.com/live/cover_images/9c7qJvwx7YQT/ 37 KB
38 KB 322ms
153ms Image
image/jpeg 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9c7qJvwx7YQT/cZbZVRp3xtIb_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-39.cdn77.com

Software

BunnyCDN-DE1-755 /

Resource Hash

d04e0d4269a93a2d21b76c8ae68e31c45eb8db22bbad57b3c35629915314b4fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
cdn-edgestorageid: 752
x-amz-request-id: tx0000000000000084fda08-00613dc919-67d82fc-nyc3a
cdn-cachedat: 09/12/2021 11:32:09
cdn-pullzone: 89010
content-length: 37861
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-755
last-modified: Sun, 12 Sep 2021 09:15:43 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 43405fb0814392cb1306fbffc70bad63
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 2XnG8m4yzI92_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 56 KB
57 KB 170ms
153ms Image
image/jpeg 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/2XnG8m4yzI92_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-39.cdn77.com

Software

BunnyCDN-DE1-755 /

Resource Hash

eff7ba587f0169fae00edb9f49b404beaf30ea8fa99bdecd9e3c06433189c92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 09/10/2021 03:49:42
cdn-pullzone: 89010
content-length: 57592
x-amz-request-id: tx000000000000002bd71a4-00613ab9b6-66548b0-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-755
last-modified: Fri, 10 Sep 2021 01:45:20 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: c407e6a360f31b416ebe93d15d338311
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 x5fpc.4Wpjb.1.jpg
sp.rmbl.ws/s8/6/x/5/f/p/ 123 KB
124 KB 562ms
243ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/x/5/f/p/x5fpc.4Wpjb.1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 54abee64791dae86105c5470723e6240b6ae2084f38a8ba3e5c37d01cf67c9a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
last-modified: Fri, 10 Sep 2021 20:01:16 GMT
etag: "fcb18c318206ea2d73dfd19381176bd1"
x-hw: 1631549257.cds078.am5.hn,1631549257.cds232.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=21220
accept-ranges: bytes
content-length: 126440

GET
H3 200 OIP%20(2)(75).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 5 KB
6 KB 196ms
194ms Image
image/jpeg 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(2)(75).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3a395db81e64106f6442a848e6db1f6e767996026978a125470290fc49e5530

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 54236
cf-polished: origSize=7068, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5546
last-modified: Mon, 13 Sep 2021 00:48:04 GMT
server: cloudflare
etag: "613e9fc4-1b9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 13 Sep 2022 01:03:40 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a125d8d42151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 a6980af5-f82c-45a9-ada5-c80ec803ccb7.jpg
img.beforeitsnews.com/contributor/upload/748669/images/ 49 KB
49 KB 177ms
174ms Image
image/jpeg 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/748669/images/a6980af5-f82c-45a9-ada5-c80ec803ccb7.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

accceca2c8527fefd83789bfcc7f1f322223e37deee3e471f015e024dc5862c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 49373
cf-polished: origSize=54615, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 49916
last-modified: Mon, 13 Sep 2021 01:45:44 GMT
server: cloudflare
etag: "613ead48-d557"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 13 Sep 2022 02:24:43 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a125d8d92151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/BBN7lPVgF1c/ 15 KB
15 KB 461ms
204ms Image
image/jpeg 216.58.207.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/BBN7lPVgF1c/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s19-in-f14.1e100.net

Software

sffe /

Resource Hash

972884e9423a0416f709270d0406493732c8b6618de0bea5f496bafdbc044005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:06:00 GMT
x-content-type-options: nosniff
server: sffe
age: 96
etag: "1631430425"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15495
x-xss-protection: 0
expires: Mon, 13 Sep 2021 16:11:00 GMT

GET
H2 200 YkYIezg7q8WD_640x360.jpg
static-3.bitchute.com/live/cover_images/AMhoJpc4Zf2T/ 33 KB
34 KB 270ms
101ms Image
image/jpeg 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/AMhoJpc4Zf2T/YkYIezg7q8WD_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-39.cdn77.com

Software

BunnyCDN-DE1-755 /

Resource Hash

9bb67680ff672b5d90a224698e794f0d28d253bc858a8ced9299a2590af9b1e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx0000000000000015c2065-00612a3775-67e8a05-nyc3a
cdn-cachedat: 08/28/2021 15:17:41
cdn-pullzone: 89010
content-length: 33907
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-755
last-modified: Mon, 23 Aug 2021 12:52:04 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: b0130cc432ed452a2ebddcdce3b45db2
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/beewmWAUoRI/ 32 KB
32 KB 345ms
88ms Image
image/jpeg 216.58.207.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/beewmWAUoRI/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s19-in-f14.1e100.net

Software

sffe /

Resource Hash

97581760edd8bf4ec2bf8dcfe6d424c6e8ddbe45b26eef0deb8a18649fc943e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:30 GMT
x-content-type-options: nosniff
server: sffe
age: 6
etag: "1631535785"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32754
x-xss-protection: 0
expires: Mon, 13 Sep 2021 16:12:30 GMT

GET
H2 200 tfJpc.qR4e-small-SITUATION-UPDATE-91221.jpg
sp.rmbl.ws/s8/1/t/f/J/p/ 114 KB
114 KB 537ms
65ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/t/f/J/p/tfJpc.qR4e-small-SITUATION-UPDATE-91221.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 549c68fe0dd045fce8b1daac44d856d425ac8a2f91cf22c5d298c6eb6f69727a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
last-modified: Sun, 12 Sep 2021 10:47:56 GMT
etag: "1b4fc4b2048ce93a80f5f675be3807bf"
x-hw: 1631549257.cds078.am5.hn,1631549257.cds273.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2246
accept-ranges: bytes
content-length: 116506

GET
H2 200 Graphene-Oxide-Detox-Protocols-For-The-Vaxxed-Unvaxxed-FI-08-26-21-min-300x135.jpg
tapnewswire.com/wp-content/uploads/2021/08/ 15 KB
15 KB 1175ms
426ms Image
image/jpeg 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/uploads/2021/08/Graphene-Oxide-Detox-Protocols-For-The-Vaxxed-Unvaxxed-FI-08-26-21-min-300x135.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: cb158292c1e00f2a542a6db98b2fb425da7c68dfbc924d68ac09681b93a2e272

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
last-modified: Thu, 26 Aug 2021 13:20:57 GMT
server: nginx
accept-ranges: bytes
etag: "3a8a-5ca763cc2666c"
content-length: 14986
content-type: image/jpeg

GET
H2 200 ee6bc6bd-2d7c-47cf-a9c9-5df70d0465ac
photos.brighteon.com/thumbnail/ 19 KB
20 KB 254ms
61ms Image
image/jpeg 52.222.179.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.brighteon.com/thumbnail/ee6bc6bd-2d7c-47cf-a9c9-5df70d0465ac
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-124.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f22bf3641e714f2f4c8f76e53165393fab66962663ab07994b43b152d37d8fce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 02:41:19 GMT
via: 1.1 dbf5a139061b80ff53ac8f18a1e0b49f.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 02:05:57 GMT
server: AmazonS3
age: 48378
etag: "cdf6a6bd1fabf0e0d9850e47e8fe6c8d"
x-cache: Hit from cloudfront
x-amz-meta-optimized: true
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 19904
x-amz-cf-id: rXi_iyu2_AvSfTfNBJYXZS5rMVtNx8N109YBjNmrNZWsK_pEVg7pQw==

GET
H2 200 5m9gm8.jpg
i.imgflip.com/ 67 KB
68 KB 117ms
116ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5m9gm8.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2cd8ccd33a33a33db1df52a172367747ed4e2df0de844acb7b2631c46c7eeb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
cf-cache-status: HIT
age: 442426
cf-polished: origSize=69541
cf-ray: 68e2a126edb121a5-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 68983
x-amz-id-2: G9rZstTGbf54CW84XnRkKuCeoRdMwDiuTx0MJJ/HvMZ3hyxhI5zc3FXnlyB2bVRYUmWAiR1cJ6M=
last-modified: Wed, 08 Sep 2021 13:08:52 GMT
server: cloudflare
etag: "0b03c50c2983f5efb9333c51129d5c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: GVF22J6QY0VZCQME
access-control-allow-origin: *
expires: Thu, 11 Sep 2031 16:07:36 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 /
external-content.duckduckgo.com/iu/ 36 KB
37 KB 290ms
108ms Image
image/jpeg 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Ftse4.mm.bing.net%2Fth%3Fid%3DOVP.Dh-25sD5H79O91WMFVx9aAHgFo%26pid%3DApi&f=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

9c90bbc4e188f0792ccdf96f5ae41374e2b7c1135feedca79ae2177107020c42

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duck.co ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-duckduckgo-locale: de_DE
strict-transport-security: max-age=31536000
referrer-policy: origin
server: nginx
date: Mon, 13 Sep 2021 16:07:37 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1;mode=block
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duck.co ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
x-content-type-options: nosniff
expires: Tue, 13 Sep 2022 16:07:37 GMT

GET
H3 200 Donuts.jpg
img.beforeitsnews.com/contributor/upload/748669/images/ 48 KB
49 KB 88ms
84ms Image
image/jpeg 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/748669/images/Donuts.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccedc6df2de1cbadbaf1e56f4ee0bf31c91ae5e1ab8c5baab58c3401929ac276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2833399
cf-polished: origSize=54448, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 49520
last-modified: Wed, 11 Aug 2021 20:33:07 GMT
server: cloudflare
etag: "61143403-d4b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 11 Aug 2022 21:04:17 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a125d8e52151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 hb765%20(2).jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 20 KB
21 KB 233ms
228ms Image
image/jpeg 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/hb765%20(2).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a25d6c5112916ea39775db2a0e26f17dacb4ef594457b09aac6e22d3da62b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 205089
cf-polished: origSize=21843, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20762
last-modified: Sat, 11 Sep 2021 06:30:01 GMT
server: cloudflare
etag: "613c4ce9-5553"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 11 Sep 2022 07:09:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a125d8ec2151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 OIPggggg(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
13 KB 248ms
244ms Image
image/jpeg 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIPggggg(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deab806da37406b7164fd737d6b60de9d3d863844438852488605564713d4b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 517762
cf-polished: origSize=13496, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12504
last-modified: Wed, 16 Jun 2021 20:57:13 GMT
server: cloudflare
etag: "60ca65a9-34b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 07 Sep 2022 16:18:14 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a125d8f12151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 wtc-7-nist-request-for-corrections-1024-v7c.jpg
thewashingtonstandard.com/wp-content/uploads/2020/05/ 124 KB
125 KB 265ms
71ms Image
image/jpeg 104.21.45.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thewashingtonstandard.com/wp-content/uploads/2020/05/wtc-7-nist-request-for-corrections-1024-v7c.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 211f02a53a529e4f70cefae664abfb9dcde009b803c4a85f339ab652c93e5b71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 247053
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 126808
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 May 2020 22:21:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOHwd0PcRjGLIZSxeqF%2FgLhQj7EM1Je9fLjTcG1Q%2F64W5tlKdIO4Nd28KJIY2Md8X8CBbr6JXcs1DFoJuv8F%2Bq3xkZrdGfXF71wEV787UiloIP1hAzmFgW0mFypXAJjOvDIQRF%2B0qmFN5EZb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a128ae353bc2-CDG
expires: Sat, 10 Sep 2022 19:30:03 GMT

GET
H3 200 A_Facemasks.jpg
img.beforeitsnews.com/contributor/upload/461640/images/ 52 KB
52 KB 249ms
245ms Image
image/jpeg 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/461640/images/A_Facemasks.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d430b737d9816b708e07c668877e9f1423bbbe84bdd34563eaccae36a816d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 73652
cf-polished: origSize=56066, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 52846
last-modified: Fri, 07 Aug 2020 18:48:42 GMT
server: cloudflare
etag: "5f2da20a-db02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 12 Sep 2022 19:40:04 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a125d8f52151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 5mt7w3.jpg
i.imgflip.com/ 78 KB
79 KB 136ms
73ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5mt7w3.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f716c225e9a67938190352b5ef637cd07403c764bc3b25991d09b681ebee1f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
cf-cache-status: HIT
age: 8207
cf-polished: origSize=81255
cf-ray: 68e2a127da92215d-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 80236
x-amz-id-2: Q3+cc82FP2gRdSVO5jQnkWRJOGzufRtO69CdDLa0SZmqPHnsSiLyqNIxek4xKKuFFJVgaHjlyr4=
last-modified: Mon, 13 Sep 2021 13:43:12 GMT
server: cloudflare
etag: "804287bb4134d507ba893c28ceacd3bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: GTM082EX7N68ZM2N
access-control-allow-origin: *
expires: Thu, 11 Sep 2031 16:07:36 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 R(17).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 32 KB
33 KB 284ms
280ms Image
image/jpeg 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/R(17).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e9398988f6ac75c0279df7d0f47a3e689fab2d5572a575e75ef5d1cae676ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3106535
cf-polished: origSize=37042, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32758
last-modified: Sun, 08 Aug 2021 16:59:19 GMT
server: cloudflare
etag: "61100d67-90b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 08 Aug 2022 17:12:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a125d8f82151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 5migy6.jpg
i.imgflip.com/ 82 KB
82 KB 250ms
186ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5migy6.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160cb2aa99b608d585742fe4ccc495e5c3523bb0cf61dc5075e9bdca0ec6c9cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
cf-cache-status: HIT
age: 268716
cf-polished: origSize=84301
cf-ray: 68e2a127da8f215d-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 83813
x-amz-id-2: yhWVj2fgjUNLd1mrFY59xzYbkh/UTGwBTvzfhMjPzz2G6Vr/JwwniXz+el9itW0qTmQTVYUfg50=
last-modified: Fri, 10 Sep 2021 13:20:54 GMT
server: cloudflare
etag: "3351d17d0ef25795fc32dc01f28f30d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: XGE26E2ST0TFFP17
access-control-allow-origin: *
expires: Thu, 11 Sep 2031 16:07:36 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 RothschildsBradford-min-300x135.jpg
tapnewswire.com/wp-content/uploads/2021/09/ 14 KB
14 KB 913ms
434ms Image
image/jpeg 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/uploads/2021/09/RothschildsBradford-min-300x135.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: 4fb3bc255629c663cfdbd104b851d285665614808b18bed09767294823114ae1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
last-modified: Mon, 13 Sep 2021 09:50:17 GMT
server: nginx
accept-ranges: bytes
etag: "36c0-5cbdd6478c578"
content-length: 14016
content-type: image/jpeg

GET
H2 200 wi8xEvAcmfSr_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 101 KB
101 KB 104ms
103ms Image
image/jpeg 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/wi8xEvAcmfSr_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-39.cdn77.com

Software

BunnyCDN-DE1-755 /

Resource Hash

8f7941dc4049fbc63dcc309fa86976a16bacd118d7c64549d8c8fb89cc8df7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx0000000000000080d502f-00613cf61b-67e8a05-nyc3a
cdn-cachedat: 09/11/2021 20:31:55
cdn-pullzone: 89010
content-length: 103327
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-755
last-modified: Sat, 11 Sep 2021 18:28:36 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: ec17b5bb4ef86b04728fa582fa3c4c56
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 call_of_duty-black_ops_logo-front.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 21 KB
21 KB 286ms
283ms Image
image/jpeg 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/call_of_duty-black_ops_logo-front.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85fed218b2866abb180679eee9e8ac824f7ab7c1c1fde0042d66824028fdd43b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 63342
cf-polished: origSize=25594, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21107
last-modified: Sun, 12 Sep 2021 22:15:00 GMT
server: cloudflare
etag: "613e7be4-63fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 12 Sep 2022 22:31:54 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a125d8fb2151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 screen-shot-2021-09-13-at-7.13.25-am.png
justusaknight.files.wordpress.com/2021/09/ 970 KB
971 KB 222ms
55ms Image
image/png 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://justusaknight.files.wordpress.com/2021/09/screen-shot-2021-09-13-at-7.13.25-am.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1b80be1e9d45c6e2e283ee6932eb4c204b00714dcb411ca90ad590fc53ea4af0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 23 np
date: Mon, 13 Sep 2021 16:07:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 14:22:03 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://justusaknight.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 992962
expires: Fri, 15 Oct 2021 20:48:59 GMT

GET
H2 200 /
external-content.duckduckgo.com/iu/ 45 KB
46 KB 214ms
212ms Image
image/jpeg 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-content.duckduckgo.com/iu/?u=http%3A%2F%2Fflapsblog.com%2Fwp-content%2Fuploads%2FBiden-Rope-A-Dope.jpg&f=1&nofb=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

1174f04dffde3cfade6a026eb1a8e6d2e6cc75257ecc275c0a1b2e8499d3666f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duck.co ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-duckduckgo-locale: de_DE
strict-transport-security: max-age=31536000
referrer-policy: origin
server: nginx
date: Mon, 13 Sep 2021 16:07:37 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1;mode=block
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duck.co ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
x-content-type-options: nosniff
expires: Tue, 13 Sep 2022 16:07:37 GMT

GET
H2 200 images-5-300x160.jpg
tapnewswire.com/wp-content/uploads/2021/09/ 12 KB
12 KB 961ms
643ms Image
image/jpeg 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/uploads/2021/09/images-5-300x160.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: db28addffd6aae1f64d64496534206d83f40fa60c4cacacaa9cd09ce14c14e91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
last-modified: Fri, 10 Sep 2021 16:08:14 GMT
server: nginx
accept-ranges: bytes
etag: "2e8d-5cba652a312ea"
content-length: 11917
content-type: image/jpeg

GET
H3 200 5mdrb4.jpg
i.imgflip.com/ 83 KB
84 KB 112ms
111ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5mdrb4.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a35c121a21adca21e3843679ad04a8d0037b7499bb7b19f56f75dcd8d4bcc59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
cf-cache-status: HIT
age: 357219
cf-polished: origSize=85514
cf-ray: 68e2a128bd0f215d-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85407
x-amz-id-2: I98iiS1Ha8yBUNhgCreavkvLzHD2CKRruI63u5TKJnQbpUlwhN8MV3X+JsMBj+t4RM35rwYTQac=
last-modified: Thu, 09 Sep 2021 12:47:44 GMT
server: cloudflare
etag: "411021f4375d8a008088da0b56ece43f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: W5MEF50T3NFK6FN8
access-control-allow-origin: *
expires: Thu, 11 Sep 2031 16:07:37 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 5mpo0m.jpg
i.imgflip.com/ 84 KB
85 KB 169ms
168ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5mpo0m.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9733ae3522422e34bbd8b7d45df148d70e721c107cb38d699fc88451d9b985cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
cf-cache-status: HIT
age: 91069
cf-polished: origSize=86671
cf-ray: 68e2a128bd15215d-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 86264
x-amz-id-2: g1jWfOM6AGuQ6U1SR/yQk9YJVCHwrw2N4v1XpXZfnYg3yPwPIfb3XBxSs6bS7lCHSFziqmyY66w=
last-modified: Sun, 12 Sep 2021 14:45:37 GMT
server: cloudflare
etag: "92d18d6c1338c6adb218fa495207a69d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: TY6PD29CTZ6BRCA2
access-control-allow-origin: *
expires: Thu, 11 Sep 2031 16:07:37 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 prjVWi9agcvHo6wWwSY0NoWHiaFTUW1GFE88HIUk5LrHN5aeEIX3D6pJtDlEPNI6Dvf_Ou5XHLexQ1ajT_5sVXHMGfcLsqoinYvkNDmXc8HzvBff2Y637Q=s0-d-e1-ft
ci5.googleusercontent.com/proxy/ 43 B
441 B 389ms
103ms Image
image/gif 142.250.74.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ci5.googleusercontent.com/proxy/prjVWi9agcvHo6wWwSY0NoWHiaFTUW1GFE88HIUk5LrHN5aeEIX3D6pJtDlEPNI6Dvf_Ou5XHLexQ1ajT_5sVXHMGfcLsqoinYvkNDmXc8HzvBff2Y637Q=s0-d-e1-ft

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s23-in-f1.1e100.net

Software

fife /

Resource Hash

1cd75fd594adf1d6cd5e5c65eaaf88dc2a08dd82c3d4b5d828244d10a3624e64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 13:34:50 GMT
x-content-type-options: nosniff
server: fife
age: 9167
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=371413
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 17 Sep 2021 20:45:03 GMT

GET
H2 200 XuNC4TPm9a4s_640x360.jpg
static-3.bitchute.com/live/cover_images/Htw7sVXytG2m/ 41 KB
42 KB 55ms
54ms Image
image/jpeg 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/Htw7sVXytG2m/XuNC4TPm9a4s_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-39.cdn77.com

Software

BunnyCDN-DE1-755 /

Resource Hash

6a6af6a98a6db424f1648c69c589b03e1fe07c76310a15d86b2970501ed59e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx0000000000000081bebe7-00613d1eaf-67e7768-nyc3a
cdn-cachedat: 09/11/2021 23:25:04
cdn-pullzone: 89010
content-length: 42459
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-755
last-modified: Sat, 11 Sep 2021 21:00:28 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 669bb920111015fab292a8630da7e831
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 screen-shot-2021-09-12-at-11.02.29-am.png
justusaknight.files.wordpress.com/2021/09/ 401 KB
401 KB 174ms
55ms Image
image/webp 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://justusaknight.files.wordpress.com/2021/09/screen-shot-2021-09-12-at-11.02.29-am.png?w=1024

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c1f877e7700c53ff382b15ca393333ab028c19fe1ad495cd40e2b4ba03d4dd86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 23 np
date: Mon, 13 Sep 2021 16:07:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 12 Sep 2021 18:02:45 GMT
server: nginx
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://justusaknight.wordpress.com
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 410516
access-control-allow-credentials: true
expires: Fri, 08 Oct 2021 07:44:09 GMT

GET
H2 200 hnfpc.iR4e-small-Clay-Clark-The-Medical-Cove.jpg
sp.rmbl.ws/s8/1/h/n/f/p/ 208 KB
208 KB 241ms
240ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/h/n/f/p/hnfpc.iR4e-small-Clay-Clark-The-Medical-Cove.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 0ef855c8a2898ba57ba4582b8351aa64336598404cb66ea6fa5e0bbfcdd2e407

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
last-modified: Fri, 10 Sep 2021 18:54:57 GMT
etag: "686d75fe41b6e42906abddf3d3553a05"
x-hw: 1631549257.cds078.am5.hn,1631549257.cds068.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=13400
accept-ranges: bytes
content-length: 212791

GET
H2 200 /
external-content.duckduckgo.com/iu/ 13 KB
14 KB 170ms
170ms Image
image/jpeg 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Ftse1.mm.bing.net%2Fth%3Fid%3DOVP.2kkdoCTygQbh0wB_mLgR-wEsDh%26pid%3DApi&f=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

941157a9489d36127ad4f7630d2a1bb79a890084155a725a4250b6f9a9b5ea9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duck.co ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-duckduckgo-locale: de_DE
strict-transport-security: max-age=31536000
referrer-policy: origin
server: nginx
date: Mon, 13 Sep 2021 16:07:37 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1;mode=block
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duck.co ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
x-content-type-options: nosniff
expires: Tue, 13 Sep 2022 16:07:37 GMT

GET
H3 200 hqdefault.jpg
img.youtube.com/vi/875cxz6u4Fc/ 41 KB
41 KB 270ms
90ms Image
image/jpeg 216.58.207.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/875cxz6u4Fc/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.207.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s19-in-f14.1e100.net

Software

sffe /

Resource Hash

9b2df1bdb0f9657979db857e736cdaf9d38e8bd3d1ca583eea6b350dd2d5f974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:06:11 GMT
x-content-type-options: nosniff
server: sffe
age: 86
etag: "1631466382"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41654
x-xss-protection: 0
expires: Mon, 13 Sep 2021 16:11:11 GMT

GET
H2 200 one-world-trade-center-mandatory-covid-19-vaccines-vaccination-passport-bill-gates-co2-new-order-end-times-bible-prophecy.jpg
www.nowtheendbegins.com/wp-content/uploads/2021/09/ 374 KB
375 KB 226ms
56ms Image
image/jpeg 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nowtheendbegins.com/wp-content/uploads/2021/09/one-world-trade-center-mandatory-covid-19-vaccines-vaccination-passport-bill-gates-co2-new-order-end-times-bible-prophecy.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

6eb89bc1bdb1ae95f6c10e09b577b4ab79985d54ecbe30c1ff0bd39168d19a37

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 382801
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Sep 2021 13:20:18 GMT
server: nginx
etag: "613f5012-5d751"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15006
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: STATIC/PATH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iaLlZN0q8rjk_640x360.jpg
static-3.bitchute.com/live/cover_images/okiFK5CwQrZS/ 34 KB
34 KB 54ms
54ms Image
image/jpeg 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/okiFK5CwQrZS/iaLlZN0q8rjk_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-39.cdn77.com

Software

BunnyCDN-DE1-755 /

Resource Hash

8491f6432dd0bc919f9275e1c741c40e443ceac5dfceb4eb886e86354c6e8b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 09/08/2021 00:44:10
cdn-pullzone: 89010
content-length: 34610
x-amz-request-id: tx000000000000002878bf6-006137eb3a-66554fe-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-755
last-modified: Tue, 07 Sep 2021 22:37:41 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 419b43f6fab00d4990473186045457bc
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 5mmakq.jpg
i.imgflip.com/ 56 KB
56 KB 69ms
69ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5mmakq.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be2409367c9d75ae8fec2cdd75c670e2b15a5436afcc68e737b8e6f2643dd6cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
cf-cache-status: HIT
age: 184409
cf-polished: origSize=57194
cf-ray: 68e2a129ffe4215d-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56882
x-amz-id-2: Z4QzYhgefFm4uPuERiv5QcAT6rb01YDNH3BPle7hX21QPgizSN0djeT7Bbpb6oP/KM2sLXV/jOI=
last-modified: Sat, 11 Sep 2021 12:43:57 GMT
server: cloudflare
etag: "5de278a3b64c97d013a9757c4f34597b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: CJC4P6FP2B206EXG
access-control-allow-origin: *
expires: Thu, 11 Sep 2031 16:07:37 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 photo_2021-09-12_19-12-13.jpg
1.bp.blogspot.com/-lqfvsj83Qn4/YT6kZAaxisI/AAAAAAAAGOo/YMjgHdQatfguhP6Ey7xzgqVuwT-59xolwCLcBGAsYHQ/s600/ 57 KB
58 KB 358ms
100ms Image
image/jpeg 142.250.74.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-lqfvsj83Qn4/YT6kZAaxisI/AAAAAAAAGOo/YMjgHdQatfguhP6Ey7xzgqVuwT-59xolwCLcBGAsYHQ/s600/photo_2021-09-12_19-12-13.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s22-in-f1.1e100.net

Software

fife /

Resource Hash

802e61c83ea040d03bd45783a04119f18ff112c2d143edefe3a508c19c638b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 13:57:44 GMT
x-content-type-options: nosniff
age: 7793
content-disposition: inline;filename="photo_2021-09-12_19-12-13.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58457
x-xss-protection: 0
server: fife
etag: "v18eb"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 14 Sep 2021 01:44:23 GMT

GET
H3 200 5lydty.jpg
i.imgflip.com/ 76 KB
76 KB 70ms
70ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5lydty.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.64.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83a6afd96ba4f93bdfda7fb3eba69be47b6c010feecc1352ee84a38d32b295ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
cf-cache-status: HIT
age: 697403
cf-polished: origSize=77847
cf-ray: 68e2a12a0fef215d-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77537
x-amz-id-2: cmLWcL88MpDb/KE1MzzJYZZVPPgd0+b+zKn0zV47QI0ZsgncAIXwpW1cijjC0MMdl2lHCw+mmgQ=
last-modified: Sun, 05 Sep 2021 14:20:41 GMT
server: cloudflare
etag: "997bd09e78193eaaf2613f3374ff020e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 3N6YK4TZT93YGHYH
access-control-allow-origin: *
expires: Thu, 11 Sep 2031 16:07:37 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 Deep-state.gif
themillenniumreport.com/wp-content/uploads/2017/01/ 69 KB
69 KB 231ms
55ms Image
image/gif 192.124.249.17
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themillenniumreport.com/wp-content/uploads/2017/01/Deep-state.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.17 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10017.sucuri.net

Software

nginx /

Resource Hash

aedab1d08d4b02b62a1fcb893f1d0b238399846b83a845dcd6056e62d4921d8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
x-content-type-options: nosniff, nosniff
x-cacheable: YES
x-backend: local
age: 22317
x-cache: cached
x-sucuri-cache: HIT
content-length: 70176
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 01 Oct 2010 21:11:00 GMT
server: nginx
etag: "11220-49194a1a56100"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
16 KB 269ms
269ms Image
image/jpeg 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/v3/culturebg.jpg
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1704665
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15334
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 24 Aug 2022 22:36:30 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 68e2a125e9292151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame E0EE 2 KB
1 KB 229ms
64ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202181316
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3a7060843b2adf1775e4e6345f0c0089037746f2643934a7ca11f1e8987e735

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 1961
last-modified: Wed, 08 Sep 2021 08:07:03 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 91JRZV2YCAV15A7V
x-amz-id-2: 2JQTWWLO3pQAmfuuhKATNLOSVlocRe25P+wnP6R4djDmoVqDYrVslW/TS94kbF3WBfFXlzAB240=
cf-bgj: minify
server: cloudflare
etag: W/"f075fd5795e71a23dc54ed3fd9ce7745"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 68e2a1270da0874d-DUS
expires: Mon, 13 Sep 2021 19:07:36 GMT

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame 2300 2 KB
1 KB 225ms
68ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202181316
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44048535de81b7a3309d0fdffe816de5fbd19d82629956d9fb2a70f051261a4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 1961
last-modified: Wed, 08 Sep 2021 05:45:40 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XEK2SK54MQ2J60X6
x-amz-id-2: O4ASwyzi3/JhC8znfjSIwtZkKBAZIxW7TnYkJDtmr0SZhXDP2V4AbKMbwsaBFJeyto2QgTDRCXM=
cf-bgj: minify
server: cloudflare
etag: W/"41011185499ef3cdbc478e8a78e1b8cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 68e2a1270da4874d-DUS
expires: Mon, 13 Sep 2021 19:07:36 GMT

GET
H3 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
43 KB 252ms
251ms Image
image/jpeg 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/banner/BIN_Join_Telegram_bg-min.jpg
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1704537
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43060
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 24 Aug 2022 22:38:39 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 68e2a12609982151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 5464ms
142ms Script
text/javascript 142.250.74.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s21-in-f2.1e100.net

Software

cafe /

Resource Hash

919a34024fb3cdd165a351cbc087d5698a39525a803f9ce96b149883c29b1773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49445
x-xss-protection: 0
server: cafe
etag: 6681020038580806422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 16:07:42 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
625 B 296ms
89ms Script
application/javascript 104.21.64.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.64.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17246
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9
last-modified: Mon, 13 Sep 2021 11:20:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1kwBwSStgEJwPOgcBqKWM1uZoYK6sjySBnMz8%2FhBNxuRCA1eBDw%2BGWptkZ2q5drco5oX7XXseCvNgQfbHQXhkEL5%2Fy%2BHqGwMHuNMKCwO6cK35sWpJYgE25lei6w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 68e2a12c9a4bedf7-CDG

GET
H2 200 adcode.png
rddywd.com/ 43 B
652 B 214ms
72ms Image
image/gif 104.21.64.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.64.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12473
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CB%2B%2FTgTq%2FwaoZ89QQ7kYsjVxAciB1%2BpWoyZyqRP6I6ZBGi5CGbpUamUFHnUSYa3TAFk1Sur7JzUgEuo83F9fVPKu87jImToDS7PEIckLgzGaLgbjCCpG7R6y94P%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 68e2a12c8a173af5-CDG

GET
H2 204 generate_204
www.googleapis.com/ 0
39 B 158ms
102ms Image
text/plain 142.250.74.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: arn11s10-in-f10.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 247ms
247ms Image
image/webp 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/v3/logo-bottom.jpg
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202108091.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1625888
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2250
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 20:29:28 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 68e2a12629e92151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
597 B 790ms
617ms XHR
text/html 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30cbaef1b3d6e118ea48b623b950fba6fd7695ae0a4bf5cfd160ef39a21985c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 68e2a1276bcc216f-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16

GET
H3 200 Q9gOv44E_400x400(3).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
12 KB 208ms
207ms Image
image/jpeg 104.22.75.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Q9gOv44E_400x400(3).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.75.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae309786b20ba25425d0b8105279657ded5f7a6e2d94063e8316be8ec3d24ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 159715
cf-polished: origSize=12076, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11897
last-modified: Fri, 06 Nov 2020 16:40:47 GMT
server: cloudflare
etag: "5fa57c8f-2f2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 11 Sep 2022 19:45:41 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a1266a9e2151-DUS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame EB1A 20 KB
8 KB 264ms
63ms Document
text/html 52.222.186.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-26.ham50.r.cloudfront.net

Software

tv /

Resource Hash

23a7d1bd11e5756007e683f4008fc8bd3af6c7d6d4afc1d6e4b6c3c8d02dac7d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' blob: https://.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://.doubleclick.net/ https://.googleadservices.com/ https://adservice.google.com/ https://.googlesyndication.com/ https://.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://.paypal.com/ https://platform.twitter.com 'nonce-KjyEPUeDVImpWvhJ/veKzQ=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; report-uri /csp-report/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: s.tradingview.com
:scheme: https
:path: /embed-widget/ticker-tape/?locale=en
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
date: Mon, 13 Sep 2021 16:06:13 GMT
expires: Mon, 13 Sep 2021 16:08:13 GMT
cache-control: max-age=120
content-security-policy: script-src 'self' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://*.paypal.com/ https://platform.twitter.com 'nonce-KjyEPUeDVImpWvhJ/veKzQ=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; report-uri /csp-report/
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Cookie
x-cache: Hit from cloudfront
via: 1.1 e028ce7d5e71301b0e973ef66c9bbff9.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: T6KbcPil864Xm9jgm_Y-qM3mRDfHitQbE0Ibo5JJUci3GXqyG5mMhA==
age: 84

GET
H3 200 beforeitsnews.com.720412.es6.js Show response
jsc.mgid.com/b/e/ Frame E0EE 232 KB
65 KB 170ms
112ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202181316
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b45da36302b1875d7e6dd6a31f010b0b06fc6c1b6ba2fbf4d756f18dcddf3e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 1574
last-modified: Wed, 08 Sep 2021 08:07:03 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XX9SABXSAQA7VCBW
x-amz-id-2: Yhyw4nCX0BAa6AR8c35tudjxD+rFwmNukIPKMTCAntIAreXb5bokjZ1z5XEDeVm2XS4/vli9NOk=
cf-bgj: minify
server: cloudflare
etag: W/"bde038cd1d915872cf6ebb4f4f831aa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 68e2a127c88a2181-DUS
expires: Mon, 13 Sep 2021 19:07:36 GMT

GET
H3 200 beforeitsnews.com.351459.es6.js Show response
jsc.mgid.com/b/e/ Frame 2300 232 KB
65 KB 125ms
69ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202181316
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a57fbcd5222f2ad85bff6adbea147fd03df4ca1759e34ae437e29051c43dd5cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 1574
last-modified: Wed, 08 Sep 2021 05:45:40 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 4HNERPQV96VMEPZR
x-amz-id-2: IrRfMA+jjp4DyxVzyLfqOCyq7rOh1mjvBmTV7RGowjDiPXgMrSdyWcJY1+v7Co7+QOyffdscTKQ=
cf-bgj: minify
server: cloudflare
etag: W/"f01ecd0e15f33a32665361e67f28b5e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 68e2a127c88c2181-DUS
expires: Mon, 13 Sep 2021 19:07:36 GMT

GET
H2 200 en.6b2dccfc9adaa26a.js Show response
s.tradingview.com/static/localization/translations/ Frame EB1A 361 KB
58 KB 71ms
70ms Script
application/javascript 52.222.186.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/localization/translations/en.6b2dccfc9adaa26a.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-26.ham50.r.cloudfront.net

Software

tv /

Resource Hash

13c7d4864f21966d262179fcf8afc33b82ae1df4c178775364bd13564dca138a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 11:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17792
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 13 Sep 2021 10:43:39 GMT
server: tv
etag: W/"613f2b5b-e540"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e028ce7d5e71301b0e973ef66c9bbff9.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: urKWqs_2trW1LK8hcwLtutIlJbe-F6pVfb6Lzge7wbvD7xxFUv_ZQQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.5234eac787423ec108b7.js Show response
s.tradingview.com/static/bundles/embed/ Frame EB1A 59 KB
22 KB 143ms
142ms Script
application/javascript 52.222.186.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/runtime.5234eac787423ec108b7.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-26.ham50.r.cloudfront.net

Software

tv /

Resource Hash

23314730fa6dd7aa59169d4ad9dfb6f381abece86252f08f01b260b8baea57c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 11:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17792
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 13 Sep 2021 10:43:45 GMT
server: tv
etag: W/"613f2b61-54ab"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e028ce7d5e71301b0e973ef66c9bbff9.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: yqL5gtWICP-P4tEpTsrBqmy-XE_LwyPoUc1_uz-HYBgD0HhQXKpztA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors_embed.1a38d326e1dac6e561cf.js Show response
s.tradingview.com/static/bundles/embed/ Frame EB1A 139 KB
46 KB 68ms
68ms Script
application/javascript 52.222.186.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/vendors_embed.1a38d326e1dac6e561cf.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-26.ham50.r.cloudfront.net

Software

tv /

Resource Hash

806fe7c2047a8e94bcd28548b679008ed723c77106b5164f1433ceea772f925e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 10:39:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538111
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 07 Sep 2021 09:34:13 GMT
server: tv
etag: W/"61373215-b4a5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e028ce7d5e71301b0e973ef66c9bbff9.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: Q509ofUqyGrhBtF_HOskODEewXUigcelCgTMeaeBBAMPINet06QLCA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.017524a8b8d3be48f472.js Show response
s.tradingview.com/static/bundles/embed/ Frame EB1A 284 KB
83 KB 81ms
80ms Script
application/javascript 52.222.186.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.017524a8b8d3be48f472.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-26.ham50.r.cloudfront.net

Software

tv /

Resource Hash

d5d2c556cb2582c4a86a934b482a7711814bb4a6dbade16d82701847bea27558

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 11:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17791
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 13 Sep 2021 10:43:45 GMT
server: tv
etag: W/"613f2b61-14775"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e028ce7d5e71301b0e973ef66c9bbff9.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: 5p5I-4PFW2l0VI92J3SLhr9QIVtDC8hIsJrEfQWlL97HDTJ5azvtLA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css_embed_normalize.5decea81a5d9f250c172.css
s.tradingview.com/static/bundles/embed/ Frame EB1A 1 KB
1 KB 147ms
147ms Stylesheet
text/css 52.222.186.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/css_embed_normalize.5decea81a5d9f250c172.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-26.ham50.r.cloudfront.net

Software

tv /

Resource Hash

61272354c450141b08dfb8d1bf7cb6d67e8e4236f605074ccc86c89749f7249a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 10:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5203231
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 15 Jul 2021 10:05:38 GMT
server: tv
etag: W/"60f00872-2be"
vary: Accept-Encoding
content-type: text/css
via: 1.1 e028ce7d5e71301b0e973ef66c9bbff9.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KmETV9HRKJEre68dHiCGcoJ16CCbMtYfexmy1RXYid_OVX2AT6PNkw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.9ec7107e43f672a02d69.css
s.tradingview.com/static/bundles/embed/ Frame EB1A 25 KB
4 KB 149ms
149ms Stylesheet
text/css 52.222.186.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.9ec7107e43f672a02d69.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-26.ham50.r.cloudfront.net

Software

tv /

Resource Hash

8b3d7dc41d3a35b269b404b5ca027b61923cb5d3c92b670143da6a1dc207ae92

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 10:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452303
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 08 Sep 2021 09:32:22 GMT
server: tv
etag: W/"61388326-f67"
vary: Accept-Encoding
content-type: text/css
via: 1.1 e028ce7d5e71301b0e973ef66c9bbff9.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: _EEHW6yWbqaUpvsWVjzE_t_9CL8Y13qZEsQVl4lpZT7J0fdnoyXnMQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 466ms
111ms Script
text/javascript 142.250.74.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s22-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 3382
date: Mon, 13 Sep 2021 15:11:15 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 13 Sep 2021 17:11:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame EB1A 101 KB
40 KB 225ms
115ms Script
application/javascript 142.250.74.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.017524a8b8d3be48f472.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e8d8b13f385ee8d41f0664d71da393e175292e7369178a248f192fd4eb1f3822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41242
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Sep 2021 16:07:37 GMT

GET
H2 200 309.ec7ca0f804a63d865c10.css
s.tradingview.com/static/bundles/embed/ Frame EB1A 801 B
756 B 62ms
62ms Stylesheet
text/css 52.222.186.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/309.ec7ca0f804a63d865c10.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.5234eac787423ec108b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-26.ham50.r.cloudfront.net

Software

tv /

Resource Hash

7380a927d91dbc553ac382e4a910d5e07fba8e26392d0f8bf51ddf025b9e62d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 10:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 624150
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 06 Sep 2021 09:39:46 GMT
server: tv
etag: W/"6135e1e2-103"
vary: Accept-Encoding
content-type: text/css
via: 1.1 e028ce7d5e71301b0e973ef66c9bbff9.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: _0DpJAbSu64eKjH10_5Fe_9qWpc8aC0Vc6mG_TBroaGJghE-P03nbA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tradingview-copyright-data-impl.bc2a1d12352656925c8a.js Show response
s.tradingview.com/static/bundles/embed/ Frame EB1A 4 KB
3 KB 62ms
62ms Script
application/javascript 52.222.186.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.bc2a1d12352656925c8a.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.5234eac787423ec108b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-26.ham50.r.cloudfront.net

Software

tv /

Resource Hash

6f4c7baf55e7c028d298c83e4a92e38dd451d5c025ed77ddc4703f4e0fb66253

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 11:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1486530
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 27 Aug 2021 09:21:05 GMT
server: tv
etag: W/"6128ae81-8cc"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e028ce7d5e71301b0e973ef66c9bbff9.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: LIiOx2CKKrlFlMrfeMKHUuvfWllNC9UPcpdtr_Z2OmQDhzkZ54jI3A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
280 B 184ms
122ms Script
text/plain 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1631549257415358716462&uniqId=14ef9&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=613f7749-072f2&pageView=1&pvid=17bdfe9f6c89a11c748&site=310742&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68e2a12d58cf874d-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 132ms
71ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 407
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: B9201827F81D32DC
x-amz-id-2: oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 68e2a12bfe60874d-DUS
expires: Tue, 14 Sep 2021 16:07:37 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
905 B 127ms
67ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 407
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 1D76EA8A206ECCA7
x-amz-id-2: lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 68e2a12bfe5c874d-DUS
expires: Tue, 14 Sep 2021 16:07:37 GMT

GET
H3 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 204ms
98ms Font
font/woff2 216.58.207.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s04-in-f3.1e100.net

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 16:38:44 GMT
x-content-type-options: nosniff
age: 516533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 16:38:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame EB1A 48 KB
19 KB 477ms
231ms Script
text/javascript 142.250.74.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s22-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 3382
date: Mon, 13 Sep 2021 15:11:15 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 13 Sep 2021 17:11:15 GMT

GET
H2 200 1 Show response
servicer.mgid.com/720412/ 1 KB
1 KB 180ms
117ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?pv=5&cbuster=1631549257740156025531&uniqId=14ef9&niet=4g&nisd=false&jsv=es6&w=370&h=312&cols=1&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=613f7749-072f2&pageView=1&pvid=17bdfe9f6c89a11c748&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c7409d5eea2162b2da491191c388be6ffbf3250daecf6c302783e55e3df557

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68e2a12da947874d-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 3 KB
2 KB 132ms
124ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=370&h=1090&cols=1&pv=5&cbuster=1631549257793623482726&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=613f7749-072f2&pageView=0&pvid=17bdfe9f6c89a11c748&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d21bdac109e98e8ff0345f41676c2799137ebb3e6208e9b636c4e3a3286cec0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68e2a12da94a874d-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzQ0N2UwYWEyZjFmYjU0OWMwMThiMmI1NDQ5YjFjMTgwLmpwZw.webp
s-img.mgid.com/g/8193528/492x328/0x81x600x400/ 8 KB
9 KB 301ms
95ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193528/492x328/0x81x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzQ0N2UwYWEyZjFmYjU0OWMwMThiMmI1NDQ5YjFjMTgwLmpwZw.webp?v=1631549257-t2HY08oe0NBHipB87w6MV_EmhzKLJB20SBAGzkq-DV0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7320dbc9eff5f6a0d26ad555632ccc0ed6f5d0fee3bbf708ab5868566ed275

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:53:49 GMT
x-mg-request-uuid: c057d44f-09fc-4413-bb10-38d69c8baa40
age: 834726
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a12fcde22151-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8674
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.mgid.com/g/8164865/492x277/0x0x900x600/ 19 KB
19 KB 345ms
153ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164865/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1631549257-EmwooIsq8iJNi2Y1S8p2SfBqaEFQWziXZVTGb67c358
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d50c76f222ed812d0aef55d3b7fe52f4ea68565e14496a8d8e52fb290be7bc3e

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:37:29 GMT
x-mg-request-uuid: b3634863-f1a8-4c51-a9f0-d976ca3b56d7
age: 4129906
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a12fcde62151-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19190
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.mgid.com/g/8164889/492x277/0x124x565x376/ 15 KB
16 KB 338ms
146ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164889/492x277/0x124x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1631549257-CGzNvE7XklFmZgFYumyV-cnBkIYealz12tlffjK0upQ
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17c2af45e49d12ee6a70be5a408c480a23d4820c344531d26c30890257bc0eae

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:20:22 GMT
x-mg-request-uuid: 67c982a1-45b7-4ebc-b2ae-d7c7698b05c3
age: 4138148
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a12fcde82151-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15682
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp
s-img.mgid.com/g/8164857/492x277/0x89x1080x720/ 7 KB
7 KB 270ms
78ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164857/492x277/0x89x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp?v=1631549257-xlAlaB_BwulWV1mmWSJylef6P0KSFIwvrbPBZjnM9cQ
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f56ae2b89d686e1d6cf5127c1f584c87ba9c022fbb9fdc0d2fe88212ae8dc53

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:36:49 GMT
x-mg-request-uuid: b56d1fb9-99f3-486c-8940-5d2a3c7eceb3
age: 375382
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a12fcded2151-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6814
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzMwZGEzMTdiZTg2Njk3ZTFmNjQ4ODRlNTVjYmY3MDViLmpwZWc.webp
s-img.mgid.com/g/8164885/492x277/0x0x1100x733/ 21 KB
22 KB 345ms
153ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164885/492x277/0x0x1100x733/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzMwZGEzMTdiZTg2Njk3ZTFmNjQ4ODRlNTVjYmY3MDViLmpwZWc.webp?v=1631549257-TegeGcqK9kSyeFI6LeQjCakLUn4qXN-jhhJfWlBnZ14
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77772dc15f9728a488e89760103e3da204a70ff8db59c01117113375cce999c1

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:20:17 GMT
x-mg-request-uuid: 83609a4d-0134-4826-9925-2e49ed3965da
age: 459435
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a12fcdf12151-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21924
server: cloudflare

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
1003 B 191ms
123ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=163154925798212120521
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3d610bda60e65bdf62a5a273802649efe6dcfcbf9033076eb79e3339a6e537f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: bc9560ad-445c-46e6-b703-411a1595185e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 68e2a12f3b6a874d-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 7DA7 19 B
164 B 176ms
123ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1631549257998369209824
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 91d0af58-aab9-4667-910a-e15b185212c3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 68e2a12f3b6b874d-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame EB1A 3 KB
784 B 311ms
74ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 14:10:14 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:34:51 GMT
server: AmazonS3
age: 2426245
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
x-amz-cf-id: t6RkJ_3EKmKqyGkTWvZq3Y6_ID-dEqFIaiOZr6z4jvtY5x3DIgLgSg==

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame EB1A 523 B
906 B 311ms
75ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 17:24:34 GMT
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 08:48:30 GMT
server: AmazonS3
age: 945785
etag: "4542d4ecd73f04c73affa787a4522596"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
content-length: 523
x-amz-cf-id: vg6DCBcFjSz_TNaRoqvptYJF2iAEybUFhqyEhwWqvwaWKNfecy5ZlA==

GET
H2 200 united-parcel.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 1 KB
1 KB 311ms
75ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/united-parcel.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 02:09:12 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 07:42:45 GMT
server: AmazonS3
age: 1432707
etag: W/"ffadcdfb231eca2a6bddb9ca0efde5be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: ffadcdfb231eca2a6bddb9ca0efde5be
x-amz-cf-id: s4-DmFGI3KRaJQeztC4eab0oR8LKGUPQjgKcWB4qvDKSHg7Kvzgv1g==

GET
H2 200 fedex.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 182 B
565 B 312ms
75ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/fedex.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 11:17:01 GMT
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 07:46:12 GMT
server: AmazonS3
age: 1572638
etag: "a4fcbd383e2f657b6528f4aa95844de5"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: a4fcbd383e2f657b6528f4aa95844de5
content-length: 182
x-amz-cf-id: aU4191typBrCxwaQ3F3_jMKfQXOXa_RS5xLOmIXhK2iv2QBeCk7ZPQ==

GET
H2 200 gamestop.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 1 KB
1 KB 313ms
77ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/gamestop.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 06:33:04 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 07:36:30 GMT
server: AmazonS3
age: 1416875
etag: W/"bbf56edc1acae4673f8e03ab9e3e2290"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: bbf56edc1acae4673f8e03ab9e3e2290
x-amz-cf-id: b_xqVJYbyTcksvW8YG-ALHilar7MTrgHizPfkc9wLaAirCKf-PUb6g==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame EB1A 801 B
1 KB 312ms
76ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 23:29:30 GMT
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 08:43:32 GMT
server: AmazonS3
age: 2219889
etag: "107060b925841745f310697bd9f1f83d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
content-length: 801
x-amz-cf-id: ji0kinNNpvT1mSg_3p9arHFCCk1ilQdPTaJvuWQFQUegTzFTz8sWJA==

GET
H2 200 ebay.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 1 KB
1 KB 79ms
75ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/ebay.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 13:37:46 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 07:43:26 GMT
server: AmazonS3
age: 1909793
etag: W/"10fc27643c8debeb225d244f546f3641"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: 10fc27643c8debeb225d244f546f3641
x-amz-cf-id: 0lOQPVEiKUZPdy8CrZeosXPyiguhgys2rmZ7PIZf2o9MfmjXwab0pA==

GET
H2 200 crispr-therapeutics-ag.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 1 KB
1021 B 85ms
82ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crispr-therapeutics-ag.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 21:39:41 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:34:28 GMT
server: AmazonS3
age: 1880878
etag: W/"16a44c1a6154b68c7aa2fa206e59c817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: 16a44c1a6154b68c7aa2fa206e59c817
x-amz-cf-id: zWzuxl0GUUu5nBEQyYpi39VTizdsPZJfEPoeJ_dQ8fdU-Hdt2Bk2vw==

GET
H2 200 tesla.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 508 B
892 B 78ms
75ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/tesla.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 11:15:24 GMT
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 08:26:48 GMT
server: AmazonS3
age: 1745535
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
content-length: 508
x-amz-cf-id: FA0OYZwRJDZ82xik8IHHU13R3pUe5dLFxUYk6ySHI72iYA_PY2aOQQ==

GET
H2 200 berkshire-hathaway.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 1 KB
1 KB 79ms
76ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/berkshire-hathaway.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:39:15 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:28:29 GMT
server: AmazonS3
age: 1675703
etag: W/"7c18bc7ae368cb48e47ba8066bb6f18d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: 7c18bc7ae368cb48e47ba8066bb6f18d
x-amz-cf-id: i4j0LxGs_EoP7U2UCTmQCJ9hiI6d8R1BjKWFjeRtLSoZ-m7VMXVjSQ==

GET
H2 200 amazon.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 1 KB
1 KB 85ms
82ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/amazon.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 15:46:35 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:09:37 GMT
server: AmazonS3
age: 1309
etag: W/"839d24db4574bb8543cec9624d3e1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
x-amz-cf-id: s5G_XwfHpzgO1jeyuzZo3v33TS8IV4FG_j-UY86M-rMCsmi44dEBUQ==

GET
H2 200 alphabet.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 761 B
1 KB 80ms
77ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/alphabet.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:35:17 GMT
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 07:35:48 GMT
server: AmazonS3
age: 1560742
etag: "d721ee9258a9e765f67ec5dfb05d72f2"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: d721ee9258a9e765f67ec5dfb05d72f2
content-length: 761
x-amz-cf-id: mgzXxtVPEJlrMiVawNbyPl5mjPTfkPPkbwrtM-kxyz0dweL5_1ZWGA==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame EB1A 870 B
1 KB 300ms
73ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 16:46:50 GMT
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 08:35:23 GMT
server: AmazonS3
age: 2589649
etag: "e9173ef4613c3da43c45885ea39c4b96"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
content-length: 870
x-amz-cf-id: J6Or0aYZuzur4qu0BT0YOVd184j9_BR1DdDcTy_w0EvwDXrnccmgSw==

GET
H2 200 microsoft.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 304 B
684 B 81ms
78ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/microsoft.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 03:27:10 GMT
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 08:19:18 GMT
server: AmazonS3
age: 650496
etag: "074d127e2f9fd8c2e79c01a5f002979c"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
content-length: 304
x-amz-cf-id: PyHO3FTiVGt7y-XXU3yoIDftcmGxWHta_wLVzihfDKz9R0E6vhZ2uA==

GET
H2 200 paypal.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 1 KB
1 KB 81ms
78ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/paypal.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 08:39:02 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:27:26 GMT
server: AmazonS3
age: 1582117
etag: W/"65eea60fcee5ecdfdbb1acd1ba7cc66b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: 65eea60fcee5ecdfdbb1acd1ba7cc66b
x-amz-cf-id: wDUMRLOppWg8zFd5_ffnDo1syHJ9uBPeqMepSPKnpKS_BSYTe1ebRQ==

GET
H2 200 facebook.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 225 B
606 B 82ms
79ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/facebook.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f785ad56ccd948b3be8bc3fc810e51ccd0cbb9f4da47100300b25797e9ffb8ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 17:11:39 GMT
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 07:44:38 GMT
server: AmazonS3
age: 1637760
etag: "0c6d458a2d9ece244f3676100a74b59f"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: 0c6d458a2d9ece244f3676100a74b59f
content-length: 225
x-amz-cf-id: m5jhD7vlMp9RAnicZRKHLeP0eoy46JHTmTijA6136khBOS_HD9UMBg==

GET
H2 200 dillards.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 522 B
903 B 83ms
80ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/dillards.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 14:55:42 GMT
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 07:41:36 GMT
server: AmazonS3
age: 1991517
etag: "fe0a346dd65be84d3e810b04e0ec4c77"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: fe0a346dd65be84d3e810b04e0ec4c77
content-length: 522
x-amz-cf-id: golWTNNmHtEs4qFnMX3GbISOFS68Es3FaSW7Tp3zTYNNAkvsW50WaQ==

GET
H2 200 twitter.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 635 B
1016 B 84ms
81ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/twitter.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:44:00 GMT
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 07:27:48 GMT
server: AmazonS3
age: 1805019
etag: "4c66a5172a9c77ab75e140f5079218ec"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: 4c66a5172a9c77ab75e140f5079218ec
content-length: 635
x-amz-cf-id: HnoUddfgDixvMA3LrryQo-zvPiRA2jllv8IxUms-w04JByYvqg9W0w==

GET
H2 200 apple.svg
s3-symbol-logo.tradingview.com/ Frame EB1A 1 KB
1 KB 78ms
75ms Image
image/svg+xml 52.222.186.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/apple.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-42.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 20:34:54 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:15:48 GMT
server: AmazonS3
age: 2575965
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C2
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
x-amz-cf-id: zUZGihd5udZWLmPW61CTsxMmObOsz2IzsW0xfEwZmxgGkVMs1AnZTA==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 298ms
74ms Script
application/javascript 52.222.179.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-24.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 13:43:34 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 8646
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: 74I0nHH5wdGd60_hhCRSo2WBrySVXFFgW6-GArTF7BuNk0oWUXQ6uA==

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzQ0N2UwYWEyZjFmYjU0OWMwMThiMmI1NDQ5YjFjMTgwLmpwZw.webp
s-img.mgid.com/g/8193528/492x328/0x81x600x400/ Frame E0EE 8 KB
9 KB 152ms
90ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193528/492x328/0x81x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzQ0N2UwYWEyZjFmYjU0OWMwMThiMmI1NDQ5YjFjMTgwLmpwZw.webp?v=1631549257-t2HY08oe0NBHipB87w6MV_EmhzKLJB20SBAGzkq-DV0
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7320dbc9eff5f6a0d26ad555632ccc0ed6f5d0fee3bbf708ab5868566ed275

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:53:49 GMT
x-mg-request-uuid: c057d44f-09fc-4413-bb10-38d69c8baa40
age: 834726
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a12fcdf32151-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8674
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.mgid.com/g/8164865/492x277/0x0x900x600/ Frame 2300 19 KB
19 KB 148ms
147ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164865/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1631549257-EmwooIsq8iJNi2Y1S8p2SfBqaEFQWziXZVTGb67c358
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d50c76f222ed812d0aef55d3b7fe52f4ea68565e14496a8d8e52fb290be7bc3e

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:37:29 GMT
x-mg-request-uuid: b3634863-f1a8-4c51-a9f0-d976ca3b56d7
age: 4129906
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a12fde052151-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19190
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.mgid.com/g/8164889/492x277/0x124x565x376/ Frame 2300 15 KB
16 KB 75ms
74ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164889/492x277/0x124x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1631549257-CGzNvE7XklFmZgFYumyV-cnBkIYealz12tlffjK0upQ
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17c2af45e49d12ee6a70be5a408c480a23d4820c344531d26c30890257bc0eae

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:20:22 GMT
x-mg-request-uuid: 67c982a1-45b7-4ebc-b2ae-d7c7698b05c3
age: 4138148
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a12fde072151-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15682
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp
s-img.mgid.com/g/8164857/492x277/0x89x1080x720/ Frame 2300 7 KB
7 KB 148ms
148ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164857/492x277/0x89x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp?v=1631549257-xlAlaB_BwulWV1mmWSJylef6P0KSFIwvrbPBZjnM9cQ
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f56ae2b89d686e1d6cf5127c1f584c87ba9c022fbb9fdc0d2fe88212ae8dc53

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:36:49 GMT
x-mg-request-uuid: b56d1fb9-99f3-486c-8940-5d2a3c7eceb3
age: 375382
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a1303f0e2151-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6814
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzMwZGEzMTdiZTg2Njk3ZTFmNjQ4ODRlNTVjYmY3MDViLmpwZWc.webp
s-img.mgid.com/g/8164885/492x277/0x0x1100x733/ Frame 2300 21 KB
22 KB 148ms
148ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164885/492x277/0x0x1100x733/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzMwZGEzMTdiZTg2Njk3ZTFmNjQ4ODRlNTVjYmY3MDViLmpwZWc.webp?v=1631549257-TegeGcqK9kSyeFI6LeQjCakLUn4qXN-jhhJfWlBnZ14
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77772dc15f9728a488e89760103e3da204a70ff8db59c01117113375cce999c1

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:20:17 GMT
x-mg-request-uuid: 83609a4d-0134-4826-9925-2e49ed3965da
age: 459435
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68e2a1303f142151-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21924
server: cloudflare

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 243ms
122ms XHR
text/plain 142.250.74.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1770101029&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1078478661&gjid=1033030184&cid=1897403227.1631549258&tid=UA-16055024-1&_gid=196886722.1631549258&_r=1&gtm=2ou910&z=138064942

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s22-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 65E1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

296ms
69ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=163154925798212120521
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 Sep 2021 16:07:38 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Mon, 13 Sep 2021 16:07:38 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame E0B8 1 KB
885 B 676ms
148ms Document
text/html 209.205.219.146
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=163154925798212120521
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.219.146 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS: static-146-219-205-209.24shells.net
Software: VertaMedia 1.0 /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

Server: VertaMedia 1.0
Date: Mon, 13 Sep 2021 16:07:38 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 600
Access-Control-Allow-Origin: https://beforeitsnews.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=aefa848e-c201-4035-817e-bfd7b2675c5e&ttl=1634141258

43 B
506 B

116ms
116ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=aefa848e-c201-4035-817e-bfd7b2675c5e&ttl=1634141258
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:38 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 76b20808-cfbc-42ac-86cb-44dd4d047775
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 68e2a1338c3f2181-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

Redirect headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=aefa848e-c201-4035-817e-bfd7b2675c5e&ttl=1634141258
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=c006d051-0cbf-447e-aa95-c673a4e844f7

43 B
522 B

130ms
130ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=c006d051-0cbf-447e-aa95-c673a4e844f7
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: aaae0006-1980-497b-9ea2-055a77544531
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 68e2a1370c822181-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=c006d051-0cbf-447e-aa95-c673a4e844f7
date: Mon, 13 Sep 2021 16:07:39 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=a0e56bcf-f802-4a55-978f-0960ead6cb6e&ssp=mgid&user_group=1
https://cm.mgid.com/m?cdsp=433145&c=4dd7b991-18d7-4e72-9f83-371bb272e66e&gdpr=&gdpr_consent=&us_privacy=

43 B
537 B

136ms
136ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=4dd7b991-18d7-4e72-9f83-371bb272e66e&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 5a52dc4a-ce10-4aa2-be43-7ce167c7f2ec
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 68e2a13898e42181-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=4dd7b991-18d7-4e72-9f83-371bb272e66e&gdpr=&gdpr_consent=&us_privacy=
date: Mon, 13 Sep 2021 16:07:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

204

sync.gif
dispatcher.adxcore.com/a/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l8dBAwuxfc79
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l8dBAwuxfc79
https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=4dd7b991-18d7-4e72-9f83-371bb272e66e

0
260 B

306ms
78ms

Image
text/plain

5.135.96.59
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=4dd7b991-18d7-4e72-9f83-371bb272e66e
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.135.96.59 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:38 GMT
cache-control: private
server: Apache

Redirect headers

location: //dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=4dd7b991-18d7-4e72-9f83-371bb272e66e
date: Mon, 13 Sep 2021 16:07:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
412 B 389ms
120ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l8dBAwuxfc79
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 68e2a1321e438751-DUS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET 34b9aae5baa016b251b9fc488f4a97cd.gif
sync.e-volution.ai/ 0
0

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDhkQkF3dXhmYzc5&muidn=l8dBAwuxfc79
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDhkQkF3dXhmYzc5&muidn=l8dBAwuxfc79&google_tc=
https://cm.mgid.com/google?muidn=l8dBAwuxfc79&google_ula={guid},5&google_gid=CAESENwiqdtbweoetVcPQYC6nFw&google_cver=1

0
376 B

120ms
120ms

Image
text/plain

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l8dBAwuxfc79&google_ula={guid},5&google_gid=CAESENwiqdtbweoetVcPQYC6nFw&google_cver=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68e2a1353fdd2181-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l8dBAwuxfc79&google_ula={guid},5&google_gid=CAESENwiqdtbweoetVcPQYC6nFw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=U97F4c0GpNv9UBIzQioL&pi=mgid&tc=1

43 B
506 B

122ms
122ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=U97F4c0GpNv9UBIzQioL&pi=mgid&tc=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:38 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: bfb2a30c-73fa-4a7c-9d2f-305437800540
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 68e2a133ccdc2181-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=U97F4c0GpNv9UBIzQioL&pi=mgid&tc=1
pragma: no-cache
date: Mon, 13 Sep 2021 16:07:38 GMT, Mon, 13 Sep 2021 16:07:38 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
495 B 356ms
120ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l8dBAwuxfc79
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 68e2a1345eeffad4-DUS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1631549258369&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1631549258369&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=

64 B
330 B

81ms
81ms

Image
image/gif

52.222.179.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1631549258369&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-24.ham50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:07:38 GMT
via: 1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 07iohgVtNV0IM1V44oYRDnvbb43YZ3JMODyDsCqGpaHB7R-hFXcZkA==

Redirect headers

date: Mon, 13 Sep 2021 16:07:38 GMT
via: 1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1631549258369&ns_c=UTF-8&cv=3.5&c8=Before%20It's%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
content-length: 217
x-amz-cf-id: DLEI212YKbyUEnA4ER5_GNg7F5dhV4jED9-srwY7TsDoe6AdSkG2vw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
464 B 373ms
104ms XHR
text/plain 64.233.164.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-16055024-1&cid=1897403227.1631549258&jid=1078478661&gjid=1033030184&_gid=196886722.1631549258&_u=YEBAAUAAAAAAAC~&z=489165762

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.164.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lf-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Sep 2021 16:07:38 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 65E1 31 KB
10 KB 70ms
70ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7cf90a57f1761c696abeff5eb41fbe6d5cb242d49c8871ab51935daf0593bdf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 16:07:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=78766
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Tue, 14 Sep 2021 14:00:24 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 425ms
124ms Image
image/gif 216.58.207.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-16055024-1&cid=1897403227.1631549258&jid=1078478661&_u=YEBAAUAAAAAAAC~&z=1377535973

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s19-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 423ms
125ms Image
image/gif 216.58.207.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-16055024-1&cid=1897403227.1631549258&jid=1078478661&_u=YEBAAUAAAAAAAC~&z=1377535973

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.227 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s19-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 65E1 284 B
536 B 476ms
78ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/jpg

GET
H3

200

m
cm.mgid.com/ Frame E0B8
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
https://cm.mgid.com/m?cdsp=617666&c=5455b7c638ffe7db

43 B
538 B

132ms
131ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617666&c=5455b7c638ffe7db
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=658327
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 251fa46c-3b18-4242-95cc-98e4e0881c62
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 68e2a13868472181-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

Redirect headers

Location: https://cm.mgid.com/m?cdsp=617666&c=5455b7c638ffe7db
Date: Mon, 13 Sep 2021 16:07:38 GMT
Server: VertaMedia 1.0
Etag: 5455b7c638ffe7db
Content-Length: 0

GET
H3 200 c
c.mgid.com/ Frame E0EE 43 B
441 B 181ms
181ms Image
image/gif 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=366|282|8|T96SbyQrj444O7WLarM-exE5mJR_KzQYbFKTfIlu5QHZRHfacbF0-I2s2y_4r80U&fw=1&extjs=66044&cid=720412&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=b701da44-14ac-11ec-b982-2cea7f875b01&tt=Direct&iv=10&pageImp=1&pvid=17bdfe9f6c89a11c748&muid=l8dBAwuxfc79&cbuster=1631549259348948991500&tpl=0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 16:07:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: c691878e-b235-46a0-90ae-b9574e5b0d6f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68e2a1376d692181-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame 7E5C 10 KB
5 KB 535ms
118ms Document
text/html 216.58.207.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210908/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmCr_kq_RaclJsK7aePoi6NTz_I1gBK3d5LFsXgZ0QND4oA9vRQzj6tC7bINTg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 12 Sep 2021 17:04:16 GMT
expires: Sun, 26 Sep 2021 17:04:16 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 83007
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.e-volution.ai
URL: https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l8dBAwuxfc79

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adxcore.com/a	1970-01-20 05:58:26	Name: advst_uid_11 Value: 4dd7b991-18d7-4e72-9f83-371bb272e66e
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s3
beforeitsnews.com/	1970-01-19 21:12:37	Name: __cflb Value: 0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyCfBgy9cgTX5
beforeitsnews.com/	1970-01-20 21:12:29	Name: b4in-uuid Value: 5d6a0b4b-f518-44da-994d-c585c2018853
.mgid.com/	1970-01-19 21:12:31	Name: __cf_bm Value: KeaGLbk2ttodZ8OBfeKLefvN6ZodQFtoLYGcEL3DswA-1631549256-0-AeU9fPry6e7S1EAl9Ucvdl2Ww/S/SC+vW55RuRV3HZp7ttavDAv6cchd+m+ekglfHrHDZE5A4YGnGuxYywB9JFE=
servicer.mgid.com/	1970-01-19 21:12:30	Name: __mglb Value: b77c90ace61932b85ead847cc0fcb78b
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: l8dBAwuxfc79
beforeitsnews.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22JJR0NYGFl%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1631549257935%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1631549257948%7D%7D
.beforeitsnews.com/	1970-01-20 14:43:41	Name: _ga Value: GA1.2.1897403227.1631549258
.beforeitsnews.com/	1970-01-19 21:13:55	Name: _gid Value: GA1.2.196886722.1631549258
.beforeitsnews.com/	1970-01-19 21:12:29	Name: _gat_gtag_UA_16055024_1 Value: 1
.scorecardresearch.com/	1970-01-20 14:29:17	Name: UID Value: 1DLEI212YKBYUENA4ER5GNg1631549258
.bidswitch.net/	1970-01-20 05:58:05	Name: c Value: 1631549258
.bidswitch.net/	1970-01-20 05:58:05	Name: tuuid_lu Value: 1631549258
.bidswitch.net/	1970-01-20 05:58:05	Name: tuuid Value: 4dd7b991-18d7-4e72-9f83-371bb272e66e
.idealmedia.io/	1970-01-25 20:31:23	Name: muidn Value: l8dBAwuxfc79
.adsrvr.org/	1970-01-20 05:58:05	Name: TDID Value: aefa848e-c201-4035-817e-bfd7b2675c5e
.creativecdn.com/	1970-01-20 05:58:05	Name: u Value: U97F4c0GpNv9UBIzQioL
.creativecdn.com/	1970-01-20 05:58:05	Name: ts Value: 1631549258
.adsrvr.org/	1970-01-20 05:58:05	Name: TDCPM Value: CAEYBSABKAIyCwiMiv3r6rb7ORAFOAE.
.lentainform.com/	1970-01-25 20:31:23	Name: muidn Value: l8dBAwuxfc79
dispatcher.adxcore.com/	1969-12-31 23:59:59	Name: DISPATCHER Value: DIS1
.doubleclick.net/	1970-01-20 06:34:05	Name: IDE Value: AHWqTUmCr_kq_RaclJsK7aePoi6NTz_I1gBK3d5LFsXgZ0QND4oA9vRQzj6tC7bINTg
.mfadsrvr.com/	1970-01-20 14:43:41	Name: tuuid Value: c006d051-0cbf-447e-aa95-c673a4e844f7
.mfadsrvr.com/	1970-01-20 14:43:41	Name: c Value: 1631549258
.mfadsrvr.com/	1970-01-20 14:43:41	Name: tuuid_lu Value: 1631549259
.mfadsrvr.com/	1970-01-20 14:43:41	Name: ssh Value: !mgid,1631549259
.perf-serving.com/	1970-01-20 14:43:41	Name: tuuid Value: a0e56bcf-f802-4a55-978f-0960ead6cb6e
.perf-serving.com/	1970-01-20 14:43:41	Name: c Value: 1631549259
.perf-serving.com/	1970-01-20 14:43:41	Name: tuuid_lu Value: 1631549259
.adtelligent.com/	1970-01-19 22:41:46	Name: vmuid Value: 5455b7c638ffe7db
cm.mgid.com/	1970-01-19 21:55:41	Name: mg_sync Value: {"287839":1631549259,"433145":1631549259,"501037":1631549258}

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://themillenniumreport.com/wp-content/uploads/2017/01/Deep-state.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://themillenniumreport.com/wp-content/uploads/2017/01/Deep-state.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ajax.beforeitsnews.com
beforeitsnews.com
c.mgid.com
calabeshes.xyz
cdn.mgid.com
ci5.googleusercontent.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
dispatcher.adxcore.com
eus.rubiconproject.com
external-content.duckduckgo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgflip.com
i.ytimg.com
img.beforeitsnews.com
img.youtube.com
jsc.mgid.com
justusaknight.files.wordpress.com
match.adsrvr.org
pagead2.googlesyndication.com
photos.brighteon.com
prod.perf-serving.com
rddywd.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.adtelligent.com
s.tradingview.com
s3-symbol-logo.tradingview.com
s3.tradingview.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
servicer.mgid.com
sp.rmbl.ws
static-3.bitchute.com
stats.g.doubleclick.net
sync.adtelligent.com
sync.e-volution.ai
tapnewswire.com
themillenniumreport.com
thewashingtonstandard.com
token.rubiconproject.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.nowtheendbegins.com
x.bidswitch.net
sync.e-volution.ai
104.16.221.74
104.18.64.15
104.19.132.78
104.19.135.78
104.19.216.61
104.21.45.30
104.21.64.241
104.22.75.138
142.250.74.106
142.250.74.118
142.250.74.2
142.250.74.33
142.250.74.40
142.250.74.46
142.250.74.65
151.139.128.11
172.67.215.185
18.192.249.156
185.184.8.65
192.0.72.23
192.124.249.17
192.124.249.6
2.19.35.65
209.205.219.146
209.58.165.79
216.58.207.195
216.58.207.226
216.58.207.227
216.58.207.228
216.58.207.238
216.58.211.2
23.227.139.243
23.37.42.132
35.157.197.70
35.212.212.222
40.114.178.124
5.135.96.59
52.222.179.124
52.222.179.24
52.222.186.26
52.222.186.42
54.230.206.113
64.233.164.157
69.173.144.165
76.223.111.131
89.187.169.39
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8
0ef855c8a2898ba57ba4582b8351aa64336598404cb66ea6fa5e0bbfcdd2e407
0f71e3a5b759b240c58f8298fa49dfac02958e28f620781ec5a7fb9148b5e85b
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
1174f04dffde3cfade6a026eb1a8e6d2e6cc75257ecc275c0a1b2e8499d3666f
12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
135d33fda618989589e4d6f2d10fd7febe414dc38724db75a3c92710ccb9a1dc
13c7d4864f21966d262179fcf8afc33b82ae1df4c178775364bd13564dca138a
13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1
160cb2aa99b608d585742fe4ccc495e5c3523bb0cf61dc5075e9bdca0ec6c9cc
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
17c2af45e49d12ee6a70be5a408c480a23d4820c344531d26c30890257bc0eae
1b80be1e9d45c6e2e283ee6932eb4c204b00714dcb411ca90ad590fc53ea4af0
1cd75fd594adf1d6cd5e5c65eaaf88dc2a08dd82c3d4b5d828244d10a3624e64
211f02a53a529e4f70cefae664abfb9dcde009b803c4a85f339ab652c93e5b71
23314730fa6dd7aa59169d4ad9dfb6f381abece86252f08f01b260b8baea57c8
23a7d1bd11e5756007e683f4008fc8bd3af6c7d6d4afc1d6e4b6c3c8d02dac7d
23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b
27ade501ed1979a72641c4341d674b0ac8268a928ab4f256f55603fef19dc7ea
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
30cbaef1b3d6e118ea48b623b950fba6fd7695ae0a4bf5cfd160ef39a21985c7
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32c7409d5eea2162b2da491191c388be6ffbf3250daecf6c302783e55e3df557
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d
3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde
3e5ca5353e9d1e16a7857e83019f27dad54cb79c2e0e751dd4e00d8aa4180f41
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
44048535de81b7a3309d0fdffe816de5fbd19d82629956d9fb2a70f051261a4f
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4d9e81e77d80c608ebce071087d430ed06989ca88406773a09a6ee971d6d221b
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
4e535f97fe2b8929b51cf044fb4ff6a156d50308aa87096c52546db979190991
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
4fb3bc255629c663cfdbd104b851d285665614808b18bed09767294823114ae1
549c68fe0dd045fce8b1daac44d856d425ac8a2f91cf22c5d298c6eb6f69727a
54abee64791dae86105c5470723e6240b6ae2084f38a8ba3e5c37d01cf67c9a3
5a35c121a21adca21e3843679ad04a8d0037b7499bb7b19f56f75dcd8d4bcc59
5eb3ad1dc64d18b21f026e0b6c3bd3535da6c8f0e4fe3f63f60503508baef2aa
5f716c225e9a67938190352b5ef637cd07403c764bc3b25991d09b681ebee1f5
61272354c450141b08dfb8d1bf7cb6d67e8e4236f605074ccc86c89749f7249a
6a25d6c5112916ea39775db2a0e26f17dacb4ef594457b09aac6e22d3da62b75
6a6af6a98a6db424f1648c69c589b03e1fe07c76310a15d86b2970501ed59e63
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
6d430b737d9816b708e07c668877e9f1423bbbe84bdd34563eaccae36a816d97
6eb89bc1bdb1ae95f6c10e09b577b4ab79985d54ecbe30c1ff0bd39168d19a37
6f4c7baf55e7c028d298c83e4a92e38dd451d5c025ed77ddc4703f4e0fb66253
6fe4b0605c1e67e77011a4b562a758817905d3d4e38193cb1d4d1bded580eef6
708e15f646a4a88e3398f55ae92a59a527aeeff35f3a801ba5e575aa1a2ea038
720bd4aaf5cea736823769de87288a457a579c0b24f63fcad86788075faa234e
7380a927d91dbc553ac382e4a910d5e07fba8e26392d0f8bf51ddf025b9e62d0
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
77772dc15f9728a488e89760103e3da204a70ff8db59c01117113375cce999c1
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7b45da36302b1875d7e6dd6a31f010b0b06fc6c1b6ba2fbf4d756f18dcddf3e8
7cf90a57f1761c696abeff5eb41fbe6d5cb242d49c8871ab51935daf0593bdf6
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7f56ae2b89d686e1d6cf5127c1f584c87ba9c022fbb9fdc0d2fe88212ae8dc53
802e61c83ea040d03bd45783a04119f18ff112c2d143edefe3a508c19c638b86
806fe7c2047a8e94bcd28548b679008ed723c77106b5164f1433ceea772f925e
81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83a6afd96ba4f93bdfda7fb3eba69be47b6c010feecc1352ee84a38d32b295ab
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
8491f6432dd0bc919f9275e1c741c40e443ceac5dfceb4eb886e86354c6e8b42
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fed218b2866abb180679eee9e8ac824f7ab7c1c1fde0042d66824028fdd43b
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8b3d7dc41d3a35b269b404b5ca027b61923cb5d3c92b670143da6a1dc207ae92
8c6b9a83f42cb144aa389cd13ebf0d3349818b28170449f11813094ae2492c21
8f7941dc4049fbc63dcc309fa86976a16bacd118d7c64549d8c8fb89cc8df7fe
919a34024fb3cdd165a351cbc087d5698a39525a803f9ce96b149883c29b1773
92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc
941157a9489d36127ad4f7630d2a1bb79a890084155a725a4250b6f9a9b5ea9d
952c2f63e4c0562ed3ec421cbdb64ad78a24c14887527f99f673ec0f6b455b86
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
972884e9423a0416f709270d0406493732c8b6618de0bea5f496bafdbc044005
9733ae3522422e34bbd8b7d45df148d70e721c107cb38d699fc88451d9b985cd
97581760edd8bf4ec2bf8dcfe6d424c6e8ddbe45b26eef0deb8a18649fc943e2
978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54
9b2df1bdb0f9657979db857e736cdaf9d38e8bd3d1ca583eea6b350dd2d5f974
9bb67680ff672b5d90a224698e794f0d28d253bc858a8ced9299a2590af9b1e5
9c90bbc4e188f0792ccdf96f5ae41374e2b7c1135feedca79ae2177107020c42
9e9398988f6ac75c0279df7d0f47a3e689fab2d5572a575e75ef5d1cae676ad0
a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a57fbcd5222f2ad85bff6adbea147fd03df4ca1759e34ae437e29051c43dd5cc
a5b43883fca3c506e71719ae00609cab2801128ac5adb9ecb05eb14839b59fea
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
accceca2c8527fefd83789bfcc7f1f322223e37deee3e471f015e024dc5862c6
adbd739715ee66f4b6dd172d5e42f2facaec07dc5966032750f2f22b7c3a709a
ae309786b20ba25425d0b8105279657ded5f7a6e2d94063e8316be8ec3d24ccc
aedab1d08d4b02b62a1fcb893f1d0b238399846b83a845dcd6056e62d4921d8b
b2cd8ccd33a33a33db1df52a172367747ed4e2df0de844acb7b2631c46c7eeb7
b2dee149dd43956b1cd83b54166026728596375a3eb7b0da78a1568f7adb81ae
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
bdac3b2e717d6b9c56e993749d915b26847520b8bd7dfb90d1f9089fffe09e29
be2409367c9d75ae8fec2cdd75c670e2b15a5436afcc68e737b8e6f2643dd6cd
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c1f877e7700c53ff382b15ca393333ab028c19fe1ad495cd40e2b4ba03d4dd86
c3d610bda60e65bdf62a5a273802649efe6dcfcbf9033076eb79e3339a6e537f
c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb158292c1e00f2a542a6db98b2fb425da7c68dfbc924d68ac09681b93a2e272
cc7320dbc9eff5f6a0d26ad555632ccc0ed6f5d0fee3bbf708ab5868566ed275
cc8c6fec9bb0b930a6b19617437c25978b733fbfe7f06c80cae45efa001637f6
ccedc6df2de1cbadbaf1e56f4ee0bf31c91ae5e1ab8c5baab58c3401929ac276
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d04e0d4269a93a2d21b76c8ae68e31c45eb8db22bbad57b3c35629915314b4fc
d21bdac109e98e8ff0345f41676c2799137ebb3e6208e9b636c4e3a3286cec0a
d50c76f222ed812d0aef55d3b7fe52f4ea68565e14496a8d8e52fb290be7bc3e
d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3
d5d2c556cb2582c4a86a934b482a7711814bb4a6dbade16d82701847bea27558
da8688a50b98af6cfcb106a460d4371795eed39b580da7672083e79149c6f3f9
db28addffd6aae1f64d64496534206d83f40fa60c4cacacaa9cd09ce14c14e91
dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deab806da37406b7164fd737d6b60de9d3d863844438852488605564713d4b21
e3a7060843b2adf1775e4e6345f0c0089037746f2643934a7ca11f1e8987e735
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d8b13f385ee8d41f0664d71da393e175292e7369178a248f192fd4eb1f3822
ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa890a48d0fc41c1728ec50a1af70b3fa91d1ae9ef1c55d4781c769baebb375
eff7ba587f0169fae00edb9f49b404beaf30ea8fa99bdecd9e3c06433189c92e
f22bf3641e714f2f4c8f76e53165393fab66962663ab07994b43b152d37d8fce
f3a395db81e64106f6442a848e6db1f6e767996026978a125470290fc49e5530
f785ad56ccd948b3be8bc3fc810e51ccd0cbb9f4da47100300b25797e9ffb8ad
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

beforeitsnews.com Open in urlscan Pro 104.22.75.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

156 Requests

99 %HTTPS

0 %IPv6

39 Domains

54 Subdomains

39 IPs

6 Countries

5181 kBTransfer

6861 kBSize

32 Cookies

14 Outgoing links

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
104.22.75.138 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

99 %
HTTPS

0 %
IPv6

39
Domains

54
Subdomains

39
IPs

6
Countries

5181 kB
Transfer

6861 kB
Size

32
Cookies

156 HTTP transactions
1 data transactions