beforeitsnews.com Open in urlscan Pro
2606:4700:20::681a:70b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beforeitsnews.com/
Effective URL:
https://beforeitsnews.com/
Submission: On May 27 via manual (May 27th 2020, 1:19:38 am UTC) from PH

Summary HTTP 184 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 53 IPs in 10 countries across 59 domains to perform 184 HTTP transactions. The main IP is 2606:4700:20::681a:70b, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 29th 2019. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 62	2606:4700:20:... 2606:4700:20::681a:70b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	162.241.66.47 162.241.66.47	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	134.226.14.234 134.226.14.234	1213 (HEANET) (HEANET)
1	51.178.88.195 51.178.88.195	16276 (OVH) (OVH)
1	192.0.72.22 192.0.72.22	2635 (AUTOMATTIC) (AUTOMATTIC)
1	185.64.253.1 185.64.253.1	201755 (SQUIZUK) (SQUIZUK)
1	45.55.98.100 45.55.98.100	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	13.224.95.17 13.224.95.17	16509 (AMAZON-02) (AMAZON-02)
1	2406:da00:ff0... 2406:da00:ff00::22e1:fa6	14618 (AMAZON-AES) (AMAZON-AES)
1	144.92.104.43 144.92.104.43	59 (WISC-MADI...) (WISC-MADISON-AS)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	162.241.253.189 162.241.253.189	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	198.151.217.193 198.151.217.193	22671 (AAAS) (AAAS)
1	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:303... 2606:4700:3034::681f:5aaa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::681b:9198	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8746	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
16	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::681b:b8f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c03::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1 3	104.111.214.103 104.111.214.103	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
7 7	18.195.186.254 18.195.186.254	16509 (AMAZON-02) (AMAZON-02)
1	18.195.112.7 18.195.112.7	16509 (AMAZON-02) (AMAZON-02)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
1 1	148.251.129.84 148.251.129.84	24940 (HETZNER-AS) (HETZNER-AS)
1 2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.51.104.248 52.51.104.248	16509 (AMAZON-02) (AMAZON-02)
2 2	18.185.190.97 18.185.190.97	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	88.212.252.2 88.212.252.2	7979 (SERVERS) (SERVERS)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.105.245.5 23.105.245.5	7979 (SERVERS) (SERVERS)
1 1	23.105.254.60 23.105.254.60	7979 (SERVERS) (SERVERS)
3	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:817::2016	15169 (GOOGLE) (GOOGLE)
13	52.30.254.55 52.30.254.55	16509 (AMAZON-02) (AMAZON-02)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
9	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
4 4	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3 3	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	18.184.76.198 18.184.76.198	16509 (AMAZON-02) (AMAZON-02)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:44b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6818:7392	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.196.179.149 104.196.179.149	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::681b:8b51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.72.20 192.0.72.20	2635 (AUTOMATTIC) (AUTOMATTIC)
1	104.154.219.166 104.154.219.166	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:64:... 2a02:26f0:64:1a5::221c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	107.180.25.39 107.180.25.39	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
184	53

62 2606:4700:20::681a:70b (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.241.66.47 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: net.networldamerica.net

noliesradio.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.226.14.234 (Dublin, Ireland)

ASN1213 (HEANET, IE)
PTR: bookofkells.ie

www.tcd.ie	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.178.88.195 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.22 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

justusaknight.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.253.1 (United Kingdom)

ASN201755 (SQUIZUK, GB)
PTR: lb01.ash2.uk.squizedge.net

www.monash.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.98.100 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

blogs.ei.columbia.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.17 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-17.zrh50.r.cloudfront.net

assets.ozy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da00:ff00::22e1:fa6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

www.nih.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.92.104.43 (Madison, United States)

ASN59 (WISC-MADISON-AS, US)
PTR: hagi.doit.wisc.edu

news.wisc.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.241.253.189 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5813.bluehost.com

astro3d.org.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.151.217.193 (Washington, United States)

ASN22671 (AAAS, US)
PTR: ekamedia03.eurekalert.org

media.eurekalert.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

cms.qz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::681f:5aaa (United States)

ASN13335 (CLOUDFLARENET, US)

lisahaven.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::681b:9198 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mydailyinformer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8746 (United States)

ASN13335 (CLOUDFLARENET, US)

www.naturalnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::681b:b8f5 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.214.103 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.195.186.254 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-186-254.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.112.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-112-7.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.129.84 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.84.129.251.148.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.104.248 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-104-248.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.190.97 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-190-97.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.252.2 (Russian Federation) 2 redirects

ASN7979 (SERVERS, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.5 (Russian Federation)

ASN7979 (SERVERS, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.254.60 (Russian Federation) 1 redirects

ASN7979 (SERVERS, US)

udata.mixmarket.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.30.254.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-254-55.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.31 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.145 (Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.184.76.198 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-76-198.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:44b5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ancient-origins.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6818:7392 (United States)

ASN13335 (CLOUDFLARENET, US)

iili.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.196.179.149 (United States)

ASN15169 (GOOGLE, US)
PTR: 149.179.196.104.bc.googleusercontent.com

blog.norml.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::681b:8b51 (United States)

ASN13335 (CLOUDFLARENET, US)

www.catholicnewsagency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.20 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

roseramblesdotorg.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.154.219.166 (United States)

ASN15169 (GOOGLE, US)
PTR: 166.219.154.104.bc.googleusercontent.com

bullsonwallstreet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:64:1a5::221c (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

media.defense.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.180.25.39 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-25-39.ip.secureserver.net

worldufophotosandnews.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	beforeitsnews.com 3 redirects beforeitsnews.com	1 MB
23	youtube.com img.youtube.com www.youtube.com	512 KB
22	revcontent.com trends.revcontent.com cdn.revcontent.com img.revcontent.com	453 KB
16	mgid.com jsc.mgid.com servicer.mgid.com cm.mgid.com cdn.mgid.com s-img.mgid.com	97 KB
7	bidswitch.net 7 redirects x.bidswitch.net	3 KB
5	mfadsrvr.com 5 redirects rtb-usw.mfadsrvr.com rtb.mfadsrvr.com	2 KB
5	gstatic.com fonts.gstatic.com	78 KB
4	zemanta.com 4 redirects b1sync.zemanta.com	2 KB
3	adnxs.com 3 redirects ib.adnxs.com	3 KB
3	criteo.com bidder.criteo.com	441 B
3	criteo.net static.criteo.net	30 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	doubleclick.net 3 redirects stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
3	blogspot.com 4.bp.blogspot.com 1.bp.blogspot.com	168 KB
3	googleapis.com fonts.googleapis.com www.googleapis.com	2 KB
2	defense.gov media.defense.gov	482 KB
2	catholicnewsagency.com www.catholicnewsagency.com	56 KB
2	bttrack.com bttrack.com	760 B
2	lockerdome.com lockerdome.com
2	betweendigital.com 2 redirects ads.betweendigital.com	934 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	905 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	google.com 1 redirects adservice.google.com www.google.com	1 KB
2	google.de adservice.google.de www.google.de	1 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	rddywd.com rddywd.com	835 B
2	wordpress.com justusaknight.files.wordpress.com roseramblesdotorg.files.wordpress.com	282 KB
1	worldufophotosandnews.org worldufophotosandnews.org	42 KB
1	bullsonwallstreet.com bullsonwallstreet.com	94 KB
1	norml.org blog.norml.org	13 KB
1	iili.io iili.io	95 KB
1	ancient-origins.net www.ancient-origins.net	43 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	ytimg.com i.ytimg.com	16 KB
1	mixmarket.biz 1 redirects udata.mixmarket.biz	207 B
1	lentainform.com cm.lentainform.com	329 B
1	idealmedia.io cm.idealmedia.io	556 B
1	loopme.me 1 redirects csync.loopme.me	190 B
1	360yield.com ad.360yield.com	644 B
1	googlesyndication.com pagead2.googlesyndication.com	39 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	naturalnews.com www.naturalnews.com	363 KB
1	mydailyinformer.com www.mydailyinformer.com	17 KB
1	lisahaven.news lisahaven.news	534 KB
1	qz.com cms.qz.com	17 KB
1	eurekalert.org media.eurekalert.org	56 KB
1	astro3d.org.au astro3d.org.au	848 KB
1	wikimedia.org upload.wikimedia.org	571 KB
1	wisc.edu news.wisc.edu	95 KB
1	nih.gov www.nih.gov	493 KB
1	ozy.com assets.ozy.com	3 MB
1	columbia.edu blogs.ei.columbia.edu	68 KB
1	monash.edu www.monash.edu	139 KB
1	ibb.co i.ibb.co	14 KB
1	tcd.ie www.tcd.ie	46 KB
1	noliesradio.org noliesradio.org	47 KB
184	59

	Domain	Requested by
62	beforeitsnews.com	3 redirects beforeitsnews.com
20	img.youtube.com	beforeitsnews.com
13	trends.revcontent.com	beforeitsnews.com trends.revcontent.com cdn.revcontent.com
10	cm.mgid.com	jsc.mgid.com beforeitsnews.com
7	img.revcontent.com	jsc.mgid.com
7	x.bidswitch.net	7 redirects
5	fonts.gstatic.com	beforeitsnews.com
4	b1sync.zemanta.com	4 redirects
3	www.youtube.com	beforeitsnews.com
3	rtb.mfadsrvr.com	3 redirects
3	ib.adnxs.com	3 redirects
3	bidder.criteo.com	static.criteo.net
3	static.criteo.net	jsc.mgid.com beforeitsnews.com
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com beforeitsnews.com
2	media.defense.gov
2	www.catholicnewsagency.com
2	bttrack.com
2	cdn.revcontent.com	beforeitsnews.com
2	lockerdome.com	cdn2.lockerdomecdn.com
2	ads.betweendigital.com	2 redirects
2	prod.perf-serving.com	2 redirects
2	match.adsrvr.org	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	servicer.mgid.com	jsc.mgid.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	rddywd.com	beforeitsnews.com
2	jsc.mgid.com	beforeitsnews.com
2	4.bp.blogspot.com	beforeitsnews.com
2	fonts.googleapis.com	beforeitsnews.com
1	worldufophotosandnews.org
1	bullsonwallstreet.com
1	roseramblesdotorg.files.wordpress.com
1	blog.norml.org
1	iili.io
1	www.ancient-origins.net
1	1.bp.blogspot.com
1	cdn.onesignal.com	beforeitsnews.com
1	cdn2.lockerdomecdn.com	beforeitsnews.com
1	i.ytimg.com	beforeitsnews.com
1	udata.mixmarket.biz	1 redirects
1	cm.lentainform.com	beforeitsnews.com
1	cm.idealmedia.io	beforeitsnews.com
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	eus.rubiconproject.com	beforeitsnews.com
1	secure-assets.rubiconproject.com	1 redirects
1	csync.loopme.me	1 redirects
1	ad.360yield.com	beforeitsnews.com
1	s-img.mgid.com	beforeitsnews.com
1	cdn.mgid.com	beforeitsnews.com
1	www.google.de	beforeitsnews.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	www.googletagmanager.com	beforeitsnews.com
1	www.naturalnews.com	beforeitsnews.com
1	www.mydailyinformer.com	beforeitsnews.com
1	lisahaven.news	beforeitsnews.com
1	cms.qz.com	beforeitsnews.com
1	media.eurekalert.org	beforeitsnews.com
1	astro3d.org.au	beforeitsnews.com
1	upload.wikimedia.org	beforeitsnews.com
1	news.wisc.edu	beforeitsnews.com
1	www.nih.gov	beforeitsnews.com
1	assets.ozy.com	beforeitsnews.com
1	blogs.ei.columbia.edu	beforeitsnews.com
1	www.monash.edu	beforeitsnews.com
1	justusaknight.files.wordpress.com	beforeitsnews.com
1	i.ibb.co	beforeitsnews.com
1	www.tcd.ie	beforeitsnews.com
1	noliesradio.org	beforeitsnews.com
184	75

This site contains links to these domains. Also see Links.

Domain
telegram.org
t.me
tinyurl.com
mitocopper.com
2e542-tdoe64gcf43w-9jduu3u.hop.clickbank.net
www.herbanomic.com
forum.beforeitsnews.com
www.youtube.com
trends.revcontent.com
widgets.mgid.com
dream-singles.com
nixagrim
damit_das_bauchfett_entfernen._-10_kilo_in_6_tagen_garantiert
be2

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-10-29` - `2020-10-09`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
noliesradio.org Sectigo RSA Domain Validation Secure Server CA	`2019-05-20` - `2020-06-16`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.tcd.ie TERENA SSL CA 3	`2020-01-09` - `2022-02-10`	2 years	crt.sh
ibb.co Let's Encrypt Authority X3	`2020-03-29` - `2020-06-27`	3 months	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-15` - `2021-01-14`	2 years	crt.sh
monash.edu QuoVadis Global SSL ICA G3	`2017-11-21` - `2020-11-21`	3 years	crt.sh
*.ei.columbia.edu InCommon RSA Server CA	`2018-06-28` - `2020-06-27`	2 years	crt.sh
ozy.com Amazon	`2020-01-17` - `2021-02-17`	a year	crt.sh
www.nih.gov Go Daddy Secure Certificate Authority - G2	`2020-01-28` - `2022-03-13`	2 years	crt.sh
news.wisc.edu InCommon RSA Server CA	`2018-11-26` - `2020-11-25`	2 years	crt.sh
*.wikipedia.org DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-10-06`	a year	crt.sh
astro3d.org.au Let's Encrypt Authority X3	`2020-04-26` - `2020-07-25`	3 months	crt.sh
*.eurekalert.org DigiCert SHA2 High Assurance Server CA	`2019-07-25` - `2021-10-27`	2 years	crt.sh
objects.qz.com Let's Encrypt Authority X3	`2020-03-31` - `2020-06-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.360yield.com Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
revcontent.com Amazon	`2019-09-19` - `2020-10-19`	a year	crt.sh
cdn2.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2019-03-06` - `2021-05-05`	2 years	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2019-09-27` - `2020-11-26`	a year	crt.sh
cdn.revcontent.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-10` - `2020-07-09`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
img.revcontent.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-10` - `2020-07-09`	3 months	crt.sh
ancient-origins.net CloudFlare Inc ECC CA-2	`2019-09-28` - `2020-09-27`	a year	crt.sh
blog.norml.org Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
bullsonwallstreet.com Let's Encrypt Authority X3	`2020-04-21` - `2020-07-20`	3 months	crt.sh
www.defense.gov GeoTrust RSA CA 2018	`2019-05-15` - `2020-08-13`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: B91834536F992A62F8A168D088D22388
Requests: 178 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204271
Frame ID: A6C495C2531338021772E375F4F8C96C
Requests: 1 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20204271
Frame ID: 82430779C011BF051AC7583E33B13D98
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1590542342410519659142
Frame ID: BD5BBE84704CC87C173E6CB120356786
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 3A883858C2014B6A632972D3D08EF9EE
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 92E1CD983AA1026C32808D8896A648B4
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/OnVkHa1dV9Q?rel=0&autoplay=0&mute=0
Frame ID: E7D0A3017C60C32229D16B441175B989
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/FaFmH_pUxbc?rel=0&autoplay=0&mute=0
Frame ID: 104BFF2E9E06B43A8FF85C2CF81E3ADF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

184
Requests

99 %
HTTPS

41 %
IPv6

59
Domains

75
Subdomains

53
IPs

10
Countries

9936 kB
Transfer

10965 kB
Size

7
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: Try This Discreet Weapon - They Never See It Coming Until They Are On The Ground and Can't Move!

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxwvh36c
Title: Try This New Way to Control the Matrix and You'll Get Anything You Want! (VIDEO)

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/vegansafe-vitamin-b-12-2-oz-bottle/

Search URL Search Domain Scan URL

URL: https://2e542-tdoe64gcf43w-9jduu3u.hop.clickbank.net/?tid=BIN_RL
Title: Try This Ancient Device and You'll Never Have High Monthly Electric Bills Again! (VIDEO)

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/mmitosynergy-copper-1-advanced-formula-120-capsules
Title: Has This Egyptian Copper Secret Caused Problems For the Illuminati Depopulation Plans? (See Blood Video)

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=wBoKrXMOBMmJt1H8R9pKFYJY6wz1Av%2B5yo679k9hsuAP9MpsaOeBJQQhpJZuWVdoPUfPrR9TCnCGpGHKsgUfW0VA0YbsAZx2rGJ7DMIRk7F5061XOR55P3sIgYSzvmjGn1CcOzKHAKqn7D%2FJJDJRXszSRy2meLzbUN1JwJIHroPFYeHyQhL8KD6z73dJ5dNbEsNkY1sjfMbCvebg0ogofbOSRKE209MLAGlD2QPvgvgMDloEPQKGvxnxiNiM1tgvpzAuXOlnsW7WYJc7pNj55ErAxKF7t3sVFdjfrzQjy%2BFUVFhRubXMBLv8XDj9mVnmrwMdWljXUV%2BClChGE5g0bspcUmVOaHBgc%2FAKjjVtVeXO2QD7kySzW6CAqYWTLVYTltmvCsSFDdHCeGWOAfI%2BWFdw6dn7%2F4jJhCQ%2FuxvOGG0VG5BBfFS%2F3R9t%2BK2whBlqVkgg1aYrCP3R9JgvgMRcXwNYSRrXuhcH1Bt3I3sxh2QjazNkwxBk0YAcYoQUupKVEfSslAA70p2OlcPs0x0fN%2Fk%2Fbse85vUC6M6u72Z0UF44ly22LO%2BZTj5iR%2BvlSx1dhny0QlyY%2BEtK1zjzW9MOn5JpFPH6HPgi3ZnA8wprdkrZE4oHfAw%2F6beQgEXKUKMdg35yR2m9LEHJRkLvuQow9K56ct2Ef2uKbRo%2FJcVTFzmfs8%2Fd4DLK%2BnRoVtRki4ydAb3ZMg8n9o7CTtgEWrLqVqq0RP0Fjsyx%2FnT5R%2FAE5VerH6KyJy2efDhyY%2FFe6idksrvuFpjvGol82xdeUgHCgv8%2Fr51cH04OcHcUEwrsg1POMVIrbqZFntFE%2FYVWKyk9g2gtYEOmvBkj9T2F0Qjkq6tL9pXHasEyKFPzvC9VLYHMHdgS8EAOJXPDHuVop9fhrsErNq9g8swoyIaTy9Lac8JYvad3mroWAzJPKhLR1wAv58lUnKP0KiDjibd25nVR1Jb07nXqiXWnvO%2FLTiynk6B9Euq%2Fukbh5JiOp5XpEOQjAKj7Dl%2BTQcpLloEWLaf4ktCxA9R0e3Qu7kAxkQeY%2F8yzWLLb1LecgFca9F06TYlXL3qVaoXaE9UFGaEBzBnmx9cLUx2AITa6PQ1Xr%2FLZTw%3D%3D&s2s=1
Title: 1 Cup of This (Before Bed) Burns Belly Fat Like Crazy!

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=aaNub1Qgw7xWWx2FuAAWbxGMLBgWBBCnazn3VsoNpuEnDbpsOvhdYTuUQTJnxW6LSqSfJYlw%2BmCaLqV2sG4GTvaVDdr0ioY1pb1MBqERNfNWcNDrCLpHXBsLTuUTkHWaECmGdLvgqlJaWxQ%2BNVBFgrgQSTfrT%2B4FXJ3AOq0oRfbKbNbSGu8cT6wwqMKJUqvP6lNOAZYeLnOehZIeqrcT7dliBYWI72%2Bk6AckX2j%2B3sZVXUnyfDGGtrS%2F9DVqdyUJQEvoR5T2f0FwXywEQDeTSf57gH1Y652yrdmhrRDvOZMDPiBmGGorijxbsbhau%2FZCUqCGGSF1Wg2HPfQLFTJxcJ2TS%2FxCVz2zl%2BW8QLZanhhuqUU2TB0r5myUVaylFtA8ND8dd08MBpYU%2B3d6jNjeI%2B9n%2BiadywOiTqomolwl1YGxaKvIxn2ktPFVMoFEQQhE4flkDFyl1WYv%2BFxggQxkLsZCUQ5etAemYYiuh6HAuBWen0d7h%2BQ2C94gTKoL%2BDtEPPHQ9HtL7BPHMoB8NCcPk8iHDZuj%2BDc67rAfYsIixunN5HDkzHzvBKiwwfs6Y3e9X%2FFDoDWO2ffWM8Neg41OFCypr5bLllidLwIyl1r7SteKaNWyVVVhF%2FrtCCDW1l%2BdNtH3lGzUeU1UjjHs%2BLJ78TAVjMjlguKiISMGpWDxgbK12ShT2ptIyxk2Y9zmdVORXxFiaW1glCWogBjkJLk1qdXt7l7E2IDBh%2BWPvnpGmEd0DoboezzyGWy5wA%2FqxSpmn4el6M2sZugy3qCrWbKUACZGcqPiySqutY2PYtjp360S23oaUMrQ1z0jffzl0neD4IN%2BcV9Zoc8GQE5bW6n5UFJ1Gf2mJdevAZ4WIkvBYseEDY8Kg3n%2BCVr13mfJ2j79N67eV5JXWKZ%2F76zIIsChqMgbuFGpTOuHNIHPs9tRCiVoFCyBwwdYa0LB0QkfmIGNCjjcNoGTmz25F6l5aGkXW%2Fr4x0neDikM9xIbRZ4hAIrotUwdY3AAJCBomF5WOIeJ%2B9XerfHfKv7oDQJCcrY5xDz7ygl3qZRPBIuTMckNdLs%2F61nSYN1nW1V44aSTU4ddpEhlJV9xCaFeWIbMb9bFbo7LW6KLaF7tU%2ByjjfXPtpaMEj0zSj6jvE%2FQSvgEA4hB
Title: Donald Trump IQ Finally Revealed... Obama's IQ is Jaw Dropping

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=wJIUhgjXPlvYD44VK%2BJ%2BKFoojYzMBywfy9KL0EzxvvJWDiaiTxZq2Kn0YMkta8d7FIan35A5GmF3uboahJpWnbsJoiJtMhol71%2BT3G7dYE8QiUswVE1khcGu5Yj0eIEOuw%2BTQVajeBK6kx25ATxG7MSl%2FGVX9pk2GnNkVFCoBKGryh3fbXPq9BoTlOw9LHrHiL%2FLdbbvlJ5wjnlIUzXwjpidxYXRXxbL3MRfi7ACC7pxTg5HpO%2Bs%2F9sykwp9mNY7TKr0iZeWa7YVfSrURlPNDkjCOurHBOnw2bBAdekRCm0L7dwzclw1y%2FW7Q8Xhi117O%2FaCA%2FvEOc2yjs5DnPgUb7LPl3Q8qrWUrYvSWUpQbM9FqFX69jFN%2FykOqDxGEdunh0i%2FT8j%2FgTm4CouhjOI7TfxNck%2BScJyQvUX%2F0k9sdSiTPZ77muyjrPbY%2BIxHLLmG6cEW2nDeF36kq5Zl2AquKV%2Fx1EKlN3vd6EjVC9r%2BsJgT%2BEERLxVZWh5VZR%2BkkSNgVl4IFXa6WReDlVz4R13XinjWk3ceq60Xl0EHZ6Jt94tTpmJxInXKlmKAS0smd8j6p7rNfSOxyE6GpMZy3kGBn30XIqMlweXnPmaO4mfI4jF%2BkWr6LRvEuMzNrG5Svz60cFFGB2h0J6oyhC8vdxx35LNwCeLiYS%2F4oNK6zZq89SMV9maQ%2B0d2afNibRtvzjG%2FVg5mfCmA9eCh6iOh%2Boo%2FMCb4JKR12QsTCyu6ZT7BPT3BhfXXqECpuoCYxkXGNDrk%2BqtYYnljhLMBQwPTZSoEA3%2FSHE5T7foSF3C26%2FnGcVInQ56xNPxBIp4bonwQlh7KoifRDEbWpKWtIeioG6iqQsGMgwCbGvuKmI0PorVwvy%2FAlaq%2BQX%2FAkiacwhX2HsrG5PqBLgh3YpBUb5KyCGzBsMM3NYoTMAHcz6mVLS9g%2FAtNWPL3yrhDA4qy6Hz4U8lm8uXD71VU%2FmwTEiTDW6zBolt5hi9SqscxwA0ZnjMGW9Nz3OVYDaRinyUhSHuHuQ22BIs6u2pOKeOM3UkdS8ANY4K13RtFNoi3f2pWQbQNMb2hWGvN9UbJ8cMF2pDPUAT9&s2s=1
Title: 'Legal Steroid' Turning Men into Beasts

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://dream-singles.com/Sexy_Russian_Babes_Looking_For_Men_Older_Than_30

Search URL Search Domain Scan URL

URL: https://nixagrim/Essen_Sie_das_zum_Fr%C3%BChst%C3%BCck_und_nehmen_Sie_14_Kg_in_2_Wochen_ab

Search URL Search Domain Scan URL

URL: https://damit_das_bauchfett_entfernen._-10_kilo_in_6_tagen_garantiert/

Search URL Search Domain Scan URL

URL: https://be2/Reiche_einsame_Frauen_suchen_reife_M%C3%A4nner

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/organic-hemp-extract/
Title: Try THIS CBD / Hemp Extract and You'll Throw Yours in the Trash! (Video)

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/oxy-powder-natural-colon-cleanser-120-capsules/
Title: Try This And You'll Lose 15 Pounds of Extra weight in Your Colon! (VIDEO)

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxsj8ra9
Title: I Killed Bruce Lee with the Death Touch - Caution: Don't Use it Unless Your Life is in DANGER!

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=Zasei9XvNS%2BKBMe4VUzlmFzECYclCUj3%2Fa7UTbINmWebXqos99TcAUTy4CsYbRrpHO%2BBcNowl%2FKQeAJb4cqwg%2F%2FeSYoMDexmfwAPr2D%2F00LjQavUn2YJEPVRwyScZhONCSiyOyAkbiTk50lPNGOA37%2FnhHuSWK4G06PW9KEKPuez6NJubqPqp%2Bdij0jvTv%2BwSjGvdSpeEvxgT7abm13KNobQOBA70fj95WL9HRRbWjstu9ExU7IVGG9RgFEOwfxyd614pn1ZOwcfa4xAZpZRLIu6Oq1jO1D0LE4xsAw0fOjrt8KLYJg55qllEahwkEBz%2FAaZ7GwOj8XNbeay8bELthZjtJv2NRHJBJkB1LUsctroA1pOfoDnHHkMvBKlwg3eyNPB9GL%2F%2BPrOVaQTXy6PC3%2BNaau%2FygTsTIReRghOibEx%2BSKXBGEx58EHPKCbzqq9rbnVSEvVrh6iDbuFL3jAXyvGx6Fs1aO%2FdWdVdQTjSAb%2F8UFJiNjURjtIvt9Hng2qE940k4zgMq3UWvasgVHingQyXogORU4Zji5Z0ZljeDzzFIOEUUsowjTNjs0d3zFSHyD4lp0ZNZ5XDxH1T78kJ6T7jDOegS1guib%2F5%2Frzw0w1fUyTsvfASgjzFrWRp6OYnuQ7h2QQfxymkbixl5x%2Bbj7KvlCX4%2BGhxukEkH81LvwwkKT37BCdBPIm06a%2Fr3NJKUEJa%2B5oowDuAGEWV0LbOZW%2BpFa7geKZJU0pT4sIHicR3WMhg007R%2BsmfoyRyF%2FrDmssZkTIfBZ0c3T4Y28JBumOv%2F2TrM2IXATbweMnIKwbRwrBE4O0QSqcJzOnah0Z%2B8uGtJhXewGTHiINlHJe0Eo7TLBk9uK%2B%2FDvQ92xmMylU%2BObYa2PjkvBN3bEDKd5zeVQgITatO87RC2Cv1OwRFM4baNa%2FJU6allC%2BmEgr6U8R9W6xTW7xRpz56uBCMyDXoyIn6GiQnodvIVCo6Vc5oDtwE4rC8h%2BOOnKbR1GRCX7jT94SNOkRhmFXprT2MeXHSWLF58l0sfS94%2FMgZmXQrhMCSoEPSxp7aiB%2FrnTHaYcQwdZ%2FLWEgalYiVecWOaeZFxMbcIgJi7BHgFmJH2aMUg%3D%3D&s2s=1
Title: 1 Cup of This (Before Bed) Burns Belly Fat Like Crazy! HealthyJournal

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=9FhDO4QygDt82AqSp8rx%2Bb3QT7xHgsZCWvZwx5R7WGcw0vlBymzLn9p7Yr2PfUryL1cGCnHm%2BmpwKZ38LDPpYeAOtiKKVGgRGf6iuJwbbuXxsBVXN0NRXn670X3xMLzeEC55kbe0NcG1TuJKKMBPjDAXK3bic%2FrrvYYgMn7VxfzCTjz7Mpup2USxb7xFlQRlNthIs0oVxJ0sLMPpBE1ZoH8OCVDUvqdRKqgLhOl5MaGRVNKvfpBVwS1U1H2Gn2Z7voeGVlUwmU5HfIH62yMlpsy2PWDUy08lsBuasjOntmFzPd8yeausnl46Lcu1QtjNYOT9Ra%2F80%2Fh%2ByR4HRagZVeJveA%2FwqyH1PPzfRLW1woDDByD6Uah%2BG7ZSYBLg%2FGeKfAXaXaGZ%2BMpgy74IhI%2BDhSZ8ZOFvFvStY1DcpjAUxHVTzyrd6m5YHMgKrQlhpob0bF%2BzsKbAV7kt4SGMeyA9qnd6Cq%2FJHMON9toRb0lI5L7i%2B9sSOPUUvNZfFPpGSWjgHb6ybGpvWuVShWr0EbwoV2mJLaMl9oOxciK2vM5g5cFA3Xr9%2FeBgS8T%2FrjSNveWp%2BdEvJUh2XAbKrqD1puW6zY5YvQ07wNwQUDnx5d1aAoxkm5DgkooyN2qIopQPCbuTsUbZIBt1bZEXoDoGzMqDWiz8agL0J%2BOsHljVuZDPciu0fclaykAa9O15tO6g4U8V8vBqJqtqU%2Bfb9rO4YdQy%2B0garxLjvtqhaXC27wprPy9XYZCRjoJWJQx6mAli5johrzmErU%2Bcs3ZTMjdfUPRvBrikUtN1tc8C3dw4gqjJNhZNYqaRaitFgDkYGqCPBNeOeoWmZJQfvklCP%2BPaTf%2Ba%2Fayv13%2FJ0G%2FdRuWZxQFESW0eWh3hx9sd4vJ2S5EWK5%2Ftv9ypVMyaD7vEfNQ0jnqztOQ7ixq%2FMQZTR9rkmjgErv9fW4%2F4ZYPILZvifCgDkmzxeofaSlfi71W%2BJJuAXRSqqlsfrHt9irzytwr%2FAG2HYXY9ltas1lRl2c6LeQhHL2PSxpBQClBM0sKyoJWgxVQ59xvkr5CQ18cZbNnjHyv5Dv6Fs21YV3bjIBn4BbnsL%2Bb4s3PxRrXHxq8y8D51AfsZcPkEV%2FBkTN3BnJnNjWO1AJA%3D&s2s=1
Title: Doctors Stunned: This Removes Wrinkles Like Crazy! (Try Tonight) Smart Life Reports

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=0W30r%2BM0bqaDibZVEghDckOeh%2Fsd7rc6zQPjyH83v%2B%2BKlaDIQ8byAAKFpCx0Jy1iVSpzUgxeluLg8DUo5wngbf%2F3MWsiyWKppYJlIJKL4A6FvgFJBPRbxYHwsKiy2NgUPv7ehZRRZ8DX5BonQmxnt11JjeRuR00rHPJAlR7H3u1O5NreJ%2F40rtF%2BtbADJvrJMOLt7Wiv%2F6H0NcJXe%2FSXwIM2Y3ECp69W6pIZGfLZAWkjNpjkWoSCuPRv1bFw9i%2Fq7CGVoR%2B1l4yP0p9wADZ9e88mgKcZrwm04%2Bkq8OSVvAwdigCFvjX5S%2BZnQqEiVgqkLPZsCF%2Fd0pt4mX%2FL7%2FSI%2F6u1BH94ySEwUEqtLU5aw%2FA4fGjeqz0TVkac%2FLHoN8w6DNDMjBo3jfG%2FF8DaaEeCAqWW5Snkugru%2F9nf0Wz7WG4joZWNicO8kzJf%2FKPT5MwzqRNmROHrsqxo4ILLa8fwqtiUzkRG4uW9mmlipT3jfCHjRNzdTRHwpIt8BCLh%2BnKml2NZlFL5mW%2FyPATFiTswbaUL6ahZLTaA3chcUGST60qGMLXYPmEn%2BTzGhp%2B%2BM3xi5AUzhFpDL9XpDl4COOqIy5UM4wzSax42%2FGqe3CmSQgPThfqo3s3uvMCXDsYAIX5tE5vvLHAjBB6wXkj45IgkFhCa3GmL8H6xsKvB%2Bf12xgGbFwdT5j1SkMpszt2Ryu55POSKPD2x64ftGt3pYOilEg2ql7LsVJmLe4pUa9bcyuDGfQvV8G%2FoUrQ63AEoN%2B9luZxmWu5d7z4B51TXJXadCi9Qbm3PECGD6XbbCFl4Y3PqPkbnAEYlCfuoQaCNCtJGzOiD%2FyLHEGzlw0d9SPHmfrMrRVi6Wbe1ZFbeLS5i31Ud0VUhtnBSYWwzLlNZgaqIF6ltB%2BLNxieroZMntI5bxndxEhu29uVeBLvDXYokpKXG7q%2FJsYGmuUAlmUkHT02vdpDMQKpfja2mSO%2BRKImim2HleDQ2qMHhPvnTEqbNsHStdC7Px9iGXhGy3zHuNQPxSVy6EkT%2B%2BPsOxv%2BSoFjb9hcO5OGj9Ge7RU%2B%2FFU61%2F2hJOKmQ4M2ajOQCQnM%2FfYNBLVooy5JyreFiVtiTxsBb%2Fw4y74eW0y7IEUH28J9ik0Y%3D&s2s=1
Title: Men, You Don't Need the Blue Pill if You Do This (Try Tonight) Smart Life Reports

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=88t1IrREgN5A9Y%2BNfruStd4oIMQ4qnjX%2BYO5uVryaQtWky%2B2HnnhogMylxotG1RJOfhR2GxLljnMNkNifAyS1AlwIJGIEM2QFmjO9zYUa27gPgsWVSGrxmdQuvyXFfPSylTTKAdcq3qtlSwcNq2B4FDYuDxFD3cOztPuepxCgXb9xyl7gVO%2Fe8qawcH5MVQAy1e2kxXse7DJxaXMw4OW1su4q3lrb%2F5chLI2jzZ0GG60pkAfJw1686UW2MaCZuXa77I1efjOTUsHGdrHfw6opUxQqeVhkaJwl9c8y7sRmHz3BnZjnnWcur40viKV8Ii4o6t7qc4oUjiunH080iCrpw2MO61sWKoJ4uinUkZGbNoynS9X1cVpI17Ufj1Ebai0FFgYB%2FHyvuVXwQynpngjWHd5Y3%2BzZOK343SDpJ9OzXHdEzg1gzvdaxwQFth4K3FcTEpEb6bU2HJ9yUz4Px2z7Y5KaDXX8D%2F7fyoihxFL9UwW0zaaEg1aTkD2%2BjTDB9mc5aLOsOm6FzcnQDCsT31DYomIjH6BVdY%2Bfjo4MfBktQrKSV9ActegEyrXm1ksPX%2Bpu%2F%2F7TjyBm4kJlloObHvLnPW%2FRkGJSpgCTnDmYlqN2mdbptqDHUZXoXq2rE5CIIOaIYhkyLCwQkLDVx4fKqEwwEhtDFT3VwjuV4rt8oKOio35S%2FdP%2FcFElifbIxztkXyjEkRj8gos82niKq2gdvgcy7tMpaUKGhv8mNEdXrRvyqbtDWHxObocCRMdckk8vpoUrKXE9jqjan8yLfTFqU0dCkMqd7G2tqJMeDL5qPr40c0CLIQxrkE%2F0VfDuuNu6geDr2XO%2FQzcT4XvsRhIruZAua%2BAZdMINKyoW2%2FCgctWIDKDDE%2BNGRSOl0gkDd5Yim2RcqSihXTf2b1vPo4k7le8G%2FUdLBgKlnv8h2rb%2FDp32zkRURksEz8DU6b0XmMhjcMktK9%2FKnJya0AhaWVNSy2%2FcRYrpjZ7daaFU7hFHiYQqWjZDqIMj4Ylwy4s2bCriDwiLga%2ByVG78tnVLcoRvWYjIAH8pemA3ctLxvwnzf9uodTS%2FvNMMkTXqdx8iLL5lVg0nXzcy124G%2BWnkzS6Z0JFAbD%2FX0a%2FiKA9NKjx83gdQj8%3D&s2s=1
Title: Diabetics: Do This Immediately to Lower Blood Sugar (It's Genius) Smart Life Reports

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720412

Search URL Search Domain Scan URL

URL: https://nixagrim/Ein_L%C3%B6ffel_davon_jeden_Morgen_und_Sie_werden_17_Kilo_abnehmen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=120684121&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=430170216&gjid=387356435&cid=138285881.1590542342&tid=UA-16055024-1&_gid=598137468.1590542342&_r=1&gtm=2ou5e1&z=1911944098 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16055024-1&cid=138285881.1590542342&jid=430170216&_gid=598137468.1590542342&gjid=387356435&_v=j82&z=1911944098 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=138285881.1590542342&jid=430170216&_v=j82&z=1911944098 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=138285881.1590542342&jid=430170216&_v=j82&z=1911944098&slf_rd=1&random=107716278

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azRxMktGMUVKZWpp&muidn=k4q2KF1EJeji HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azRxMktGMUVKZWpp&muidn=k4q2KF1EJeji&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=k4q2KF1EJeji&google_ula={guid},5&google_gid=CAESEMlUxq0NrNxoE1engyhPUZk&google_cver=1

Request Chain 95

https://x.bidswitch.net/sync?dsp_id=303&user_id=k4q2KF1EJeji HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k4q2KF1EJeji HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=8af373f6-a315-4be5-99e3-4dd3dcfdb0a0

Request Chain 96

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=d5f2c12c-0276-4b7b-b42c-c292eeea3b12

Request Chain 97

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D HTTP 307
https://cm.mgid.com/m?cdsp=433143&c=c0b1e35a-22c9-459a-8330-e5d0e483f413

Request Chain 98

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 302
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 99

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=312c4e47-6f38-4e78-88c5-9e693e5f16eb&ttl=1593134342

Request Chain 100

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=425f6d14-d7b1-4bfc-8c61-37799f1819ce&ssp=mgid&user_group=1 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=e5188f55-454d-4c2c-adb5-2777cb65d137

Request Chain 101

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=4Fy3Sj1TjJC3TIJLN0Tw&pi=mgid&tc=1

Request Chain 102

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://cm.mgid.com/m?cdsp=501036&c=e62372ca-a633-5194-888a-4a14d6478a12

Request Chain 105

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID HTTP 301
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

Request Chain 110

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1590542342592&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590542342592&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=&cs_ak_ss=1

Request Chain 136

https://b1sync.zemanta.com/usersync/revcontent/?puid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&rev_dt=1590542346 HTTP 302
https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&puid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%3D&rev_dt=1590542346&s=2 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%3D&bidder=3&bidder_uid=-6w81NJAufIOaVYTEGtP

Request Chain 137

https://ib.adnxs.com/getuid?https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%253D&geo=35&rev_dt=1590542346 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftrends.revcontent.com%252Fcm%252Fpixel_sync%253Fbidder%253D115%2526bidder_uid%253D%2524UID%2526exchange_uid%253DZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%25253D%26geo%3D35%26rev_dt%3D1590542346 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6172350106885055460&exchange_uid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%3D&geo=35&rev_dt=1590542346

Request Chain 138

https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1590542346 HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=e5188f55-454d-4c2c-adb5-2777cb65d137 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=d5f2c12c-0276-4b7b-b42c-c292eeea3b12&ssp=revcontent HTTP 302
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=e5188f55-454d-4c2c-adb5-2777cb65d137

Request Chain 140

https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%3D&rev_dt=1590542346 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI=&bidder=154&bidder_uid=d5f2c12c-0276-4b7b-b42c-c292eeea3b12

Request Chain 149

http://beforeitsnews.com/contributor/upload/711317/images/False%20Messiah.jpg HTTP 301
https://beforeitsnews.com/contributor/upload/711317/images/False%20Messiah.jpg

Request Chain 157

http://beforeitsnews.com/contributor/upload/106013/images/24ab5c0491e1ef24043c8123b4d8a368.jpg HTTP 301
https://beforeitsnews.com/contributor/upload/106013/images/24ab5c0491e1ef24043c8123b4d8a368.jpg

Request Chain 168

https://b1sync.zemanta.com/usersync/revcontent/?puid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DYjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&rev_dt=1590542346 HTTP 302
https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DYjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&puid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%3D&rev_dt=1590542346&s=2 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%3D&bidder=3&bidder_uid=QHhU0ha_u-48PIpR-MP2

Request Chain 169

https://ib.adnxs.com/getuid?https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DYjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%253D&geo=35&rev_dt=1590542346 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6172350106885055460&exchange_uid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%3D&geo=35&rev_dt=1590542346

Request Chain 171

https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%3D&rev_dt=1590542346 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM=&bidder=154&bidder_uid=d5f2c12c-0276-4b7b-b42c-c292eeea3b12

184 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
beforeitsnews.com/
Redirect Chain

http://beforeitsnews.com/
https://beforeitsnews.com/

112 KB
23 KB

610ms
589ms

Document
text/html

2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83d064968ede2a65c5e230c0587c049716b14e2984bd486a96270cfee01b90e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: beforeitsnews.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 27 May 2020 01:19:01 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d5a3d520a46134a06dc975dba709847d21590542340; expires=Fri, 26-Jun-20 01:19:00 GMT; path=/; domain=.beforeitsnews.com; HttpOnly; SameSite=Lax; Secure SERVERID=s1; path=/
cf-ray: 599be7bf2978d721-FRA
cache-control: private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 02f54f2b790000d7213e9a6200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

Redirect headers

Date: Wed, 27 May 2020 01:19:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 27 May 2020 02:19:00 GMT
Location: https://beforeitsnews.com/
cf-request-id: 02f54f2b5900001e4764052200000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 599be7bef8561e47-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 Myqi1M8Ky-htqYcSp4r3D7o299U.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 16ms
14ms Script
application/javascript 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beforeitsnews.com/cdn-cgi/apps/head/Myqi1M8Ky-htqYcSp4r3D7o299U.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def2d302675ae11b12fc9f1b21e4a1956251f7e488004d9aad8f7e454a982cf0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 1066022
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 8BF50F4662987575
x-amz-id-2: 9cr3JMFp5G77g7A2p5A2jkDCPLyk9Tdx3jqrSXfPa0GAZdcMEnW7wu3ZYRmnDhadJAVe9XG1lAU=
last-modified: Thu, 14 May 2020 17:11:55 GMT
server: cloudflare
etag: W/"86036feb1bf8b788f68eada95a8f7d93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: PnMYckI77C9Sob.v9S1Qsy8emczW2quJ
cf-request-id: 02f54f2dd00000d7213e9c3200000001
cf-ray: 599be7c2ef30d721-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
713 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98153982e94b70c03603f852e79785065cf7d23f5b0ca73134d56019d17cf608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 May 2020 01:19:01 GMT
server: ESF
date: Wed, 27 May 2020 01:19:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 May 2020 01:19:01 GMT

GET
H2 200 global-bin-rev-498.css
beforeitsnews.com/static/css-v3/ 15 KB
3 KB 23ms
22ms Stylesheet
text/css 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-498.css
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d18437d420e6277351bce71a805e8790b3e8776f5ae5f5ab5c1bc62f200f36d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 953754
cf-polished: origSize=15122
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f2dcf0000d7213e9bf200000001
last-modified: Sat, 16 May 2020 00:19:05 GMT
server: cloudflare
etag: W/"5ebf3179-3b12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 599be7c2ef2ad721-FRA
expires: Sat, 23 May 2020 00:23:07 GMT

GET
H2 200 fancybox-bin-rev-498.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-498.css
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 953774
cf-polished: origSize=8029
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f2dcf0000d7213e9c0200000001
last-modified: Sat, 16 May 2020 00:19:05 GMT
server: cloudflare
etag: W/"5ebf3179-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 599be7c2ef2bd721-FRA
expires: Sat, 23 May 2020 00:22:47 GMT

GET
H2 200 home-bin-rev-498.css
beforeitsnews.com/static/css-v3/ 28 KB
6 KB 32ms
30ms Stylesheet
text/css 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beforeitsnews.com/static/css-v3/home-bin-rev-498.css
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be2cd6230dbe300a4dfe331b16994c7508e46ed578390300062a72ebb8cf3e1a

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 953694
cf-polished: origSize=28506
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f2dcf0000d7213e9c1200000001
last-modified: Sat, 16 May 2020 00:19:05 GMT
server: cloudflare
etag: W/"5ebf3179-6f5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 599be7c2ef2cd721-FRA
expires: Sat, 23 May 2020 00:24:07 GMT

GET
H2 200 responsive-bin-rev-498.css
beforeitsnews.com/static/css-v3/ 20 KB
3 KB 20ms
18ms Stylesheet
text/css 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beforeitsnews.com/static/css-v3/responsive-bin-rev-498.css
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49c5b496ee6037639fce7310ada6c495d177d44e9feae48329a00b2a83b693e4

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 953753
cf-polished: origSize=20138
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f2dcf0000d7213e9c2200000001
last-modified: Sat, 16 May 2020 00:19:05 GMT
server: cloudflare
etag: W/"5ebf3179-4eaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 599be7c2ef2dd721-FRA
expires: Sat, 23 May 2020 00:23:08 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
54 KB 30ms
29ms Script
application/javascript 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 1103683
cf-polished: origSize=149701
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f2dd00000d7213e9c4200000001
last-modified: Tue, 13 Aug 2019 07:42:38 GMT
server: cloudflare
etag: W/"5d5269ee-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 599be7c2ef32d721-FRA
expires: Thu, 21 May 2020 06:44:17 GMT

GET
H2 200 global-bin-rev-498.js Show response
beforeitsnews.com/static/js-v3/ 18 KB
5 KB 32ms
31ms Script
application/javascript 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-498.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a9656fd50c9f4c99877fa5a5e686b4e1872782290edffc8fb0dca288299c331

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 953694
cf-polished: origSize=18273
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f2dd00000d7213e9c5200000001
last-modified: Sat, 16 May 2020 00:18:22 GMT
server: cloudflare
etag: W/"5ebf314e-4761"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 599be7c2ef33d721-FRA
expires: Sat, 23 May 2020 00:24:07 GMT

GET
H2 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
2 KB 29ms
29ms Image
image/webp 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/img/v3/top-logo.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 96544
cf-polished: origFmt=png, origSize=2219
status: 200
content-disposition: inline; filename="top-logo.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 1886
cf-request-id: 02f54f2dfd0000d7213e9c8200000001
last-modified: Mon, 18 Jun 2018 21:28:42 GMT
server: cloudflare
etag: "5b28240a-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c32f96d721-FRA
expires: Tue, 25 May 2021 22:29:57 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/OnVkHa1dV9Q/ 33 KB
33 KB 72ms
39ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/OnVkHa1dV9Q/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b50c596d71c7f46b01107cca4f2f6d0360b20d93c1751dfe6caccaaa43491cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1590530749"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33524
x-xss-protection: 0
expires: Wed, 27 May 2020 01:24:01 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/FaFmH_pUxbc/ 16 KB
16 KB 73ms
41ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/FaFmH_pUxbc/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8697969ef8b33eb4718339f5453c4b36a992d047f6740029ef034e24b5750349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1590536666"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16624
x-xss-protection: 0
expires: Wed, 27 May 2020 01:24:01 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/qZ_c1s1kUq4/ 35 KB
35 KB 46ms
14ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/qZ_c1s1kUq4/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ac2887278fcc29248207d63c7512d35565f1f0ca207147b8bfe6fbbe9376c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:18:24 GMT
x-content-type-options: nosniff
server: sffe
age: 37
etag: "1590533274"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35592
x-xss-protection: 0
expires: Wed, 27 May 2020 01:23:24 GMT

GET
H2 200 Anti-Vaccination-Movement-Fuels-Spread-of-Measles-722x406.jpg
beforeitsnews.com/contributor/upload/106013/images/ 29 KB
29 KB 38ms
23ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/106013/images/Anti-Vaccination-Movement-Fuels-Spread-of-Measles-722x406.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70eb547e0adb5b920271ce728d4d37204863d9d517d7c12e526a1c24651290bc

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 44925
cf-polished: origSize=30681, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 29708
cf-request-id: 02f54f2e1b0000d7213e9c9200000001
last-modified: Tue, 26 May 2020 12:49:44 GMT
server: cloudflare
etag: "5ecd1068-77d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c35fe2d721-FRA
expires: Wed, 26 May 2021 12:50:16 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/dTk4-MBNKbE/ 31 KB
31 KB 40ms
8ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/dTk4-MBNKbE/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1af3171ce4736aace01e9a8e8b46d71f7305a64dea7d79d64b357182abf4a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 00:29:13 GMT
x-content-type-options: nosniff
server: sffe
age: 2988
etag: "1589918423"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31754
x-xss-protection: 0
expires: Wed, 27 May 2020 02:29:13 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/kU7trK8k1D8/ 41 KB
41 KB 50ms
18ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/kU7trK8k1D8/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8b10640c4e420a6e9c0c11e9b910417d5699ee6ddd7705de53f45c5fe3061ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:16:07 GMT
x-content-type-options: nosniff
server: sffe
age: 174
etag: "1590446626"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41490
x-xss-protection: 0
expires: Wed, 27 May 2020 01:21:07 GMT

GET
H2 200 Men-in-White-Hats-The-Trainer-.jpg
beforeitsnews.com/contributor/upload/106013/images/ 10 KB
10 KB 42ms
28ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/106013/images/Men-in-White-Hats-The-Trainer-.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b68581b7c3b75242042926870ea0e7192f0ccb6ec98d8dc57d1207eb35447d5

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 32207
cf-polished: status=not_needed
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 10143
cf-request-id: 02f54f2e1b0000d7213e9ca200000001
last-modified: Mon, 04 May 2020 10:57:49 GMT
server: cloudflare
etag: "5eaff52d-279f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c35fe4d721-FRA
expires: Wed, 26 May 2021 16:22:14 GMT

GET
H/1.1 200
OK QuantumCovellPapers3JPG.jpg
noliesradio.org/wp/wp-content/uploads/2020/04/ 46 KB
47 KB 713ms
150ms Image
image/jpeg 162.241.66.47
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noliesradio.org/wp/wp-content/uploads/2020/04/QuantumCovellPapers3JPG.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.241.66.47 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

net.networldamerica.net

Software

Apache /

Resource Hash

1c2c2b4690c9a958a8dbe8af7edde23fa64806c9dce83ea2c8d76425e6eec125

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 May 2020 01:18:47 GMT
Last-Modified: Mon, 20 Apr 2020 02:24:28 GMT
Server: Apache
Content-Type: image/jpeg
Content-Security-Policy: upgrade-insecure-requests;
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 47346

GET
H2 200 images_jpeg%3B.jpeg
beforeitsnews.com/contributor/upload/712250/images/ 9 KB
9 KB 41ms
27ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/712250/images/images_jpeg%3B.jpeg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9695493f2e4d37e965e10d16ac1a7370f113919673ceef7b65e3c4036f83f10

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 111467
cf-polished: origSize=9294, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 9293
cf-request-id: 02f54f2e1b0000d7213e9cb200000001
last-modified: Mon, 25 May 2020 18:16:28 GMT
server: cloudflare
etag: "5ecc0b7c-244e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c35fe6d721-FRA
expires: Tue, 25 May 2021 18:21:14 GMT

GET
H2 200 dL53t1bwbm-233e0f4982679067931a60da44ed23f4.jpg
4.bp.blogspot.com/-L8ILl6fJGnI/XswHUTYwufI/AAAAAAAAQvA/B1aoF12qgG8q4xZlyuiM0HIkAqQt3nLNACK4BGAYYCw/s400/ 28 KB
29 KB 42ms
7ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-L8ILl6fJGnI/XswHUTYwufI/AAAAAAAAQvA/B1aoF12qgG8q4xZlyuiM0HIkAqQt3nLNACK4BGAYYCw/s400/dL53t1bwbm-233e0f4982679067931a60da44ed23f4.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

25e5d3c9f5010cc59af997f1c28cf2094b84a89eb07e601718ca3a6b0256d210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 May 2020 22:27:59 GMT
x-content-type-options: nosniff
age: 10262
status: 200
content-disposition: inline;filename="dL53t1bwbm-233e0f4982679067931a60da44ed23f4.jpg"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28806
x-xss-protection: 0
server: fife
etag: "v42f1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 26 May 2020 18:09:28 GMT

GET
H2 200 proxy_duckduckgo_com(888)(1).jpg
beforeitsnews.com/contributor/upload/106013/images/ 14 KB
14 KB 38ms
25ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/106013/images/proxy_duckduckgo_com(888)(1).jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b457a6fddc2c906e6ec9e11be80dd30cdb10ebfd3d285f6bc12bef7bf1a947b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 1103564
cf-polished: origSize=18136, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 14067
cf-request-id: 02f54f2e1b0000d7213e9cc200000001
last-modified: Fri, 29 Nov 2019 01:51:11 GMT
server: cloudflare
etag: "5de0798f-46d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c35fe7d721-FRA
expires: Fri, 14 May 2021 06:46:17 GMT

GET
H2 200 Law%20(2).jpg
beforeitsnews.com/contributor/upload/724569/images/ 109 KB
110 KB 46ms
32ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/724569/images/Law%20(2).jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48ef700e24ea6dff094681f4df4b0677b173cae532bfa9718ed96a82ca64e0bc

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 23567
cf-polished: origSize=121603, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 111915
cf-request-id: 02f54f2e1b0000d7213e9cd200000001
last-modified: Tue, 26 May 2020 17:39:55 GMT
server: cloudflare
etag: "5ecd546b-1db03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c35fead721-FRA
expires: Wed, 26 May 2021 18:46:14 GMT

GET
H2 200 Barack-Obama-Just-Suffered-The-Most-Humiliating-Defeat-Of-His-Life.jpg
beforeitsnews.com/contributor/upload/106013/images/ 26 KB
26 KB 39ms
26ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/106013/images/Barack-Obama-Just-Suffered-The-Most-Humiliating-Defeat-Of-His-Life.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94595202235b472708a91bd277b9252b452d401c14fb9e4ff60f8a0249fcf589

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 52667
cf-polished: origSize=26909, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 26240
cf-request-id: 02f54f2e1b0000d7213e9ce200000001
last-modified: Tue, 26 May 2020 10:35:01 GMT
server: cloudflare
etag: "5eccf0d5-691d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c35febd721-FRA
expires: Wed, 26 May 2021 10:41:14 GMT

GET
H2 200 66666(1).jpg
beforeitsnews.com/contributor/upload/106013/images/ 47 KB
47 KB 42ms
30ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/106013/images/66666(1).jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b87045c3cdb4880fcfb9e4ea89ee946576c699c1173c949a914ea18129aceda3

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 121067
cf-polished: origSize=49863, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 47952
cf-request-id: 02f54f2e1d0000d7213e9cf200000001
last-modified: Mon, 25 May 2020 15:39:02 GMT
server: cloudflare
etag: "5ecbe696-c2c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c36fedd721-FRA
expires: Tue, 25 May 2021 15:41:14 GMT

GET
H2 200 EYJl5-QUEAEPE_g.jpg
beforeitsnews.com/contributor/upload/30080/images/ 32 KB
32 KB 38ms
25ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/30080/images/EYJl5-QUEAEPE_g.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b14c875664ac58f29649a0f9bb7c9d0b76043ef527c1024e07e3e7c8c00689e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 818029
cf-polished: origSize=33966, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 32651
cf-request-id: 02f54f2e1d0000d7213e9d0200000001
last-modified: Sun, 17 May 2020 13:58:26 GMT
server: cloudflare
etag: "5ec14302-84ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c36feed721-FRA
expires: Mon, 17 May 2021 14:05:12 GMT

GET
H/1.1 200
OK zwaddi-YvYBOSiBJE8-unsplash.jpg
www.tcd.ie/news_events/wp-content/uploads/2020/05/ 46 KB
46 KB 4110ms
117ms Image
image/jpeg 134.226.14.234
HEANET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tcd.ie/news_events/wp-content/uploads/2020/05/zwaddi-YvYBOSiBJE8-unsplash.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 134.226.14.234 Dublin, Ireland, ASN1213 (HEANET, IE),
Reverse DNS: bookofkells.ie
Software: Apache/2.4.43 /
Resource Hash: b52dc73f6af297eb30d83ed390eb71e8d86b94e419a402556a70a1dfe2a0c402

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 May 2020 01:19:05 GMT
Last-Modified: Mon, 11 May 2020 11:36:47 GMT
Server: Apache/2.4.43
ETag: "b7ec-5a55dc314c63f"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 47084

GET
H2 200 maxresdefault.jpg
i.ibb.co/Cv9pwtt/ 14 KB
14 KB 217ms
68ms Image
image/jpeg 51.178.88.195
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/Cv9pwtt/maxresdefault.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.178.88.195 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 5ff923f9225d332e89cf4178b520a18c0439164ac26a5d259404cead98a51a23

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
last-modified: Sat, 23 May 2020 03:13:41 GMT
server: nginx
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 14442
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 screen-shot-2020-05-26-at-5.08.45-am.png
justusaknight.files.wordpress.com/2020/05/ 232 KB
232 KB 107ms
33ms Image
image/png 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://justusaknight.files.wordpress.com/2020/05/screen-shot-2020-05-26-at-5.08.45-am.png?w=500&h=283
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8acda21a9b2972b2289df5a54df9a536977670438d1503857b1fdcf1567c825b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Wed, 27 May 2020 01:19:01 GMT
last-modified: Tue, 26 May 2020 12:11:09 GMT
server: nginx
vary: Accept
content-type: image/png
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 237237
expires: Fri, 03 Jul 2020 22:57:59 GMT

GET
H2 200 Micro-comb-image-WEB.jpg
www.monash.edu/__data/assets/image/0008/2208185/ 138 KB
139 KB 3046ms
2625ms Image
image/jpeg 185.64.253.1
SQUIZUK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.monash.edu/__data/assets/image/0008/2208185/Micro-comb-image-WEB.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.64.253.1 , United Kingdom, ASN201755 (SQUIZUK, GB),

Reverse DNS

lb01.ash2.uk.squizedge.net

Software

openresty /

Resource Hash

7d34caf86a533b4bcde6afe1f81d4eef95c4f1f6b1ee9a9743b5077aab729a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:03 GMT
via: 1.1 squizedge.net
x-content-type-options: nosniff
last-modified: Wed, 20 May 2020 22:27:48 GMT
server: openresty
etag: "5ec5aee4-228b6"
x-cache: MISS from squizedge.net
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
x-request-id: 1589983f-8e87-4a8a-8b5d-95927e0a54ce
expires: Fri, 26 Jun 2020 01:19:03 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/49Nk0N1GQA0/ 9 KB
9 KB 55ms
52ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/49Nk0N1GQA0/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb43623e1da5715f075df96e6c3cc160fedd4ee6416ffc88b529c0a523fa7f4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9449
x-xss-protection: 0
expires: Wed, 27 May 2020 01:24:01 GMT

GET
H/1.1 200
OK raymond-map2-637x372.png
blogs.ei.columbia.edu/wp-content/uploads/2019/07/ 67 KB
68 KB 645ms
120ms Image
image/png 45.55.98.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogs.ei.columbia.edu/wp-content/uploads/2019/07/raymond-map2-637x372.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.55.98.100 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 22213c9f84fd860137ce85a1e9d408b45b324304a92a84a5b584e947cb61c001

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 May 2020 01:19:02 GMT
Last-Modified: Tue, 23 Jul 2019 20:22:30 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "10dd7-58e5ef3b708ec"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 69079

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/UxBYMOMpVvs/ 38 KB
38 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/UxBYMOMpVvs/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b999a7e5830120655ffda525aa8a33fa08937c84ee1a9fe214470d402d16d497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:18:44 GMT
x-content-type-options: nosniff
server: sffe
age: 17
etag: "1590531389"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39007
x-xss-protection: 0
expires: Wed, 27 May 2020 01:23:44 GMT

GET
H2 200 trumpspace.png
assets.ozy.com/ozy-prod/2019/07/ 3 MB
3 MB 136ms
60ms Image
image/png 13.224.95.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ozy.com/ozy-prod/2019/07/trumpspace.png?width=1600&height=900
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.95.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-17.zrh50.r.cloudfront.net
Software: /
Resource Hash: 479c7d7ace61d77297ba5ede747ecdb2ae006ad62669f30152704ebcbc5805f9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 May 2020 21:20:10 GMT
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
age: 14331
x-amzn-requestid: d9489b3c-b2af-4206-bc03-8ea2c9aebf30
access-control-allow-methods: GET
content-type: image
status: 200
x-amzn-trace-id: Root=1-5ecd8803-c69a0484adaa1a1450bf7d3c;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
access-control-allow-credentials: true
x-amz-apigw-id: NKIwkGTrIAMFtPA=
content-length: 2911496
x-amz-cf-id: OI6kUzQ29w5x9JeT3lF9-qNwh-WgGyoXqw3xLRTAQVV1Ei9BJIbs3Q==
access-control-allow-headers: Content-Type, Authorization

GET
H2 200 0(27).jpg
beforeitsnews.com/contributor/upload/106013/images/ 38 KB
38 KB 43ms
32ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/106013/images/0(27).jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c97c8822d566ceb8e0a36a1408a8f67f3fc8c63d8a628a4fd60eab047293317

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 229848
cf-polished: origSize=40295, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 39116
cf-request-id: 02f54f2e1d0000d7213e9d1200000001
last-modified: Sun, 24 May 2020 09:26:59 GMT
server: cloudflare
etag: "5eca3de3-9d67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c36fefd721-FRA
expires: Mon, 24 May 2021 09:28:13 GMT

GET
H2 200 02829e22-b7ef-42e6-a7f9-e18fce5fbb4d.jpg
beforeitsnews.com/contributor/upload/724569/images/ 51 KB
51 KB 42ms
32ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/724569/images/02829e22-b7ef-42e6-a7f9-e18fce5fbb4d.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e5f44d01cd26b9cedb93c6bbf7eb866df513093e83d975cad63a762d896f6a9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 367369
cf-polished: origSize=59240, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 52200
cf-request-id: 02f54f2e1d0000d7213e9d2200000001
last-modified: Fri, 22 May 2020 18:20:49 GMT
server: cloudflare
etag: "5ec81801-e768"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c36ff0d721-FRA
expires: Sat, 22 May 2021 19:16:12 GMT

GET
H/1.1 200
OK 20200303-conv.jpg
www.nih.gov/sites/default/files/news-events/research-matters/2020/ 492 KB
493 KB 553ms
193ms Image
image/jpeg 2406:da00:ff00::22e1:fa6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nih.gov/sites/default/files/news-events/research-matters/2020/20200303-conv.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2406:da00:ff00::22e1:fa6 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

efc13da28f46f6f522f73c9f43f2b9fad5889f3616874a033cba60264a50810f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 May 2020 01:19:02 GMT
Via: varnish
X-Content-Type-Options: nosniff
Age: 1165363
X-Cache: HIT
X-Cache-Hits: 24095
Connection: keep-alive
X-AH-Environment: prod
Vary: Host
Content-Length: 504067
X-Request-ID: v-b9d09518-951e-11ea-86aa-cb08288ae381
Last-Modified: Mon, 02 Mar 2020 22:10:00 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Expires: Wed, 27 May 2020 13:36:18 GMT

GET
H/1.1 200
OK CONUS_Hurricane_Harvey-1024x389.jpg
news.wisc.edu/content/uploads/2020/05/ 94 KB
95 KB 633ms
158ms Image
image/jpeg 144.92.104.43
WISC-MADISON-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.wisc.edu/content/uploads/2020/05/CONUS_Hurricane_Harvey-1024x389.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.92.104.43 Madison, United States, ASN59 (WISC-MADISON-AS, US),
Reverse DNS: hagi.doit.wisc.edu
Software: JPG / electricity
Resource Hash: 7fcd1181aba3a48b88d2f0fc9ba21ad0925ebb19e3bc3c5346e4230a217107d0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 26 May 2020 19:48:32 GMT
Via: 1.1 varnish-v4
Age: 19830
X-Powered-By: electricity
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 96746
X-UA-Compatible: IE=edge
Server: JPG
ETag: "22294a-179ea-5a5f1d00f2d54"
X-Varnish: 5166647 4565179
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=2678400
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=15, max=100

GET
H2 200 loading.gif
beforeitsnews.com/img/v3/ 14 KB
14 KB 32ms
22ms Image
image/webp 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/img/v3/loading.gif
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a09f9c64323543f0ab14ec2ddbf9e16699cccef1a63ef8e5776864c4186365a

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 99860
cf-polished: origFmt=gif, origSize=38375
status: 200
content-disposition: inline; filename="loading.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 13836
cf-request-id: 02f54f2e1d0000d7213e9d3200000001
last-modified: Wed, 13 Jun 2018 18:37:21 GMT
server: cloudflare
etag: "5b216461-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c36ff2d721-FRA
expires: Tue, 25 May 2021 21:34:41 GMT

GET
H2 200 Galilean_satellites_noborder.jpg
upload.wikimedia.org/wikipedia/commons/0/07/ 570 KB
571 KB 57ms
26ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/0/07/Galilean_satellites_noborder.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.7 /

Resource Hash

3e59fc6783fd68c4dc17837dc2a93836292da0c1ee58b109bbce2f5d7f7cb6a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 May 2020 08:33:55 GMT
age: 0
x-cache-status: hit-local
x-cache: cp3061 hit, cp3055 pass
status: 200
server-timing: cache;desc="hit-local"
content-length: 583587
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: 7073syw85etf8mbkh74kp3hxctxt912
last-modified: Mon, 04 Nov 2013 19:53:20 GMT
server: ATS/8.0.7
etag: b428eb3e0aa4fa3efbbc97369e9afa53
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1383594799.46717
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 Ring-galaxy-artist-still-James-Josephides-1.jpg
astro3d.org.au/wp-content/uploads/2020/05/ 842 KB
848 KB 509ms
163ms Image
image/jpeg 162.241.253.189
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://astro3d.org.au/wp-content/uploads/2020/05/Ring-galaxy-artist-still-James-Josephides-1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.189 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5813.bluehost.com
Software: Apache /
Resource Hash: 9e1359ca4fe15016b4d3f81a9136505d04d7af11d3f9d434655928b493fcea16

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
last-modified: Mon, 25 May 2020 07:22:03 GMT
server: Apache
accept-ranges: bytes
x-endurance-cache-level: 2
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 861835
expires: Thu, 27 May 2021 01:19:02 GMT

GET
H2 200 4cf1b0a1904dc4fddb2173ca1d88b4d8--fake-news-top-.jpg
beforeitsnews.com/contributor/upload/30080/images/ 29 KB
29 KB 46ms
37ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/30080/images/4cf1b0a1904dc4fddb2173ca1d88b4d8--fake-news-top-.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b6ded6933a955cf0033cfa29f84052470a067ddcd83ad885905300e98944e9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 562911
cf-polished: origSize=32775, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 29543
cf-request-id: 02f54f2e1d0000d7213e9d4200000001
last-modified: Wed, 20 May 2020 12:13:10 GMT
server: cloudflare
etag: "5ec51ed6-8007"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c36ff4d721-FRA
expires: Thu, 20 May 2021 12:57:10 GMT

GET
H2 200 ea100fb275bc34d86188423fdfa31fa7.jpg
beforeitsnews.com/contributor/upload/30080/images/ 46 KB
47 KB 30ms
20ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/30080/images/ea100fb275bc34d86188423fdfa31fa7.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3496939c5424f4a2cbe31f2e37c7087b96713bb2e09b49326f59cf0f440bf889

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 388071
cf-polished: origSize=49885, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 47424
cf-request-id: 02f54f2e1d0000d7213e9d5200000001
last-modified: Fri, 22 May 2020 13:23:46 GMT
server: cloudflare
etag: "5ec7d262-c2dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c36ff6d721-FRA
expires: Sat, 22 May 2021 13:31:10 GMT

GET
H2 200 1a4d8fe58a251bed0dced4c2bdd6b366.jpg
beforeitsnews.com/contributor/upload/30080/images/ 78 KB
78 KB 42ms
33ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/30080/images/1a4d8fe58a251bed0dced4c2bdd6b366.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b32117e095af29406bed0730376d636452ea48474e9a5c852d5e68d01dd7c1d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 123167
cf-polished: origSize=86350, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 79992
cf-request-id: 02f54f2e210000d7213e9d6200000001
last-modified: Mon, 25 May 2020 14:59:33 GMT
server: cloudflare
etag: "5ecbdd55-1514e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c36805d721-FRA
expires: Tue, 25 May 2021 15:06:14 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/jep9lBkCsJA/ 28 KB
28 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/jep9lBkCsJA/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df4ddc93012be5d9e135af417617dd9cb23baff4fef99689c8eb256cb4dc67e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 May 2020 23:46:57 GMT
x-content-type-options: nosniff
server: sffe
age: 5524
etag: "1590274705"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28640
x-xss-protection: 0
expires: Wed, 27 May 2020 01:46:57 GMT

GET
H/1.1 200
OK 232705_web.jpg
media.eurekalert.org/multimedia_prod/pub/web/ 56 KB
56 KB 590ms
121ms Image
image/jpeg 198.151.217.193
AAAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.eurekalert.org/multimedia_prod/pub/web/232705_web.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.151.217.193 Washington, United States, ASN22671 (AAAS, US),
Reverse DNS: ekamedia03.eurekalert.org
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1daf5942a1ab5728aa48a440d5c5f529d6dd730dc45ca8ac72eea3d0721ab02c

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 May 2020 01:19:00 GMT
Last-Modified: Fri, 22 May 2020 11:29:11 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1425fa9-e017-5a63af02e5e79"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 57367

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/ysF1vKQrr40/ 14 KB
14 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ysF1vKQrr40/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

684f539952e79ad8c8cf72ee8fbd2b92cf1dcdf129a2b5b7fd8c250fde3b342c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1590489242"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14631
x-xss-protection: 0
expires: Wed, 27 May 2020 01:24:01 GMT

GET
H2 200 reuters-rmb-internationalizatoin-yuan-tyrone-siu.jpg
cms.qz.com/wp-content/uploads/2015/11/ 16 KB
17 KB 131ms
35ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.qz.com/wp-content/uploads/2015/11/reuters-rmb-internationalizatoin-yuan-tyrone-siu.jpg?quality=75&strip=all&w=410&h=231
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f5c978fc4439701f362797056192f96e35a06d596cbefbc795e5b5bc116aa0d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
x-rq: fra1 109 83 443
last-modified: Tue, 26 May 2020 14:50:15 GMT
server: nginx
etag: "38a1ab1ed17a1482"
vary: Accept
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16718
expires: Wed, 26 May 2021 14:50:15 GMT

GET
H2 200 Screen-Shot-2020-05-26-at-9.07.29-AM.png
lisahaven.news/wp-content/uploads/2020/05/ 533 KB
534 KB 484ms
13ms Image
image/png 2606:4700:3034::681f:5aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lisahaven.news/wp-content/uploads/2020/05/Screen-Shot-2020-05-26-at-9.07.29-AM.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3034::681f:5aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eebc8f5c13e25e6ccf4db03329c3b62039f179e594920fae1a2e00fd22f97d01

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
cf-cache-status: HIT
last-modified: Tue, 26 May 2020 16:13:32 GMT
server: cloudflare
age: 3483
etag: "85342-5a68f6070e061"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 599be7c76b241772-FRA
content-length: 545602
cf-request-id: 02f54f309e00001772cdb93200000001

GET
H2 200 Screenshot%202020-05-07%20at%2007_53_54.png
beforeitsnews.com/contributor/upload/30080/images/ 137 KB
138 KB 38ms
30ms Image
image/webp 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/30080/images/Screenshot%202020-05-07%20at%2007_53_54.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe04e3daffebe0c6426877a51a469f452a425f0f18035d9402af3121aadfea3c

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 122896
cf-polished: origFmt=png, origSize=199257
status: 200
content-disposition: inline; filename="Screenshot%202020-05-07%20at%2007_53_54.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 140586
cf-request-id: 02f54f2e210000d7213e9d7200000001
last-modified: Thu, 07 May 2020 12:54:14 GMT
server: cloudflare
etag: "5eb404f6-30a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c36807d721-FRA
expires: Tue, 25 May 2021 15:10:45 GMT

GET
H2 200 new-rockefeller-covid-19-action-plan-the-uns-official-nwo-website-as-the-cdc-goes-door-to-door-activist-post.jpg
beforeitsnews.com/contributor/upload/30080/images/ 37 KB
37 KB 36ms
28ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/30080/images/new-rockefeller-covid-19-action-plan-the-uns-official-nwo-website-as-the-cdc-goes-door-to-door-activist-post.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dae7e47ae639d66946ecef8d33b34baa2a23052ea9bda206a3fc1f6e0e2381bb

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 45825
cf-polished: origSize=38891, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 37497
cf-request-id: 02f54f2e210000d7213e9d8200000001
last-modified: Tue, 26 May 2020 12:30:01 GMT
server: cloudflare
etag: "5ecd0bc9-97eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c36809d721-FRA
expires: Wed, 26 May 2021 12:35:16 GMT

GET
H2 200 us_capitol_nasa_1040.jpg
beforeitsnews.com/contributor/upload/106013/images/ 47 KB
47 KB 48ms
40ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/106013/images/us_capitol_nasa_1040.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5dea44e1c16e7eed5921b772aed7e80ad78e762c98c4dde3675587a544307ef

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 450711
cf-polished: origSize=50319, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 47656
cf-request-id: 02f54f2e210000d7213e9d9200000001
last-modified: Thu, 21 May 2020 20:06:21 GMT
server: cloudflare
etag: "5ec6df3d-c48f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c3680ad721-FRA
expires: Fri, 21 May 2021 20:07:10 GMT

GET
H2 200 18DBACC5-4917-4EE8-845B-DA33EC08F141.jpg
beforeitsnews.com/contributor/upload/712250/images/ 75 KB
75 KB 53ms
46ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/712250/images/18DBACC5-4917-4EE8-845B-DA33EC08F141.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a5529955b8d91b692d4c819adecd7d9bc0d5ab45ce50cec2724d0c8f9774f6d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 8444
cf-polished: origSize=81653, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 76661
cf-request-id: 02f54f2e210000d7213e9da200000001
last-modified: Tue, 26 May 2020 21:42:33 GMT
server: cloudflare
etag: "5ecd8d49-13ef5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c3680bd721-FRA
expires: Wed, 26 May 2021 22:58:17 GMT

GET
H2 200 Coronavirus-DNA-Science.jpg
beforeitsnews.com/contributor/upload/30080/images/ 31 KB
31 KB 40ms
33ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/30080/images/Coronavirus-DNA-Science.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aeb8ba6f6e25c0b7429bc7aa177e9d2a0414243faffc1af9f5e28861e55cc9b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 392989
cf-polished: origSize=33913, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 31764
cf-request-id: 02f54f2e210000d7213e9db200000001
last-modified: Fri, 22 May 2020 12:00:31 GMT
server: cloudflare
etag: "5ec7bedf-8479"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c3680cd721-FRA
expires: Sat, 22 May 2021 12:09:12 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/BD12GtVBbz4/ 26 KB
26 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/BD12GtVBbz4/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7420218a520338d4dfe30654d67fcb15b325605030b85759ff184b07e706b61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 00:17:17 GMT
x-content-type-options: nosniff
server: sffe
age: 3704
etag: "1588813225"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26456
x-xss-protection: 0
expires: Wed, 27 May 2020 02:17:17 GMT

GET
H2 200 27-alkalizing-foods-fb-918x482.jpg
www.mydailyinformer.com/wp-content/uploads/2018/11/ 17 KB
17 KB 65ms
16ms Image
image/jpeg 2606:4700:3036::681b:9198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mydailyinformer.com/wp-content/uploads/2018/11/27-alkalizing-foods-fb-918x482.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:9198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb8b96e042bc3c298afeeaea201e25da226ab260d6ac4f414c3caa243dc88ab

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 11:39:21 GMT
server: cloudflare
age: 6547
etag: "433a-57be0400c6c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 599be7c59f073260-FRA
content-length: 17210
cf-request-id: 02f54f2f7c00003260c122f200000001

GET
H2 200 Code-Crash-Computer-Error-Bug.jpg
beforeitsnews.com/contributor/upload/30080/images/ 49 KB
50 KB 36ms
30ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/30080/images/Code-Crash-Computer-Error-Bug.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd309dcb21159db2aed0161a4a0664be9e728396acb2f72ed78b294ba9c03ac6

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 1082214
cf-polished: origSize=53776, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 50658
cf-request-id: 02f54f2e210000d7213e9dc200000001
last-modified: Thu, 14 May 2020 12:25:46 GMT
server: cloudflare
etag: "5ebd38ca-d210"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c3680ed721-FRA
expires: Fri, 14 May 2021 12:42:07 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/OY4xSz6yCMk/ 41 KB
41 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/OY4xSz6yCMk/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d8e48472133d5b3485065215ad852c136c10968c7db47a378295123fd193ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 00:29:34 GMT
x-content-type-options: nosniff
server: sffe
age: 2967
etag: "1588090376"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42057
x-xss-protection: 0
expires: Wed, 27 May 2020 02:29:34 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/ck1-JIgfqR4/ 10 KB
11 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ck1-JIgfqR4/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82e208e96aeeb23e8d079055d8e64e7556ae3423e9c1e40638e0f7e632721d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 00:36:29 GMT
x-content-type-options: nosniff
server: sffe
age: 2552
etag: "1573405877"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10660
x-xss-protection: 0
expires: Wed, 27 May 2020 02:36:29 GMT

GET
H2 200 download%20-%202020-05-15T101032_357.jpeg
beforeitsnews.com/contributor/upload/30080/images/ 7 KB
7 KB 47ms
41ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/30080/images/download%20-%202020-05-15T101032_357.jpeg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9cb970f4e46883a6db0e9e4c8f749dd2774439682c5f7648bf507c5cd52b29a

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 986510
cf-polished: origSize=7296, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 7295
cf-request-id: 02f54f2e210000d7213e9dd200000001
last-modified: Fri, 15 May 2020 15:10:53 GMT
server: cloudflare
etag: "5ebeb0fd-1c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c3680fd721-FRA
expires: Sat, 15 May 2021 15:17:11 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/UAjqFjYKKr0/ 11 KB
11 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/UAjqFjYKKr0/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae5f165184678db0e7e991df1c7a0f0b0fbfd6fff347528f805f34fa2c58a618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:13:39 GMT
x-content-type-options: nosniff
server: sffe
age: 322
etag: "1589847672"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11483
x-xss-protection: 0
expires: Wed, 27 May 2020 03:13:39 GMT

GET
H2 200 Coronavirus-Trump-World-Outbreak.jpg
www.naturalnews.com/wp-content/uploads/sites/91/2020/05/ 362 KB
363 KB 262ms
243ms Image
image/jpeg 2606:4700::6810:8746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.naturalnews.com/wp-content/uploads/sites/91/2020/05/Coronavirus-Trump-World-Outbreak.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2affa2bab2778ba92cee78be3c0e8fec7873476ae7ea6feff79f76632dc03fff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
status: 200
content-length: 371192
cf-request-id: 02f54f2f740000061067b12200000001
last-modified: Mon, 25 May 2020 16:03:12 GMT
server: cloudflare
etag: "6e5534fead32d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 599be7c58bf00610-FRA
expires: Wed, 27 May 2020 01:20:02 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/-31Zv1rvtIo/ 9 KB
9 KB 72ms
71ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/-31Zv1rvtIo/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa876745548e7151ec664af2426716669b11f45729d63d5b09c461d674e87f15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
x-content-type-options: nosniff
server: sffe
etag: "1590344326"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9566
x-xss-protection: 0
expires: Wed, 27 May 2020 01:24:02 GMT

GET
H2 200 ads.png
beforeitsnews.com/img/v3/ 34 B
230 B 48ms
42ms Image
image/webp 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/img/v3/ads.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 93470
cf-polished: origFmt=png, origSize=95
status: 200
content-disposition: inline; filename="ads.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 34
cf-request-id: 02f54f2e210000d7213e9de200000001
last-modified: Thu, 30 May 2019 00:55:31 GMT
server: cloudflare
etag: "5cef2a03-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c36810d721-FRA
expires: Tue, 25 May 2021 23:21:11 GMT

GET
H2 200 tabs-bin-rev-498.js Show response
beforeitsnews.com/static/js-v3/ 148 B
351 B 31ms
30ms Script
application/javascript 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beforeitsnews.com/static/js-v3/tabs-bin-rev-498.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 953694
cf-polished: origSize=189
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f2df30000d7213e9c7200000001
last-modified: Sat, 16 May 2020 00:18:26 GMT
server: cloudflare
etag: W/"5ebf3152-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 599be7c31f7fd721-FRA
expires: Sat, 23 May 2020 00:24:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3121b39ad0e8320b5a81978ceed517ed301a33222572b8e729741029172e13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33252
x-xss-protection: 0
last-modified: Wed, 27 May 2020 00:21:42 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 May 2020 01:19:02 GMT

GET
H2 200 pArkUMiZGVJS0D7yURT7nCVDhvU.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 28ms
23ms Script
application/javascript 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beforeitsnews.com/cdn-cgi/apps/body/pArkUMiZGVJS0D7yURT7nCVDhvU.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/Myqi1M8Ky-htqYcSp4r3D7o299U.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe14d2e0fc691500d5eea50368d5f71fccfb666e6ca37a696d91c8e9d78fa2f

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 1066021
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 4EABAF52849B5542
x-amz-id-2: /wimcDdjMhymEM0htZijEGHHREeo2KMKNiaHWp9ImjASnaDPQ7gJIO68jtKJlCJ4hX9PVRPkBi4=
last-modified: Thu, 14 May 2020 17:11:55 GMT
server: cloudflare
etag: W/"4579ee4508c73d89f189f1122b273bbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: x0xKjVejui1Gfv18rGI.ZuIFJYzcaBCW
cf-request-id: 02f54f2e210000d7213e9df200000001
cf-ray: 599be7c36811d721-FRA

GET
H2 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
326 B 34ms
28ms Image
image/webp 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/img/v3/top-bg.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-498.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 1049395
cf-polished: origFmt=png, origSize=164
status: 200
content-disposition: inline; filename="top-bg.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 100
cf-request-id: 02f54f2e210000d7213e9e0200000001
last-modified: Mon, 18 Jun 2018 21:28:42 GMT
server: cloudflare
etag: "5b28240a-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c36813d721-FRA
expires: Fri, 14 May 2021 21:49:06 GMT

GET
H2 200 search.png
beforeitsnews.com/img/b4in/ 686 B
1022 B 40ms
37ms Image
image/webp 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/img/b4in/search.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-498.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 126867
cf-polished: origFmt=png, origSize=805
status: 200
content-disposition: inline; filename="search.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 686
cf-request-id: 02f54f2e210000d7213e9e1200000001
last-modified: Thu, 13 Apr 2017 09:52:51 GMT
server: cloudflare
etag: "58ef4a73-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c36815d721-FRA
expires: Tue, 25 May 2021 14:04:34 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v31/ 16 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v31/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8528e1c68a0c2bde1022646073b2421704efa4cd0aac88772e38ea492b8c283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
Origin: https://beforeitsnews.com

Response headers

date: Wed, 20 May 2020 10:47:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 00:19:33 GMT
server: sffe
age: 570715
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16468
x-xss-protection: 0
expires: Thu, 20 May 2021 10:47:06 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v8/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v8/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
Origin: https://beforeitsnews.com

Response headers

date: Thu, 21 May 2020 18:33:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:28:05 GMT
server: sffe
age: 456315
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15124
x-xss-protection: 0
expires: Fri, 21 May 2021 18:33:46 GMT

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame A6C4 133 KB
37 KB 85ms
32ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204271
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ad3f01505f775bd66834222cb32533197fb1991215e2b97674669f6c6a85ba

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
content-encoding: br
cf-cache-status: HIT
age: 4771
cf-polished: origSize=136281
status: 200
last-modified: Tue, 14 Apr 2020 10:32:10 GMT
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: DCEE7E5A1859EF3B
x-amz-id-2: 7XOP/ROfDPRfM+5xuaf4k+Mci3U1PFZ+ph/M7hq+hnif5ObYQC2xkK4/nVkaxPQRFyA62z3Ma8I=
cf-bgj: minify
server: cloudflare
etag: W/"47916287a0415d9f45a9eced327c836c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 02f54f2fe40000cc4e638f4200000001
cf-ray: 599be7c63ddccc4e-ZRH
expires: Wed, 27 May 2020 02:19:02 GMT

GET
H2 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 24ms
23ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/img/v3/culturebg.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-498.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 1103676
cf-polished: status=not_needed
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 15334
cf-request-id: 02f54f2ee70000d7213e9e9200000001
last-modified: Sat, 09 Feb 2019 15:29:21 GMT
server: cloudflare
etag: "5c5ef1d1-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c4a9f8d721-FRA
expires: Fri, 14 May 2021 06:44:25 GMT

GET
H2 200 beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame 8243 134 KB
37 KB 73ms
66ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20204271
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e35e1a7a1971d15eec9503ff6b16268da7137ece51a3cf4d9430b0cff5b83b88

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
content-encoding: br
cf-cache-status: HIT
age: 2912
cf-polished: origSize=136922
status: 200
last-modified: Tue, 14 Apr 2020 10:35:13 GMT
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: FAEAA64815C5B0B3
x-amz-id-2: hS2UZJf/BIgwBOJ6EKYZau1Q94I71VP2R2R9+Sko4ttKQvqicFZeX3Ay9c9DCXlarqvFo2+eUy4=
cf-bgj: minify
server: cloudflare
etag: W/"19656a38703420602a45aa4d31c93b32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 02f54f2fe50000cc4e638f5200000001
cf-ray: 599be7c63dddcc4e-ZRH
expires: Wed, 27 May 2020 02:19:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
39 KB 47ms
26ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e24b0522e0eb9672bfe8f3ecaf02961e2eefb6295436686378655d93b14961f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 39298
x-xss-protection: 0
server: cafe
etag: 10381924209498028617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 27 May 2020 01:19:02 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
393 B 61ms
15ms Script
application/javascript 2606:4700:3037::681b:b8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:b8f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
cf-cache-status: HIT
server: cloudflare
age: 48880
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 599be7c6f8ffbeab-FRA
access-control-allow-origin: *
content-length: 9
cf-request-id: 02f54f30560000beab168fb200000001

GET
H2 200 adcode.png
rddywd.com/ 43 B
442 B 25ms
10ms Image
image/gif 2606:4700:3037::681b:b8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:b8f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
age: 41468
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 599be7c6fbfc074a-FRA
content-length: 43
cf-request-id: 02f54f305b0000074a7ba8d200000001

GET
H2 204 generate_204
www.googleapis.com/ 0
244 B 26ms
5ms Image
text/plain 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 27 May 2020 01:19:02 GMT
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
2 KB 37ms
37ms Image
image/webp 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/img/v3/logo-bottom.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-498.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:01 GMT
cf-cache-status: HIT
age: 57140
cf-polished: origFmt=jpeg, origSize=2574
status: 200
content-disposition: inline; filename="logo-bottom.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 2250
cf-request-id: 02f54f2f230000d7213e9eb200000001
last-modified: Wed, 06 Jun 2018 18:26:21 GMT
server: cloudflare
etag: "5b18274d-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7c50a75d721-FRA
expires: Wed, 26 May 2021 09:26:40 GMT

POST
H2 200 count.php Show response
beforeitsnews.com/core/ajax/counter/ 15 B
260 B 525ms
525ms XHR
text/html 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

817723771986ea99bcdbfddfaf5c5c353be806649e09abef86a16392edcc454c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 599be7c56b22d721-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 15
cf-request-id: 02f54f2f630000d7213e9ef200000001

GET
H2 200 carousel.php Show response
beforeitsnews.com/core/ajax/contributor/god_word/ 2 KB
869 B 539ms
538ms XHR
text/html 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/god_word/carousel.php?_=1590542342002

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd014e150c696545c641e363015167f2e61bf6ba9cd4c1c3a0dc906278910eb7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 599be7c58b45d721-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f2f740000d7213e9f1200000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 1363
date: Wed, 27 May 2020 00:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Wed, 27 May 2020 02:56:19 GMT

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com

Response headers

date: Sun, 17 May 2020 09:38:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 834028
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Mon, 17 May 2021 09:38:34 GMT

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 4 KB
2 KB 84ms
82ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=0&h=0&cols=4&pv=5&cbuster=1590542342312351292743&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=1&pvid=17253b618a9b15f7831&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204271
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1d71a00ac91cf18dc0c4a0fd4c47515b431402503bede5492fc3078a35a4479

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599be7c79ec9cc4e-ZRH
content-type: application/x-javascript; charset=utf-8
cf-request-id: 02f54f30be0000cc4e6390f200000001

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
952 B 34ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=beforeitsnews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 May 2020 01:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
952 B 35ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=beforeitsnews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 May 2020 01:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 1 Show response
servicer.mgid.com/720412/ 2 KB
1 KB 100ms
100ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?w=370&h=304&cols=1&pv=5&cbuster=1590542342362942270578&uniqId=12add&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=0&pvid=17253b618daaa1ba425&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20204271
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bed841b82f6987e8c57abc5d82e2d9cd4b5d51dbd5a0406e58ee23af3a1f6142

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599be7c7eefecc4e-ZRH
content-type: application/x-javascript; charset=utf-8
cf-request-id: 02f54f30ed0000cc4e63911200000001

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=120684121&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20Peopl...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16055024-1&cid=138285881.1590542342&jid=430170216&_gid=598137468.1590542342&gjid=387356435&_v=j82&z=1911944098
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=138285881.1590542342&jid=430170216&_v=j82&z=1911944098
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=138285881.1590542342&jid=430170216&_v=j82&z=1911944098&slf_rd=1&random=107716278

42 B
106 B

19ms
18ms

Image
image/gif

2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=138285881.1590542342&jid=430170216&_v=j82&z=1911944098&slf_rd=1&random=107716278

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=138285881.1590542342&jid=430170216&_v=j82&z=1911944098&slf_rd=1&random=107716278
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
671 B 85ms
82ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1590542342405517290597
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204271
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b530d209af909ce4148063865161756b6205d32239b2ca8a35f027424d69948f

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599be7c82f3bcc4e-ZRH
content-type: application/javascript
cf-request-id: 02f54f311a0000cc4e63912200000001

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame BD5B 186 B
372 B 81ms
80ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1590542342410519659142
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204271
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599be7c82f3fcc4e-ZRH
content-type: application/javascript
cf-request-id: 02f54f311d0000cc4e63913200000001

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 136ms
38ms Script
application/x-javascript 104.111.214.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204271
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 May 2020 01:19:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 28 May 2020 01:19:02 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 97 KB
30 KB 65ms
27ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204271
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 01793dfe25a8daa227696e0d8630591f4b774fcac7f257eba7296f081cb4dbaa

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 08:37:28 GMT
server: nginx
etag: W/"5ea153c8-18582"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Thu, 28 May 2020 01:19:02 GMT

GET
H2 200 by_mgid_adc_logo_mini.svg
cdn.mgid.com/images/ 2 KB
1 KB 31ms
30ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/by_mgid_adc_logo_mini.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
content-encoding: br
cf-cache-status: HIT
age: 3338
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 43E8A76C70DE9CA3
x-amz-id-2: DS0ZaIbktyeNfd+5h2ft5SqOjIQKennfkXuAQqsm1Syg6FEVDVlE3Phf4Vzlyoyk9cAqamLsEiI=
last-modified: Wed, 29 Apr 2020 06:59:41 GMT
server: cloudflare
etag: W/"5f3390adb0b6aeb988c5d7415b31cbe1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 02f54f31520000cc4e63917200000001
cf-ray: 599be7c88f76cc4e-ZRH
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvNDc0MzcwLzkxMDBlMGU0YjQ3ZGI4MTYzMjQ5MjE1MTA0ZDI5OWI2LmpwZw**.webp
s-img.mgid.com/g/5266405/492x328/0x0x492x328/ 15 KB
16 KB 37ms
32ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5266405/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvNDc0MzcwLzkxMDBlMGU0YjQ3ZGI4MTYzMjQ5MjE1MTA0ZDI5OWI2LmpwZw**.webp
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd51ecae21cbac7ea98638ab58500dba08659f9b2c342be0afe1d27af649f6c

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
cf-cache-status: HIT
age: 270475
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 15798
cf-request-id: 02f54f31720000cc4e6391a200000001
last-modified: Fri, 22 May 2020 18:49:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 599be7c8bf99cc4e-ZRH

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azRxMktGMUVKZWpp&muidn=k4q2KF1EJeji
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azRxMktGMUVKZWpp&muidn=k4q2KF1EJeji&google_tc=
https://cm.mgid.com/google?muidn=k4q2KF1EJeji&google_ula={guid},5&google_gid=CAESEMlUxq0NrNxoE1engyhPUZk&google_cver=1

0
97 B

76ms
75ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k4q2KF1EJeji&google_ula={guid},5&google_gid=CAESEMlUxq0NrNxoE1engyhPUZk&google_cver=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599be7c9a825cc4e-ZRH
content-type: text/plain
cf-request-id: 02f54f32060000cc4e63921200000001

Redirect headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k4q2KF1EJeji&google_ula={guid},5&google_gid=CAESEMlUxq0NrNxoE1engyhPUZk&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
ad.360yield.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k4q2KF1EJeji
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k4q2KF1EJeji
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=8af373f6-a315-4be5-99e3-4dd3dcfdb0a0

43 B
644 B

97ms
34ms

Image
image/gif

18.195.112.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=8af373f6-a315-4be5-99e3-4dd3dcfdb0a0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.112.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-112-7.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 27 May 2020 01:19:02 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Wed, 27 May 2020 01:19:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //ad.360yield.com/match?publisher_dsp_id=191&external_user_id=8af373f6-a315-4be5-99e3-4dd3dcfdb0a0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=d5f2c12c-0276-4b7b-b42c-c292eeea3b12

43 B
245 B

77ms
77ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=d5f2c12c-0276-4b7b-b42c-c292eeea3b12
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:03 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599be7cd9d15cc4e-ZRH
content-type: image/gif
cf-request-id: 02f54f347f0000cc4e6394d200000001

Redirect headers

date: Wed, 27 May 2020 01:19:03 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: //cm.mgid.com/m?cdsp=287839&c=d5f2c12c-0276-4b7b-b42c-c292eeea3b12
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D
https://cm.mgid.com/m?cdsp=433143&c=c0b1e35a-22c9-459a-8330-e5d0e483f413

43 B
190 B

79ms
78ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433143&c=c0b1e35a-22c9-459a-8330-e5d0e483f413
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599be7c9a826cc4e-ZRH
content-type: image/gif
cf-request-id: 02f54f32060000cc4e63922200000001

Redirect headers

status: 307
date: Wed, 27 May 2020 01:19:02 GMT
content-length: 0
location: https://cm.mgid.com/m?cdsp=433143&c=c0b1e35a-22c9-459a-8330-e5d0e483f413

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

118ms
42ms

Image
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Wed, 27 May 2020 01:19:02 GMT
Access-Control-Allow-Credentials: true
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=312c4e47-6f38-4e78-88c5-9e693e5f16eb&ttl=1593134342

43 B
305 B

76ms
76ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=312c4e47-6f38-4e78-88c5-9e693e5f16eb&ttl=1593134342
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599be7cab910cc4e-ZRH
content-type: image/gif
cf-request-id: 02f54f32b20000cc4e63939200000001

Redirect headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=312c4e47-6f38-4e78-88c5-9e693e5f16eb&ttl=1593134342
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=425f6d14-d7b1-4bfc-8c61-37799f1819ce&ssp=mgid&user_group=1
https://cm.mgid.com/m?cdsp=433145&c=e5188f55-454d-4c2c-adb5-2777cb65d137

43 B
386 B

77ms
77ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=e5188f55-454d-4c2c-adb5-2777cb65d137
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:03 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599be7cbc9e9cc4e-ZRH
content-type: image/gif
cf-request-id: 02f54f335a0000cc4e6393d200000001

Redirect headers

status: 302
date: Wed, 27 May 2020 01:19:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=e5188f55-454d-4c2c-adb5-2777cb65d137
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=4Fy3Sj1TjJC3TIJLN0Tw&pi=mgid&tc=1

43 B
197 B

77ms
77ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=4Fy3Sj1TjJC3TIJLN0Tw&pi=mgid&tc=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599be7caa906cc4e-ZRH
content-type: image/gif
cf-request-id: 02f54f32a70000cc4e63937200000001

Redirect headers

status: 302
pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT, Wed, 27 May 2020 01:19:02 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=4Fy3Sj1TjJC3TIJLN0Tw&pi=mgid&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1
https://cm.mgid.com/m?cdsp=501036&c=e62372ca-a633-5194-888a-4a14d6478a12

43 B
213 B

78ms
78ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501036&c=e62372ca-a633-5194-888a-4a14d6478a12
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:03 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599be7cbea25cc4e-ZRH
content-type: image/gif
cf-request-id: 02f54f33710000cc4e6393f200000001

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://cm.mgid.com/m?cdsp=501036&c=e62372ca-a633-5194-888a-4a14d6478a12

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 129ms
80ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k4q2KF1EJeji
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599be7ca68e1cc4e-ZRH
content-type: image/gif
cf-request-id: 02f54f32820000cc4e68984200000001

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
329 B 239ms
79ms Image
image/gif 23.105.245.5
SERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k4q2KF1EJeji
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.5 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.15.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:02 GMT
server: nginx/1.15.10
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

m
cm.mgid.com/ Frame BD5B
Redirect Chain

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

43 B
333 B

85ms
84ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 May 2020 01:19:03 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599be7cc5b22cc4e-ZRH
content-type: image/gif
cf-request-id: 02f54f33b80000cc4e63942200000001

Redirect headers

Location: https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0
Date: Wed, 27 May 2020 01:19:03 GMT
Server: nginx/1.14.2
Connection: keep-alive
Transfer-Encoding: chunked

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
147 B 125ms
40ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=89&profileId=206&cb=22222153135
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Wed, 27 May 2020 01:19:01 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://beforeitsnews.com
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
147 B 125ms
40ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=89&profileId=206&cb=48205624333
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Wed, 27 May 2020 01:19:01 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://beforeitsnews.com
timing-allow-origin: *
vary: Origin

GET
H2 200 incr_views.php Show response
beforeitsnews.com/core/ajax/contributor/god_word/ 5 B
110 B 505ms
505ms XHR
text/html 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/god_word/incr_views.php?id=473&_=1590542342550

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

570c24a6c5d591b4c92d467dc859490b940a7cf19c3ea1b0c5172294f8bcfa4b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:03 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 599be7c8f865d721-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 5
cf-request-id: 02f54f31980000d7213ea07200000001

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/mBDlO_5234c/ 16 KB
16 KB 60ms
40ms Image
image/jpeg 2a00:1450:4001:817::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/mBDlO_5234c/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e622c6a9736aeb9e1c17a8026462f7a88c34a6acf4876bd1aa96321a798bb811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16053
x-xss-protection: 0
expires: Wed, 27 May 2020 03:19:02 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1590542342592&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbefor...
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590542342592&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbefo...

0
528 B

39ms
38ms

Image
text/plain

104.111.214.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590542342592&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=&cs_ak_ss=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 May 2020 01:19:02 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590542342592&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 27 May 2020 01:19:02 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 18ms
17ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 22 May 2021 01:19:02 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 15ms
15ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:02 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 22 May 2021 01:19:02 GMT

POST
H2 204 csm
bidder.criteo.com/ 0
147 B 40ms
40ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=89&profileId=206
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Wed, 27 May 2020 01:19:04 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://beforeitsnews.com
timing-allow-origin: *
vary: Origin

GET
H2 200 jsDynamic-bin-rev-498.js Show response
beforeitsnews.com/static/js-v3/ 7 KB
2 KB 16ms
15ms Script
application/javascript 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-498.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-498.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9437b5e2453f87eeadcccf9c466c04badc162b1788bfef561ee3bacd95b6cf28

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 953695
cf-polished: origSize=7167
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f3e740000d7213ea7b200000001
last-modified: Sat, 16 May 2020 00:18:24 GMT
server: cloudflare
etag: W/"5ebf3150-1bff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 599be7dd8e41d721-FRA
expires: Sat, 23 May 2020 00:24:10 GMT

GET
H2 200 responsive-bin-rev-498.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
769 B 17ms
16ms Script
application/javascript 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beforeitsnews.com/static/js-v3/responsive-bin-rev-498.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-498.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 953695
cf-polished: origSize=1728
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f3e740000d7213ea7c200000001
last-modified: Sat, 16 May 2020 00:18:25 GMT
server: cloudflare
etag: W/"5ebf3151-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 599be7dd8e42d721-FRA
expires: Sat, 23 May 2020 00:24:10 GMT

GET
H2 200 validate-bin-rev-498.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beforeitsnews.com/static/js-v3/validate-bin-rev-498.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-498.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 953695
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f3e750000d7213ea7d200000001
last-modified: Sat, 16 May 2020 00:18:26 GMT
server: cloudflare
etag: W/"5ebf3152-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 599be7dd8e43d721-FRA
expires: Sat, 23 May 2020 00:24:10 GMT

GET
H2 200 loadmore-bin-rev-498.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-498.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-498.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a1252001292c7bcdef687703653ad460f8322f4ae005f44303dce6dba67bb2d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 953695
cf-polished: origSize=14632
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f3e750000d7213ea7e200000001
last-modified: Sat, 16 May 2020 00:18:25 GMT
server: cloudflare
etag: W/"5ebf3151-3928"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 599be7dd8e45d721-FRA
expires: Sat, 23 May 2020 00:24:10 GMT

GET
H2 200 serve.js.php Show response
trends.revcontent.com/ 4 KB
1 KB 159ms
53ms Script
text/html 52.30.254.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=111268&t=rc_319&c=1590542345865&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-498.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.254.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-254-55.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

b4c79501bed8a642208e658948c9ae306a4cc83621eb395826fd8811030fb5c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
status: 200
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 serve.js.php Show response
trends.revcontent.com/ 4 KB
1 KB 160ms
54ms Script
text/html 52.30.254.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=100246&t=rc_102&c=1590542345866&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-498.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.254.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-254-55.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

b327631fb8f06f5adcd1319c1745011b2e0ea0908bcf538cb0453905679d9435

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
status: 200
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 157ms
49ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-498.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: f1da59d9a16a42d1c9baa37a694a63849ce741e4f0beab61a208f19c2c37c6c4

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:05 GMT
content-encoding: gzip
last-modified: Mon, 25 May 2020 18:38:29 GMT
server: nginx
etag: "5443-1590431909000"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 2376

POST
H2 200 carousel.php Show response
beforeitsnews.com/core/ajax/contributor/v3_banners/ 519 B
412 B 361ms
360ms XHR
text/html 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/v3_banners/carousel.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68197b143fed7ab1a81102a4b9a4c2ffabb3e1de8b6fd43ef948ec1dfa6cddd2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 599be7dddea2d721-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f3ea20000d7213ea80200000001

POST
H2 200 carousel.php Show response
beforeitsnews.com/core/ajax/contributor/v3_banners/ 478 B
366 B 526ms
525ms XHR
text/html 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/v3_banners/carousel.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f10b2573f706a94f85ca7cbdd8ec45b921b5f933e683ca5e194fde045a3fc6d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 599be7dddea6d721-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f3ea20000d7213ea81200000001

GET
H2 200 showing.php Show response
beforeitsnews.com/core/ajax/contributor/v3_live_stream/ 681 B
355 B 543ms
542ms XHR
text/html 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/v3_live_stream/showing.php?_=1590542345889

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c45b248c31956683f4fa200c392b0554c6e7a4dde29078a69d36ec81264acda4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 599be7dddeacd721-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f3ea40000d7213ea82200000001

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 27ms
10ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-498.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1357113f7b28eb8a5e2da0fe0bca37f40fa0d5d25d9dafa4698d0ceb9c72d78

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:05 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 54
etag: W/"3f1c1174b1ee437acb796315c8259f0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 599be7dde9d6d6c5-FRA
cf-request-id: 02f54f3eb40000d6c50abe7200000001
expires: Wed, 27 May 2020 13:19:05 GMT

GET
H2 200 get_items_to_show.php Show response
beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/ 22 KB
2 KB 388ms
387ms XHR
text/html 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/get_items_to_show.php?_=1590542345890

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87c5a4c4fe3255cb0d1da6e5d5842e6b230f45fe1718036e45dd53ccf2afbdf9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 599be7dddeaed721-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f3ea40000d7213ea83200000001

GET
H2 200 get-most-recent-stories-list.php Show response
beforeitsnews.com/v3/recent/ 15 KB
3 KB 517ms
517ms XHR
text/html 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/v3/recent/get-most-recent-stories-list.php?_=1590542345890

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4babbf6c07aaf79b9ae7d115d5aa780ada198e474d6324f4cef796311b70b49c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 599be7dddeb1d721-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f3ea40000d7213ea84200000001

GET
H/1.1 200
OK 10864438442185062
lockerdome.com/lad/ Frame 3A88 0
0 547ms
142ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Wed, 27 May 2020 01:19:06 GMT

GET
H/1.1 200
OK 10864440455450982
lockerdome.com/lad/ Frame 92E1 0
0 551ms
140ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Wed, 27 May 2020 01:19:06 GMT

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ 60 KB
12 KB 349ms
349ms XHR
text/javascript 52.30.254.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=111268&t=rc_319&c=1590542345865&width=1600&site_url=https%3A%2F%2Fbeforeitsnews.com%2F&referer=&skip_iab=true

Requested by

Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=111268&t=rc_319&c=1590542345865&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.254.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-254-55.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

2ddf9362d8e3c6c67522c79ec06038b26e0147936fdbe05e4c757af6bd2d6111

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
status: 200
strict-transport-security: max-age=931536000; includeSubDomains
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
content-type: text/javascript; charset=utf-8

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ 70 KB
19 KB 315ms
314ms XHR
text/javascript 52.30.254.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=100246&t=rc_102&c=1590542345866&width=1600&site_url=https%3A%2F%2Fbeforeitsnews.com%2F&referer=&skip_iab=true

Requested by

Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=100246&t=rc_102&c=1590542345866&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.254.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-254-55.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

67c60aa54d9da047e33c4093c86c5310d7e64ff211b129f8771a549440d09997

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
status: 200
strict-transport-security: max-age=931536000; includeSubDomains
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
content-type: text/javascript; charset=utf-8

GET
H2 200 incr_banner_views.php Show response
beforeitsnews.com/core/ajax/counter/ 6 B
137 B 365ms
364ms XHR
text/html 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/counter/incr_banner_views.php?id=1814&_=1590542346252

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f66073b267e1aba31650ab424d4a9518d3a9771fbb4a0d93d6d29ec1785b40c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 599be7e01a10d721-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 6
cf-request-id: 02f54f400e0000d7213eaa5200000001

GET
H2 200 c318fc768bc858b12d431ef378d7a0769bbf1f7a.jpeg
beforeitsnews.com/img/i2020/05/ 17 KB
17 KB 21ms
20ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/img/i2020/05/c318fc768bc858b12d431ef378d7a0769bbf1f7a.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cefd89cfd29a8e4e6bda4ffff7cbae08723d07e5c9038252f146a40469970ed

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
cf-cache-status: HIT
age: 1102593
cf-polished: origSize=18475, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 17186
cf-request-id: 02f54f400e0000d7213eaa6200000001
last-modified: Sun, 12 May 2019 16:15:05 GMT
server: cloudflare
etag: "5cd84689-482b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7e01a11d721-FRA
expires: Fri, 14 May 2021 07:02:33 GMT

GET
H2 200 increment_views.php Show response
beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/ 142 B
154 B 373ms
373ms XHR
text/html 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/increment_views.php?ids=4916%2C4670%2C4891%2C4898%2C4907%2C4873%2C4687%2C4907%2C4670%2C4907%2C4916%2C4878%2C4670%2C4916&_=1590542346284

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c42ba7d74a695cdf5445c1ca2fc86c0d01c1d57549b3f97343d59262416653d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 599be7e04a59d721-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f402e0000d7213eaaa200000001

GET
H2 200 rev2.min.css
cdn.revcontent.com/build/css/ 83 KB
25 KB 129ms
42ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/css/rev2.min.css?v=d7b56a7ea49af5bb6d1ace56c0197178666de1dd
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 23e61f5278ff3d9913f6045b5911c26a8903b742d043a50dcf66f5801d80b713

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
content-encoding: gzip
last-modified: Tue, 26 May 2020 15:19:35 GMT
etag: "1590506375"
status: 200
x-hw: 1590542346.cds020.pa1.hn,1590542346.cds039.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=9
accept-ranges: bytes
content-length: 25656

GET
H2 200 rev2.min.js Show response
cdn.revcontent.com/build/js/ 280 KB
98 KB 153ms
67ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=d7b56a7ea49af5bb6d1ace56c0197178666de1dd&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ebf585c012c07829008431c00fa48cb3bbae3bc1283c530257f7bd24cb023b8b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
content-encoding: gzip
last-modified: Tue, 26 May 2020 15:19:35 GMT
etag: "1590506375"
status: 200
x-hw: 1590542346.cds020.pa1.hn,1590542346.cds043.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=34
accept-ranges: bytes
content-length: 100419

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://b1sync.zemanta.com/usersync/revcontent/?puid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DZTdhMjQ1MDkwYjVkMGQxMzI...
https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%253D%26bidder%3D3%26bidder_uid%...
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%3D&bidder=3&bidder_uid=-6w81NJAufIOaVYTEGtP

35 B
213 B

60ms
60ms

Image
image/gif

52.30.254.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%3D&bidder=3&bidder_uid=-6w81NJAufIOaVYTEGtP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.254.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-254-55.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 27 May 2020 01:19:07 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 27 May 2020 01:19:07 GMT
P3p: CP="We do not support P3P header."
Location: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%3D&bidder=3&bidder_uid=-6w81NJAufIOaVYTEGtP
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 175
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%253D&geo=35&rev_d...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftrends.revcontent.com%252Fcm%252Fpixel_sync%253Fbidder%253D115%2526bidder_uid%253D%2524UID%2526exchange_uid%253DZTdhMjQ1MDkwYjVkMGQxMzI3O...
https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6172350106885055460&exchange_uid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%3D&geo=35&rev_dt=1590542346

35 B
214 B

68ms
67ms

Image
image/gif

52.30.254.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6172350106885055460&exchange_uid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%3D&geo=35&rev_dt=1590542346
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.254.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-254-55.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 27 May 2020 01:19:06 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 27 May 2020 01:19:08 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.141:80
AN-X-Request-Uuid: 599ee60d-a912-4e67-b9df-9685af13c6f5
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6172350106885055460&exchange_uid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%3D&geo=35&rev_dt=1590542346
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1590542346
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=e5188f55-454d-4c2c-adb5-2777cb65d137
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=d5f2c12c-0276-4b7b-b42c-c292eeea3b12&ssp=revcontent
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=e5188f55-454d-4c2c-adb5-2777cb65d137

35 B
215 B

61ms
60ms

Image
image/gif

52.30.254.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=e5188f55-454d-4c2c-adb5-2777cb65d137
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.254.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-254-55.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 27 May 2020 01:19:06 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

status: 302
date: Wed, 27 May 2020 01:19:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=e5188f55-454d-4c2c-adb5-2777cb65d137
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ 35 B
380 B 525ms
128ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=0b0edea9-c9fe-4b9c-9bcd-a51022f2873f&publisherid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%253D&pushdata=109&secure=1&rev_dt=1590542346
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Wed, 27 May 2020 01:19:06 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI%3D&rev_dt=1590542346
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI=&bidder=154&bidder_uid=d5f2c12c-0276-4b7b-b42c-c292eeea3b12

35 B
215 B

71ms
70ms

Image
image/gif

52.30.254.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI=&bidder=154&bidder_uid=d5f2c12c-0276-4b7b-b42c-c292eeea3b12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.254.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-254-55.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 27 May 2020 01:19:06 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Location: //trends.revcontent.com/cm/pixel_sync?exchange_uid=ZTdhMjQ1MDkwYjVkMGQxMzI3OWU2NjJlN2NiOTJkMzI=&bidder=154&bidder_uid=d5f2c12c-0276-4b7b-b42c-c292eeea3b12
Date: Wed, 27 May 2020 01:19:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
img.revcontent.com/ 54 KB
54 KB 149ms
65ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/01a2a3a5f1e73d2bf5b66d59097f40eb.jpeg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f031bb39beace663b3630e3f05ffd37d65060ed77c12e9fdcb16f1bc37493aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
last-modified: Mon, 27 Apr 2020 00:35:46 GMT
etag: "1587947746"
x-hw: 1590542346.cds036.pa1.hn,1590542346.cds032.pa1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 54845

GET
H2 200 /
img.revcontent.com/ 48 KB
49 KB 173ms
89ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/5e9ebe42a50c80-29378307.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 925ebd85df2118c620ed90f5a5965e32089ff1386dc6bfa861b0d0a30d562789

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
last-modified: Tue, 21 Apr 2020 09:34:59 GMT
etag: "1587461699"
x-hw: 1590542346.cds036.pa1.hn,1590542346.cds040.pa1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 49636

GET
H2 200 /
img.revcontent.com/ 40 KB
40 KB 194ms
111ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/5ec50cbcb1cff5-92668505.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 60206f62503ddeeb12512617d8ef9b9f2e980509d0724c4a973c3ce5301388da

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
last-modified: Wed, 20 May 2020 10:55:57 GMT
etag: "1589972157"
x-hw: 1590542346.cds036.pa1.hn,1590542346.cds034.pa1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 41185

GET
H2 200 /
img.revcontent.com/ 45 KB
45 KB 187ms
104ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/5ec510b4ea5991-09661827.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 467e05d75e04ba9f7494cd9c47d43ead5affcf2180f3b3827b15e6166359fc72

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
last-modified: Wed, 20 May 2020 11:12:54 GMT
etag: "1589973174"
x-hw: 1590542346.cds036.pa1.hn,1590542346.cds030.pa1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 46213

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/BD12GtVBbz4/ 26 KB
26 KB 11ms
5ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/BD12GtVBbz4/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7420218a520338d4dfe30654d67fcb15b325605030b85759ff184b07e706b61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 00:17:17 GMT
x-content-type-options: nosniff
server: sffe
age: 3709
etag: "1588813225"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26456
x-xss-protection: 0
expires: Wed, 27 May 2020 02:17:17 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/UxBYMOMpVvs/ 38 KB
38 KB 13ms
8ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/UxBYMOMpVvs/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b999a7e5830120655ffda525aa8a33fa08937c84ee1a9fe214470d402d16d497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:18:44 GMT
x-content-type-options: nosniff
server: sffe
age: 22
etag: "1590531389"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39007
x-xss-protection: 0
expires: Wed, 27 May 2020 01:23:44 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/qZ_c1s1kUq4/ 35 KB
35 KB 11ms
6ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/qZ_c1s1kUq4/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ac2887278fcc29248207d63c7512d35565f1f0ca207147b8bfe6fbbe9376c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:18:24 GMT
x-content-type-options: nosniff
server: sffe
age: 42
etag: "1590533274"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35592
x-xss-protection: 0
expires: Wed, 27 May 2020 01:23:24 GMT

GET
H2 200 510f69a2e3d5709d18c7256fffeeadb5--pretty-birds-beautiful-birds.jpg
1.bp.blogspot.com/-ugMInZ6hHnI/WjOSLTIPrDI/AAAAAAAB7ig/F0GaZzMy7WwAnlxFKPTJSjI7i7IE2pypACLcBGAs/s1600/ 16 KB
17 KB 38ms
6ms Image
image/jpeg 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ugMInZ6hHnI/WjOSLTIPrDI/AAAAAAAB7ig/F0GaZzMy7WwAnlxFKPTJSjI7i7IE2pypACLcBGAs/s1600/510f69a2e3d5709d18c7256fffeeadb5--pretty-birds-beautiful-birds.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8f319cb02403a779ed91abe152614d03bda8c440372195b2dfc0ab85c4e149f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:17:21 GMT
x-content-type-options: nosniff
age: 105
status: 200
content-disposition: inline;filename="510f69a2e3d5709d18c7256fffeeadb5--pretty-birds-beautiful-birds.jpg"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16712
x-xss-protection: 0
server: fife
etag: "v1ee29"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 28 May 2020 01:17:21 GMT

GET
H2

200

False%20Messiah.jpg
beforeitsnews.com/contributor/upload/711317/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/711317/images/False%20Messiah.jpg
https://beforeitsnews.com/contributor/upload/711317/images/False%20Messiah.jpg

43 KB
43 KB

17ms
16ms

Image
image/jpeg

2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/711317/images/False%20Messiah.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c40a9bcfeda42f1d026b4f5d7d2b923f90a74f23c107f50a7c3e5e309f8fcce9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
cf-cache-status: HIT
age: 112
cf-polished: origSize=48346, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43609
cf-request-id: 02f54f41210000d7213eab4200000001
last-modified: Tue, 26 May 2020 22:55:18 GMT
server: cloudflare
etag: "5ecd9e56-bcda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7e1ccb7d721-FRA
expires: Thu, 27 May 2021 01:17:14 GMT

Redirect headers

Date: Wed, 27 May 2020 01:19:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://beforeitsnews.com/contributor/upload/711317/images/False%20Messiah.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 599be7e159371e47-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f40da00001e4764110200000001
Expires: Wed, 27 May 2020 02:19:06 GMT

GET
H2 200 Sweetheart-Abbey.jpg
www.ancient-origins.net/sites/default/files/styles/large/public/field/image/ 43 KB
43 KB 34ms
14ms Image
image/jpeg 2606:4700:10::6816:44b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ancient-origins.net/sites/default/files/styles/large/public/field/image/Sweetheart-Abbey.jpg?itok=5SAgk1gP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:44b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0947005165c01cb4a0e2580ac39aaebefb0e4b7ca6e302e2fdc5d81c57155848

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1781
cf-polished: origSize=45741
status: 200
content-length: 43798
cf-request-id: 02f54f41460000e00b0f1a1200000001
last-modified: Tue, 26 May 2020 22:14:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
expires: Fri, 26 Jun 2020 00:49:25 GMT
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 599be7e20cf7e00b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 JjChHG.jpg
iili.io/ 94 KB
95 KB 155ms
14ms Image
image/jpeg 2606:4700:3037::6818:7392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iili.io/JjChHG.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6818:7392 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48470f9be55db95df757424f8d8321af21755799d6f45aa024c09acee7e86356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2151
status: 200
content-length: 96233
cf-request-id: 02f54f41d50000d71158398200000001
last-modified: Tue, 26 May 2020 23:56:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ecdac93-177e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 599be7e2ea82d711-FRA

GET
H2 200 researcher.jpg
blog.norml.org/wp-content/uploads/2016/08/ 13 KB
13 KB 643ms
232ms Image
image/jpeg 104.196.179.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.norml.org/wp-content/uploads/2016/08/researcher.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.179.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.179.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 83bda9776a8cc56c2d9ee484798843d743ed9d92fc1adb24bce4388127cfba71

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:07 GMT
last-modified: Wed, 12 Oct 2016 14:57:50 GMT
server: nginx
status: 200
etag: "57fe4f6e-3281"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 12929

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/ROOEke6qYvs/ 34 KB
34 KB 13ms
9ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ROOEke6qYvs/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acfcc19a9f6a66c291c2cb15d43fc17776290084d60b3f3cc8185a2e62357a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:17:28 GMT
x-content-type-options: nosniff
server: sffe
age: 98
etag: "1590524195"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35188
x-xss-protection: 0
expires: Wed, 27 May 2020 01:22:28 GMT

GET
H2 200 7OhYNPhHDpk
www.youtube.com/embed/ 0
0 172ms
149ms Image
text/html 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/embed/7OhYNPhHDpk?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 Little_Sisters_of_the_Poor_SCOTUS.jpg
www.catholicnewsagency.com/images/ 25 KB
25 KB 33ms
13ms Image
image/jpg 2606:4700:3032::681b:8b51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.catholicnewsagency.com/images/Little_Sisters_of_the_Poor_SCOTUS.jpg?w=600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.18
Resource Hash: 15a54fad51d804e5eb6fdaea8dfc52f097d825f1f2871b7772041cd151b5234e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 4901
x-powered-by: PHP/7.3.18
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpg
status: 200
cache-control: max-age=16070400
cf-ray: 599be7e24c72c2a4-FRA
cf-request-id: 02f54f416e0000c2a47029a200000001
expires: Thu, 25 Jun 2020 23:57:25 GMT

GET
H2 200 6286f625-13d9-4966-bb1e-657cc932ab84.jpeg
roseramblesdotorg.files.wordpress.com/2020/05/ 50 KB
50 KB 135ms
43ms Image
image/webp 192.0.72.20
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roseramblesdotorg.files.wordpress.com/2020/05/6286f625-13d9-4966-bb1e-657cc932ab84.jpeg?w=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.20 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 651063e5f65e9d76c2e46d6e2c68b9f803abc9c97ba478712d88ea88c3c8a72c

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 20 np
date: Wed, 27 May 2020 01:19:06 GMT
last-modified: Tue, 26 May 2020 22:51:34 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 50848
expires: Wed, 01 Jul 2020 16:45:27 GMT

GET
H2

200

24ab5c0491e1ef24043c8123b4d8a368.jpg
beforeitsnews.com/contributor/upload/106013/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/106013/images/24ab5c0491e1ef24043c8123b4d8a368.jpg
https://beforeitsnews.com/contributor/upload/106013/images/24ab5c0491e1ef24043c8123b4d8a368.jpg

87 KB
87 KB

23ms
22ms

Image
image/jpeg

2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/106013/images/24ab5c0491e1ef24043c8123b4d8a368.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 254b470512165a32f930306890c0b88279a57ed8b00fa7a6c754d78ac6d0e590

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
cf-cache-status: HIT
age: 5924
cf-polished: origSize=93646, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 88812
cf-request-id: 02f54f418d0000d7213eaba200000001
last-modified: Tue, 26 May 2020 23:39:34 GMT
server: cloudflare
etag: "5ecda8b6-16dce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7e27dc0d721-FRA
expires: Wed, 26 May 2021 23:40:22 GMT

Redirect headers

Date: Wed, 27 May 2020 01:19:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://beforeitsnews.com/contributor/upload/106013/images/24ab5c0491e1ef24043c8123b4d8a368.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 599be7e23a6b1e47-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02f54f416600001e4764116200000001
Expires: Wed, 27 May 2020 02:19:06 GMT

GET
H2 200 spy-1-1.png
bullsonwallstreet.com/wp-content/uploads/2020/05/ 94 KB
94 KB 468ms
156ms Image
image/png 104.154.219.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bullsonwallstreet.com/wp-content/uploads/2020/05/spy-1-1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.219.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 166.219.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e19f50f6997bb2092e9dbc349fb2feeef05d680799b915f432e967838ec50c03

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:07 GMT
last-modified: Tue, 26 May 2020 21:11:51 GMT
server: nginx
status: 200
etag: "5ecd8617-177b8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 96184

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/zL0KjBHdZrY/ 21 KB
21 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/zL0KjBHdZrY/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f38b7a4fa60823edf5ea3d303ef186a2ea925aa4feb1744ce6b5bffa475d52e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:16:24 GMT
x-content-type-options: nosniff
server: sffe
age: 162
etag: "1590520313"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21778
x-xss-protection: 0
expires: Wed, 27 May 2020 01:21:24 GMT

GET
H2 200 no-img.png
beforeitsnews.com/img/v3/ 1 KB
2 KB 24ms
22ms Image
image/webp 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/img/v3/no-img.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
cf-cache-status: HIT
age: 126385
cf-polished: origFmt=png, origSize=1604
status: 200
content-disposition: inline; filename="no-img.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 1298
cf-request-id: 02f54f40b70000d7213eaae200000001
last-modified: Wed, 06 Jun 2018 18:26:21 GMT
server: cloudflare
etag: "5b18274d-644"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7e12bb9d721-FRA
expires: Tue, 25 May 2021 14:12:41 GMT

GET
H2 200 190910-F-FR885-035M.JPG
media.defense.gov/2020/May/26/2002305565/1280/1280/0/ 340 KB
341 KB 75ms
18ms Image
image/jpg 2a02:26f0:64:1a5::221c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.defense.gov/2020/May/26/2002305565/1280/1280/0/190910-F-FR885-035M.JPG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:1a5::221c , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

/ ,

Resource Hash

a5f933e136906a68e2970c9286ac895896b43001e77e0fa52aeafd8da479933b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
x-aspnetmvc-version
server
pw_value: 3ce3af822980b849665e8c5400e1b45b
status: 200
x-powered-by: ,
x-frame-options: SAMEORIGIN
content-type: image/jpg
access-control-allow-origin: *
cache-control: private, no-cache
strict-transport-security: max-age=31536000
x-aspnet-version
content-length: 348208

GET
H/1.1 200
OK ZZZX.jpg
worldufophotosandnews.org/wp-content/uploads/2020/05/ 41 KB
42 KB 264ms
225ms Image
image/jpeg 107.180.25.39
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldufophotosandnews.org/wp-content/uploads/2020/05/ZZZX.jpg
Protocol: HTTP/1.1
Server: 107.180.25.39 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-25-39.ip.secureserver.net
Software: Apache /
Resource Hash: 0eb56abea3c235bd6af78cae18bb0272be0a8591a93e584cab1adce7788e76ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 May 2020 01:19:06 GMT
Last-Modified: Tue, 26 May 2020 23:11:21 GMT
Server: Apache
ETag: "2362e18-a52a-5a69536b73509"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5
Content-Length: 42282

GET
H2 200 Coronavirus-smallpox-George-Washington.jpg
4.bp.blogspot.com/-UnGtIXZoByM/Xs2jaeGZ62I/AAAAAAAAlag/jCh0ss6gPWUwRDoXpkrPQ31OcZcYVwIYACLcBGAsYHQ/s640/ 123 KB
123 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-UnGtIXZoByM/Xs2jaeGZ62I/AAAAAAAAlag/jCh0ss6gPWUwRDoXpkrPQ31OcZcYVwIYACLcBGAsYHQ/s640/Coronavirus-smallpox-George-Washington.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e383f8d7f0ea7ffa22847711917705228f4329ebe4ebe2679b4fc7a82985ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 May 2020 23:19:14 GMT
x-content-type-options: nosniff
age: 7192
status: 200
content-disposition: inline;filename="Coronavirus-smallpox-George-Washington.jpg"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125469
x-xss-protection: 0
server: fife
etag: "v95a9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 27 May 2020 23:19:14 GMT

GET
H2 200 200522-O-ZZ999-2222.JPG
media.defense.gov/2020/May/26/2002305510/825/780/0/ 140 KB
141 KB 83ms
28ms Image
image/jpg 2a02:26f0:64:1a5::221c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.defense.gov/2020/May/26/2002305510/825/780/0/200522-O-ZZ999-2222.JPG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:1a5::221c , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

/ ,

Resource Hash

e8add0eaa961fd997d6ebd1cd805dcc74d9cb205bde7bf1746dbd000ac14d899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
x-aspnetmvc-version
server
pw_value: 3ce3af822980b849665e8c5400e1b45b
status: 200
x-powered-by: ,
x-frame-options: SAMEORIGIN
content-type: image/jpg
access-control-allow-origin: *
cache-control: private, no-cache
strict-transport-security: max-age=31536000
x-aspnet-version
content-length: 143691

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/Piv5zVgmYxo/ 13 KB
13 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Piv5zVgmYxo/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

279c799822e87fbbec7b20a10032e216c65364245b5e80d4de33989bbfec4245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:17:54 GMT
x-content-type-options: nosniff
server: sffe
age: 72
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13130
x-xss-protection: 0
expires: Wed, 27 May 2020 01:22:54 GMT

GET
H2 200 shutterstock_1172822797.jpg
www.catholicnewsagency.com/images/ 31 KB
31 KB 10ms
10ms Image
image/jpg 2606:4700:3032::681b:8b51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.catholicnewsagency.com/images/shutterstock_1172822797.jpg?w=600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.18
Resource Hash: 534bfc30aac9a8079b163471ecfc7562540b05479b5bd48e060a6fe0e1091b42

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 7308
x-powered-by: PHP/7.3.18
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpg
status: 200
cache-control: max-age=16070400
cf-ray: 599be7e2acf2c2a4-FRA
cf-request-id: 02f54f41a70000c2a4702a9200000001
expires: Thu, 25 Jun 2020 23:17:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
714 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald|Scada

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d16d170f8f447a1336dbc0abdc743da0cc3e87eb9f376b2ff7443765ff9c7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 May 2020 01:19:06 GMT
server: ESF
date: Wed, 27 May 2020 01:19:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 May 2020 01:19:06 GMT

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://b1sync.zemanta.com/usersync/revcontent/?puid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DYjNlMmIxYjAyMzVmMWI5MTF...
https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DYjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%253D%26bidder%3D3%26bidder_uid%...
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%3D&bidder=3&bidder_uid=QHhU0ha_u-48PIpR-MP2

35 B
213 B

64ms
64ms

Image
image/gif

52.30.254.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%3D&bidder=3&bidder_uid=QHhU0ha_u-48PIpR-MP2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.254.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-254-55.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 27 May 2020 01:19:07 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 27 May 2020 01:19:07 GMT
P3p: CP="We do not support P3P header."
Location: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%3D&bidder=3&bidder_uid=QHhU0ha_u-48PIpR-MP2
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 175
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DYjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%253D&geo=35&rev_d...
https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6172350106885055460&exchange_uid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%3D&geo=35&rev_dt=1590542346

35 B
214 B

58ms
58ms

Image
image/gif

52.30.254.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6172350106885055460&exchange_uid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%3D&geo=35&rev_dt=1590542346
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.254.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-254-55.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 27 May 2020 01:19:06 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 27 May 2020 01:19:08 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.182:80
AN-X-Request-Uuid: 0fd472fd-d147-4569-9645-07b26b75a6c2
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6172350106885055460&exchange_uid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%3D&geo=35&rev_dt=1590542346
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ 35 B
380 B 290ms
128ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=0b0edea9-c9fe-4b9c-9bcd-a51022f2873f&publisherid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%253D&pushdata=109&secure=1&rev_dt=1590542346
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Wed, 27 May 2020 01:19:06 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM%3D&rev_dt=1590542346
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM=&bidder=154&bidder_uid=d5f2c12c-0276-4b7b-b42c-c292eeea3b12

35 B
215 B

58ms
58ms

Image
image/gif

52.30.254.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM=&bidder=154&bidder_uid=d5f2c12c-0276-4b7b-b42c-c292eeea3b12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.254.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-254-55.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 27 May 2020 01:19:06 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Location: //trends.revcontent.com/cm/pixel_sync?exchange_uid=YjNlMmIxYjAyMzVmMWI5MTFiZTdkMTRhNmY3MzU0OGM=&bidder=154&bidder_uid=d5f2c12c-0276-4b7b-b42c-c292eeea3b12
Date: Wed, 27 May 2020 01:19:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
img.revcontent.com/ 27 KB
27 KB 71ms
42ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/6d9cb985cfcb6e87f461d51cec30c3bd.jpeg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204271
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 37634579002d40f9d4a933aada2adc60194a187be14965c18ca2b39f94302a1d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
last-modified: Mon, 27 Apr 2020 00:35:45 GMT
etag: "1587947745"
x-hw: 1590542346.cds036.pa1.hn,1590542346.cds040.pa1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27441

GET
H2 200 /
img.revcontent.com/ 40 KB
40 KB 42ms
41ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15575637120506635525.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204271
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 67d99a892d612388d937f7ca1232108b426d22bf328612b94ab8b82e69a5b5c0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
last-modified: Sat, 11 May 2019 08:35:13 GMT
etag: "1557563713"
x-hw: 1590542346.cds036.pa1.hn,1590542346.cds034.pa1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 40891

GET
H2 200 /
img.revcontent.com/ 38 KB
38 KB 44ms
43ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/5ec5025bc605b4-93154614.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204271
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c954603e54a1df0520566b48650bbf58b014fd2496f7c0643ce404c1c0469381

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
last-modified: Wed, 20 May 2020 10:11:40 GMT
etag: "1589969500"
x-hw: 1590542346.cds036.pa1.hn,1590542346.cds040.pa1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39206

GET
H2 200 incr_banner_views.php Show response
beforeitsnews.com/core/ajax/counter/ 6 B
98 B 352ms
352ms XHR
text/html 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/counter/incr_banner_views.php?id=344&_=1590542346451

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08f4c495cad481102c68ff2a0cb5b8e0b7c0cf014f0f649854442c972d539e94

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 599be7e15c05d721-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 6
cf-request-id: 02f54f40d50000d7213eab0200000001

GET
H2 200 e086c7ccd2fc04ad96d49807d44e9b1bd8ad8eea.jpeg
beforeitsnews.com/img/i2020/05/ 13 KB
13 KB 22ms
22ms Image
image/jpeg 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/img/i2020/05/e086c7ccd2fc04ad96d49807d44e9b1bd8ad8eea.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd25e0aaef36a81d27b26b8a8bca39422d7b7bd7616faf3a3a38fdfa2f169321

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
cf-cache-status: HIT
age: 1101477
cf-polished: origSize=13679, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 12878
cf-request-id: 02f54f40d50000d7213eab1200000001
last-modified: Tue, 17 Sep 2019 02:46:57 GMT
server: cloudflare
etag: "5d804921-356f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 599be7e15c06d721-FRA
expires: Fri, 14 May 2021 07:21:09 GMT

GET
H2 200 OnVkHa1dV9Q
www.youtube.com/embed/ Frame E7D0 0
0 138ms
138ms Document
text/html 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/OnVkHa1dV9Q?rel=0&autoplay=0&mute=0

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/OnVkHa1dV9Q?rel=0&autoplay=0&mute=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: VISITOR_INFO1_LIVE=nm6K99ZsLT4; YSC=H8DK-vbkYac; GPS=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

status: 200
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
cache-control: no-cache
date: Wed, 27 May 2020 01:19:07 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 FaFmH_pUxbc
www.youtube.com/embed/ Frame 104B 0
0 122ms
121ms Document
text/html 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/FaFmH_pUxbc?rel=0&autoplay=0&mute=0

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/FaFmH_pUxbc?rel=0&autoplay=0&mute=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: VISITOR_INFO1_LIVE=nm6K99ZsLT4; YSC=H8DK-vbkYac; GPS=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

status: 200
cache-control: no-cache
content-type: text/html; charset=utf-8
content-encoding: br
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 GMT
strict-transport-security: max-age=31536000
date: Wed, 27 May 2020 01:19:07 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v31/ 16 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v31/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald|Scada
Origin: https://beforeitsnews.com

Response headers

date: Tue, 19 May 2020 14:21:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 00:19:31 GMT
server: sffe
age: 644286
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16016
x-xss-protection: 0
expires: Wed, 19 May 2021 14:21:00 GMT

GET
H2 200 RLpxK5Pv5qumeVJvzTQ.woff2
fonts.gstatic.com/s/scada/v8/ 15 KB
15 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v8/RLpxK5Pv5qumeVJvzTQ.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbf2525ddd5098014820bbf3ee619124854e25932002c4c64cb6f8b01be2dfdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald|Scada
Origin: https://beforeitsnews.com

Response headers

date: Wed, 20 May 2020 15:54:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:32:17 GMT
server: sffe
age: 552284
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15016
x-xss-protection: 0
expires: Thu, 20 May 2021 15:54:22 GMT

POST
H2 200 imp.php Show response
trends.revcontent.com/ 0
205 B 155ms
55ms XHR
text/html 52.30.254.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/imp.php

Requested by

Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=d7b56a7ea49af5bb6d1ace56c0197178666de1dd&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.254.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-254-55.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
server: Apache/2.4.25 (Debian)
status: 200
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
content-length: 0

POST
H2 200 imp.php Show response
trends.revcontent.com/ 0
205 B 126ms
54ms XHR
text/html 52.30.254.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/imp.php

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.254.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-254-55.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 May 2020 01:19:06 GMT
server: Apache/2.4.25 (Debian)
status: 200
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
content-length: 0

POST
H2 200 count.php Show response
beforeitsnews.com/core/ajax/counter/ 15 B
326 B 492ms
492ms XHR
text/html 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c0e9cc7e0dd8781ef5ae98a83c58466278e29622b0011fe1b9e9c6f5b675a15

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 May 2020 01:19:17 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 599be8232c48d721-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 15
cf-request-id: 02f54f69fc0000d7213e8de200000001

POST
H2 200 count.php Show response
beforeitsnews.com/core/ajax/counter/ 15 B
253 B 552ms
551ms XHR
text/html 2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6e261ddda9d586e5d800cd73453323ccc6f38e4b3663626891e921685fc04ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 May 2020 01:19:32 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 599be880ef09d721-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 15
cf-request-id: 02f54fa4940000d7213eb38200000001

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22IUjj2XDEl%22%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1590542342402%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1590542342466%7D%7D
.beforeitsnews.com/	1970-01-19 09:49:02	Name: _gat_gtag_UA_16055024_1 Value: 1
.beforeitsnews.com/	1970-01-19 09:50:28	Name: _gid Value: GA1.2.598137468.1590542342
beforeitsnews.com/	1970-01-20 09:49:02	Name: b4in-uuid Value: 8733eb80-7cba-4331-b2a7-81eb0c6026fc
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s1
.beforeitsnews.com/	1970-01-20 03:20:14	Name: _ga Value: GA1.2.138285881.1590542342
.beforeitsnews.com/	1970-01-19 10:32:14	Name: __cfduid Value: d5a3d520a46134a06dc975dba709847d21590542340

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://beforeitsnews.com/(Line 463) Message: [Web Cached] Loaded time: 0.00228s
console-api	log	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-498.js(Line 33) Message: Save the new UUID to a cookie what will expire after 1000 days
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204271(Line 9) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20204271(Line 9) Message: [object HTMLImageElement]
console-api	info	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-498.js(Line 39) Message: GodWord: id473 views: 53.2k
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	info	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-498.js(Line 37) Message: AdsDirect: id1814 views: 163.3k
console-api	info	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-498.js(Line 37) Message: AdsDirect: id344 views: 583.4k

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
4.bp.blogspot.com
ad.360yield.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
ams.creativecdn.com
assets.ozy.com
astro3d.org.au
b1sync.zemanta.com
beforeitsnews.com
bidder.criteo.com
blog.norml.org
blogs.ei.columbia.edu
bttrack.com
bullsonwallstreet.com
cdn.mgid.com
cdn.onesignal.com
cdn.revcontent.com
cdn2.lockerdomecdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.qz.com
creativecdn.com
csync.loopme.me
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
i.ytimg.com
ib.adnxs.com
iili.io
img.revcontent.com
img.youtube.com
jsc.mgid.com
justusaknight.files.wordpress.com
lisahaven.news
lockerdome.com
match.adsrvr.org
media.defense.gov
media.eurekalert.org
news.wisc.edu
noliesradio.org
pagead2.googlesyndication.com
prod.perf-serving.com
rddywd.com
roseramblesdotorg.files.wordpress.com
rtb-usw.mfadsrvr.com
rtb.mfadsrvr.com
s-img.mgid.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
servicer.mgid.com
static.criteo.net
stats.g.doubleclick.net
trends.revcontent.com
udata.mixmarket.biz
upload.wikimedia.org
worldufophotosandnews.org
www.ancient-origins.net
www.catholicnewsagency.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.monash.edu
www.mydailyinformer.com
www.naturalnews.com
www.nih.gov
www.tcd.ie
www.youtube.com
x.bidswitch.net
104.111.214.103
104.111.230.142
104.154.142.214
104.154.219.166
104.16.221.74
104.19.135.78
104.196.179.149
107.180.25.39
13.224.95.17
134.226.14.234
144.92.104.43
148.251.129.84
151.139.128.11
151.139.242.29
162.241.253.189
162.241.66.47
172.217.22.2
178.250.0.165
18.184.76.198
18.185.190.97
18.195.112.7
18.195.186.254
185.184.8.30
185.33.220.145
185.64.253.1
192.0.66.2
192.0.72.20
192.0.72.22
192.132.33.46
198.151.217.193
23.105.245.5
23.105.254.60
2406:da00:ff00::22e1:fa6
2606:4700:10::6816:44b5
2606:4700:20::681a:70b
2606:4700:3032::681b:8b51
2606:4700:3034::681f:5aaa
2606:4700:3036::681b:9198
2606:4700:3037::6818:7392
2606:4700:3037::681b:b8f5
2606:4700::6810:8746
2606:4700::6812:e234
2620:0:862:ed1a::2:b
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:809::200a
2a00:1450:4001:815::200a
2a00:1450:4001:815::200e
2a00:1450:4001:817::2016
2a00:1450:4001:819::2001
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:81e::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:821::200e
2a00:1450:400c:c03::9b
2a02:2638::3
2a02:26f0:64:1a5::221c
35.212.212.222
45.55.98.100
51.178.88.195
52.30.254.55
52.51.104.248
70.42.32.31
88.212.252.2
01793dfe25a8daa227696e0d8630591f4b774fcac7f257eba7296f081cb4dbaa
0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f4c495cad481102c68ff2a0cb5b8e0b7c0cf014f0f649854442c972d539e94
0947005165c01cb4a0e2580ac39aaebefb0e4b7ca6e302e2fdc5d81c57155848
0b14c875664ac58f29649a0f9bb7c9d0b76043ef527c1024e07e3e7c8c00689e
0bb8b96e042bc3c298afeeaea201e25da226ab260d6ac4f414c3caa243dc88ab
0eb56abea3c235bd6af78cae18bb0272be0a8591a93e584cab1adce7788e76ae
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
15a54fad51d804e5eb6fdaea8dfc52f097d825f1f2871b7772041cd151b5234e
1af3171ce4736aace01e9a8e8b46d71f7305a64dea7d79d64b357182abf4a07a
1c2c2b4690c9a958a8dbe8af7edde23fa64806c9dce83ea2c8d76425e6eec125
1daf5942a1ab5728aa48a440d5c5f529d6dd730dc45ca8ac72eea3d0721ab02c
1f5c978fc4439701f362797056192f96e35a06d596cbefbc795e5b5bc116aa0d
1f66073b267e1aba31650ab424d4a9518d3a9771fbb4a0d93d6d29ec1785b40c
22213c9f84fd860137ce85a1e9d408b45b324304a92a84a5b584e947cb61c001
23e61f5278ff3d9913f6045b5911c26a8903b742d043a50dcf66f5801d80b713
254b470512165a32f930306890c0b88279a57ed8b00fa7a6c754d78ac6d0e590
25e5d3c9f5010cc59af997f1c28cf2094b84a89eb07e601718ca3a6b0256d210
279c799822e87fbbec7b20a10032e216c65364245b5e80d4de33989bbfec4245
2a09f9c64323543f0ab14ec2ddbf9e16699cccef1a63ef8e5776864c4186365a
2a1252001292c7bcdef687703653ad460f8322f4ae005f44303dce6dba67bb2d
2ac2887278fcc29248207d63c7512d35565f1f0ca207147b8bfe6fbbe9376c87
2affa2bab2778ba92cee78be3c0e8fec7873476ae7ea6feff79f76632dc03fff
2cefd89cfd29a8e4e6bda4ffff7cbae08723d07e5c9038252f146a40469970ed
2ddf9362d8e3c6c67522c79ec06038b26e0147936fdbe05e4c757af6bd2d6111
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3496939c5424f4a2cbe31f2e37c7087b96713bb2e09b49326f59cf0f440bf889
37634579002d40f9d4a933aada2adc60194a187be14965c18ca2b39f94302a1d
3b457a6fddc2c906e6ec9e11be80dd30cdb10ebfd3d285f6bc12bef7bf1a947b
3c0e9cc7e0dd8781ef5ae98a83c58466278e29622b0011fe1b9e9c6f5b675a15
3c42ba7d74a695cdf5445c1ca2fc86c0d01c1d57549b3f97343d59262416653d
3d8e48472133d5b3485065215ad852c136c10968c7db47a378295123fd193ef9
3e383f8d7f0ea7ffa22847711917705228f4329ebe4ebe2679b4fc7a82985ab9
3e59fc6783fd68c4dc17837dc2a93836292da0c1ee58b109bbce2f5d7f7cb6a4
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
467e05d75e04ba9f7494cd9c47d43ead5affcf2180f3b3827b15e6166359fc72
479c7d7ace61d77297ba5ede747ecdb2ae006ad62669f30152704ebcbc5805f9
48470f9be55db95df757424f8d8321af21755799d6f45aa024c09acee7e86356
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
48ef700e24ea6dff094681f4df4b0677b173cae532bfa9718ed96a82ca64e0bc
49c5b496ee6037639fce7310ada6c495d177d44e9feae48329a00b2a83b693e4
4b68581b7c3b75242042926870ea0e7192f0ccb6ec98d8dc57d1207eb35447d5
4babbf6c07aaf79b9ae7d115d5aa780ada198e474d6324f4cef796311b70b49c
4d16d170f8f447a1336dbc0abdc743da0cc3e87eb9f376b2ff7443765ff9c7d6
534bfc30aac9a8079b163471ecfc7562540b05479b5bd48e060a6fe0e1091b42
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
570c24a6c5d591b4c92d467dc859490b940a7cf19c3ea1b0c5172294f8bcfa4b
5a9656fd50c9f4c99877fa5a5e686b4e1872782290edffc8fb0dca288299c331
5ff923f9225d332e89cf4178b520a18c0439164ac26a5d259404cead98a51a23
60206f62503ddeeb12512617d8ef9b9f2e980509d0724c4a973c3ce5301388da
651063e5f65e9d76c2e46d6e2c68b9f803abc9c97ba478712d88ea88c3c8a72c
67c60aa54d9da047e33c4093c86c5310d7e64ff211b129f8771a549440d09997
67d99a892d612388d937f7ca1232108b426d22bf328612b94ab8b82e69a5b5c0
68197b143fed7ab1a81102a4b9a4c2ffabb3e1de8b6fd43ef948ec1dfa6cddd2
684f539952e79ad8c8cf72ee8fbd2b92cf1dcdf129a2b5b7fd8c250fde3b342c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b32117e095af29406bed0730376d636452ea48474e9a5c852d5e68d01dd7c1d
6d18437d420e6277351bce71a805e8790b3e8776f5ae5f5ab5c1bc62f200f36d
70eb547e0adb5b920271ce728d4d37204863d9d517d7c12e526a1c24651290bc
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7aeb8ba6f6e25c0b7429bc7aa177e9d2a0414243faffc1af9f5e28861e55cc9b
7d34caf86a533b4bcde6afe1f81d4eef95c4f1f6b1ee9a9743b5077aab729a72
7e5f44d01cd26b9cedb93c6bbf7eb866df513093e83d975cad63a762d896f6a9
7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6
7f38b7a4fa60823edf5ea3d303ef186a2ea925aa4feb1744ce6b5bffa475d52e
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7fcd1181aba3a48b88d2f0fc9ba21ad0925ebb19e3bc3c5346e4230a217107d0
817723771986ea99bcdbfddfaf5c5c353be806649e09abef86a16392edcc454c
82e208e96aeeb23e8d079055d8e64e7556ae3423e9c1e40638e0f7e632721d43
83bda9776a8cc56c2d9ee484798843d743ed9d92fc1adb24bce4388127cfba71
83d064968ede2a65c5e230c0587c049716b14e2984bd486a96270cfee01b90e0
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
8697969ef8b33eb4718339f5453c4b36a992d047f6740029ef034e24b5750349
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87c5a4c4fe3255cb0d1da6e5d5842e6b230f45fe1718036e45dd53ccf2afbdf9
8acda21a9b2972b2289df5a54df9a536977670438d1503857b1fdcf1567c825b
8f319cb02403a779ed91abe152614d03bda8c440372195b2dfc0ab85c4e149f4
925ebd85df2118c620ed90f5a5965e32089ff1386dc6bfa861b0d0a30d562789
9437b5e2453f87eeadcccf9c466c04badc162b1788bfef561ee3bacd95b6cf28
94595202235b472708a91bd277b9252b452d401c14fb9e4ff60f8a0249fcf589
978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54
98153982e94b70c03603f852e79785065cf7d23f5b0ca73134d56019d17cf608
9a5529955b8d91b692d4c819adecd7d9bc0d5ab45ce50cec2724d0c8f9774f6d
9c97c8822d566ceb8e0a36a1408a8f67f3fc8c63d8a628a4fd60eab047293317
9e1359ca4fe15016b4d3f81a9136505d04d7af11d3f9d434655928b493fcea16
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a5f933e136906a68e2970c9286ac895896b43001e77e0fa52aeafd8da479933b
a9695493f2e4d37e965e10d16ac1a7370f113919673ceef7b65e3c4036f83f10
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa876745548e7151ec664af2426716669b11f45729d63d5b09c461d674e87f15
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
acfcc19a9f6a66c291c2cb15d43fc17776290084d60b3f3cc8185a2e62357a6c
ae5f165184678db0e7e991df1c7a0f0b0fbfd6fff347528f805f34fa2c58a618
b1357113f7b28eb8a5e2da0fe0bca37f40fa0d5d25d9dafa4698d0ceb9c72d78
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b327631fb8f06f5adcd1319c1745011b2e0ea0908bcf538cb0453905679d9435
b4c79501bed8a642208e658948c9ae306a4cc83621eb395826fd8811030fb5c7
b50c596d71c7f46b01107cca4f2f6d0360b20d93c1751dfe6caccaaa43491cce
b52dc73f6af297eb30d83ed390eb71e8d86b94e419a402556a70a1dfe2a0c402
b530d209af909ce4148063865161756b6205d32239b2ca8a35f027424d69948f
b5dea44e1c16e7eed5921b772aed7e80ad78e762c98c4dde3675587a544307ef
b87045c3cdb4880fcfb9e4ea89ee946576c699c1173c949a914ea18129aceda3
b999a7e5830120655ffda525aa8a33fa08937c84ee1a9fe214470d402d16d497
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
bbd51ecae21cbac7ea98638ab58500dba08659f9b2c342be0afe1d27af649f6c
bbf2525ddd5098014820bbf3ee619124854e25932002c4c64cb6f8b01be2dfdd
bd014e150c696545c641e363015167f2e61bf6ba9cd4c1c3a0dc906278910eb7
bd25e0aaef36a81d27b26b8a8bca39422d7b7bd7616faf3a3a38fdfa2f169321
be2cd6230dbe300a4dfe331b16994c7508e46ed578390300062a72ebb8cf3e1a
be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c
bed841b82f6987e8c57abc5d82e2d9cd4b5d51dbd5a0406e58ee23af3a1f6142
c40a9bcfeda42f1d026b4f5d7d2b923f90a74f23c107f50a7c3e5e309f8fcce9
c45b248c31956683f4fa200c392b0554c6e7a4dde29078a69d36ec81264acda4
c7420218a520338d4dfe30654d67fcb15b325605030b85759ff184b07e706b61
c8528e1c68a0c2bde1022646073b2421704efa4cd0aac88772e38ea492b8c283
c8b10640c4e420a6e9c0c11e9b910417d5699ee6ddd7705de53f45c5fe3061ad
c954603e54a1df0520566b48650bbf58b014fd2496f7c0643ce404c1c0469381
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb43623e1da5715f075df96e6c3cc160fedd4ee6416ffc88b529c0a523fa7f4e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d1d71a00ac91cf18dc0c4a0fd4c47515b431402503bede5492fc3078a35a4479
d2b6ded6933a955cf0033cfa29f84052470a067ddcd83ad885905300e98944e9
dae7e47ae639d66946ecef8d33b34baa2a23052ea9bda206a3fc1f6e0e2381bb
dd309dcb21159db2aed0161a4a0664be9e728396acb2f72ed78b294ba9c03ac6
def2d302675ae11b12fc9f1b21e4a1956251f7e488004d9aad8f7e454a982cf0
df4ddc93012be5d9e135af417617dd9cb23baff4fef99689c8eb256cb4dc67e7
dfe14d2e0fc691500d5eea50368d5f71fccfb666e6ca37a696d91c8e9d78fa2f
e19f50f6997bb2092e9dbc349fb2feeef05d680799b915f432e967838ec50c03
e24b0522e0eb9672bfe8f3ecaf02961e2eefb6295436686378655d93b14961f9
e3121b39ad0e8320b5a81978ceed517ed301a33222572b8e729741029172e13f
e35e1a7a1971d15eec9503ff6b16268da7137ece51a3cf4d9430b0cff5b83b88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e622c6a9736aeb9e1c17a8026462f7a88c34a6acf4876bd1aa96321a798bb811
e8add0eaa961fd997d6ebd1cd805dcc74d9cb205bde7bf1746dbd000ac14d899
ebf585c012c07829008431c00fa48cb3bbae3bc1283c530257f7bd24cb023b8b
ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e
eebc8f5c13e25e6ccf4db03329c3b62039f179e594920fae1a2e00fd22f97d01
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc13da28f46f6f522f73c9f43f2b9fad5889f3616874a033cba60264a50810f
f031bb39beace663b3630e3f05ffd37d65060ed77c12e9fdcb16f1bc37493aad
f10b2573f706a94f85ca7cbdd8ec45b921b5f933e683ca5e194fde045a3fc6d5
f1da59d9a16a42d1c9baa37a694a63849ce741e4f0beab61a208f19c2c37c6c4
f6e261ddda9d586e5d800cd73453323ccc6f38e4b3663626891e921685fc04ae
f9ad3f01505f775bd66834222cb32533197fb1991215e2b97674669f6c6a85ba
f9cb970f4e46883a6db0e9e4c8f749dd2774439682c5f7648bf507c5cd52b29a
fe04e3daffebe0c6426877a51a469f452a425f0f18035d9402af3121aadfea3c

beforeitsnews.com Open in urlscan Pro 2606:4700:20::681a:70b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

184 Requests

99 %HTTPS

41 %IPv6

59 Domains

75 Subdomains

53 IPs

10 Countries

9936 kBTransfer

10965 kBSize

7 Cookies

26 Outgoing links

Page URL History

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:20::681a:70b Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

99 %
HTTPS

41 %
IPv6

59
Domains

75
Subdomains

53
IPs

10
Countries

9936 kB
Transfer

10965 kB
Size

7
Cookies

184 HTTP transactions
2 data transactions