beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

URL:
https://beforeitsnews.com/
Submission: On February 03 via api (February 3rd 2021, 1:42:56 am UTC) from US

Summary HTTP 174 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 57 IPs in 9 countries across 53 domains to perform 174 HTTP transactions. The main IP is 2606:4700:10::6816:4b8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2020. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	2606:4700:10:... 2606:4700:10::6816:4b8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.93.113 143.204.93.113	16509 (AMAZON-02) (AMAZON-02)
13	185.59.220.198 185.59.220.198	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
4	104.18.64.15 104.18.64.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::6815:eb9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:303... 2606:4700:3030::6815:4d0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.12.238 104.18.12.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::6815:123e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.217.49.238 52.217.49.238	16509 (AMAZON-02) (AMAZON-02)
1	104.26.3.103 104.26.3.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	13.224.194.104 13.224.194.104	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fe80:101... 2a02:fe80:1010::16	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:b400:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.12.217 151.101.12.217	54113 (FASTLY) (FASTLY)
1	169.59.64.184 169.59.64.184	36351 (SOFTLAYER) (SOFTLAYER)
1	143.204.93.86 143.204.93.86	16509 (AMAZON-02) (AMAZON-02)
4	64.62.227.18 64.62.227.18	6939 (HURRICANE) (HURRICANE)
21	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::ac43:8a23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:2a00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:6400:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.124.48.224 3.124.48.224	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 2	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5 5	35.157.221.90 35.157.221.90	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.171.206 94.23.171.206	16276 (OVH) (OVH)
1 1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	18.200.32.159 18.200.32.159	16509 (AMAZON-02) (AMAZON-02)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	18.208.113.131 18.208.113.131	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
1	45.33.3.7 45.33.3.7	63949 (LINODE-AP...) (LINODE-AP Linode)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::6815:3aa9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:b12e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:493	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4a9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.124.249.6 192.124.249.6	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2606:4700:303... 2606:4700:3036::6815:611	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2a02:26f0:6c0... 2a02:26f0:6c00:297::221c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	192.169.172.158 192.169.172.158	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
174	57

49 2606:4700:10::6816:4b8a (United States)

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.113 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-113.fra50.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.59.220.198 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-198.datapacket.com

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.64.15 (United States)

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:eb9 (United States)

ASN13335 (CLOUDFLARENET, US)

jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

cms.qz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:4d0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.prepperfortress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.238 (United States)

ASN13335 (CLOUDFLARENET, US)

media.mercola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:123e (United States)

ASN13335 (CLOUDFLARENET, US)

lisahaven.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.49.238 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.3.103 (United States)

ASN13335 (CLOUDFLARENET, US)

prepareforchange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.104 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-104.fra2.r.cloudfront.net

cdn.britannica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fe80:1010::16 (United Kingdom)

ASN30148 (SUCURI-SEC, US)

secureservercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:b400:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.59.64.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.40.3ba9.ip4.static.sl-reverse.com

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.86 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-86.fra50.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.62.227.18 (United States)

ASN6939 (HURRICANE, US)
PTR: beforeitsnews.com

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:8a23 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:2a00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6400:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.48.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-48-224.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.212.16 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.221.90 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-221-90.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.171.206 (Czech Republic) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-94-23-171.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.200.32.159 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.113.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-113-131.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.33.3.7 (Dallas, United States)

ASN63949 (LINODE-AP Linode, LLC, US)

herbanomics.postaffiliatepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:3aa9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.catholicnewsagency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:b12e (United States)

ASN13335 (CLOUDFLARENET, US)

www.naturalblaze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:493 (United States)

ASN13335 (CLOUDFLARENET, US)

welovetrump.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a9e (United States)

ASN13335 (CLOUDFLARENET, US)

www.ancient-origins.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.6 (United States)

ASN30148 (SUCURI-SEC, US)

www.nowtheendbegins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:611 (United States)

ASN13335 (CLOUDFLARENET, US)

www.universetoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:297::221c (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

media.defense.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.169.172.158 (Scottsdale, United States)

ASN398101 (GO-DADDY-COM-LLC, US)

www.coronavirusoutbreakmap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	beforeitsnews.com beforeitsnews.com img.beforeitsnews.com ajax.beforeitsnews.com	1 MB
21	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	308 KB
13	bitchute.com static-3.bitchute.com	523 KB
12	youtube.com img.youtube.com www.youtube.com	316 KB
8	googleapis.com fonts.googleapis.com www.googleapis.com translate.googleapis.com	100 KB
5	defense.gov media.defense.gov	960 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	41 KB
4	imgflip.com i.imgflip.com	342 KB
3	google.com www.google.com translate.google.com	3 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	33 KB
2	coronavirusoutbreakmap.com www.coronavirusoutbreakmap.com	658 KB
2	catholicnewsagency.com www.catholicnewsagency.com	52 KB
2	blogspot.com 1.bp.blogspot.com	162 KB
2	lockerdome.com lockerdome.com
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	adsrvr.org 2 redirects match.adsrvr.org	903 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	rddywd.com rddywd.com	1 KB
2	jamesredpillsamerica.com jamesredpillsamerica.com	15 MB
2	tradingview.com s3.tradingview.com s.tradingview.com	11 KB
1	wp.com i0.wp.com	139 KB
1	googleusercontent.com lh3.googleusercontent.com	127 KB
1	universetoday.com www.universetoday.com	103 KB
1	nowtheendbegins.com www.nowtheendbegins.com	154 KB
1	ancient-origins.net www.ancient-origins.net	21 KB
1	welovetrump.com welovetrump.com	28 KB
1	naturalblaze.com www.naturalblaze.com	183 KB
1	postaffiliatepro.com herbanomics.postaffiliatepro.com	1 MB
1	onesignal.com cdn.onesignal.com	3 KB
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	postrelease.com jadserve.postrelease.com	427 B
1	idealmedia.io cm.idealmedia.io	555 B
1	lentainform.com cm.lentainform.com	623 B
1	erne.co 1 redirects green.erne.co	294 B
1	google.de www.google.de	505 B
1	consensu.org c.sharethis.mgr.consensu.org
1	googlesyndication.com pagead2.googlesyndication.com	47 KB
1	rumble.com rumble.com
1	vimeo.com player.vimeo.com
1	googletagmanager.com www.googletagmanager.com	38 KB
1	ytimg.com i.ytimg.com	18 KB
1	secureservercdn.net secureservercdn.net	105 KB
1	britannica.com cdn.britannica.com	43 KB
1	w.org s.w.org	1 KB
1	prepareforchange.net prepareforchange.net	74 KB
1	amazonaws.com s3.amazonaws.com	23 KB
1	lisahaven.news lisahaven.news	279 KB
1	mercola.com media.mercola.com	35 KB
1	prepperfortress.com www.prepperfortress.com	61 KB
1	qz.com cms.qz.com	61 KB
174	53

	Domain	Requested by
25	beforeitsnews.com	beforeitsnews.com
24	img.beforeitsnews.com	beforeitsnews.com
13	static-3.bitchute.com	beforeitsnews.com
11	img.youtube.com	beforeitsnews.com
10	s-img.mgid.com	beforeitsnews.com
6	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc beforeitsnews.com
6	cm.mgid.com	jsc.mgid.com beforeitsnews.com
5	media.defense.gov
5	x.bidswitch.net	5 redirects
4	ajax.beforeitsnews.com	beforeitsnews.com
4	i.imgflip.com	beforeitsnews.com
3	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com
2	www.coronavirusoutbreakmap.com
2	www.catholicnewsagency.com
2	1.bp.blogspot.com
2	www.gstatic.com	translate.googleapis.com
2	lockerdome.com	cdn2.lockerdomecdn.com
2	match.adsrvr.org	2 redirects
2	www.google.com	beforeitsnews.com
2	servicer.mgid.com	jsc.mgid.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	rddywd.com	beforeitsnews.com
2	jsc.mgid.com	beforeitsnews.com
2	jamesredpillsamerica.com	beforeitsnews.com
1	i0.wp.com
1	lh3.googleusercontent.com
1	www.universetoday.com
1	www.nowtheendbegins.com
1	www.ancient-origins.net
1	welovetrump.com
1	www.naturalblaze.com
1	herbanomics.postaffiliatepro.com
1	cdn.onesignal.com	beforeitsnews.com
1	cdn2.lockerdomecdn.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	jadserve.postrelease.com	beforeitsnews.com
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.idealmedia.io	beforeitsnews.com
1	cm.lentainform.com	beforeitsnews.com
1	cm.g.doubleclick.net	1 redirects
1	green.erne.co	1 redirects
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	www.google.de	beforeitsnews.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	l.sharethis.com	platform-api.sharethis.com
1	cdn.mgid.com	beforeitsnews.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	s.tradingview.com	s3.tradingview.com
1	www.youtube.com	beforeitsnews.com
1	rumble.com	beforeitsnews.com
1	player.vimeo.com	beforeitsnews.com
1	platform-api.sharethis.com	beforeitsnews.com
1	www.googletagmanager.com	beforeitsnews.com
1	i.ytimg.com	beforeitsnews.com
1	secureservercdn.net	beforeitsnews.com
1	cdn.britannica.com	beforeitsnews.com
1	s.w.org	beforeitsnews.com
1	prepareforchange.net	beforeitsnews.com
1	s3.amazonaws.com	beforeitsnews.com
1	lisahaven.news	beforeitsnews.com
1	media.mercola.com	beforeitsnews.com
1	www.prepperfortress.com	beforeitsnews.com
1	cms.qz.com	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
174	70

This site contains links to these domains. Also see Links.

Domain
www.herbanomic.com
401c9z7sokw8o71org6pr43wcw.hop.clickbank.net
tinyurl.com
mitocopper.com
69b3d4-ogey4faauklimid7y6d.hop.clickbank.net
6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net
forum.beforeitsnews.com
www.youtube.com
3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net
widgets.mgid.com
brainberries.co
225e505pjo7-s6cf1g5jdswy81.hop.clickbank.net
www.fincabayano.net
polaraidhealth.com
1f441szgnc6zk9ecuo7vmiv-70.hop.clickbank.net
www.braintuner.com
50793w5dgd62df1ilj6fw-3zc1.hop.clickbank.net
telegram.org
t.me
hop.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-15` - `2021-07-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.tradingview.com Amazon	`2020-04-09` - `2021-05-09`	a year	crt.sh
static-3.bitchute.com R3	`2021-01-17` - `2021-04-17`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
cms.qz.com R3	`2020-12-04` - `2021-03-04`	3 months	crt.sh
mercola.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
cdn.britannica.com Amazon	`2020-11-12` - `2021-12-11`	a year	crt.sh
secureservercdn.net Starfield Secure Certificate Authority - G2	`2020-06-26` - `2021-06-26`	a year	crt.sh
edgestatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
vimeo.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-07` - `2021-04-24`	9 months	crt.sh
*.rumble.com DigiCert SHA2 Secure Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
beforeitsnews.com R3	`2021-01-15` - `2021-04-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
cdn2.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2019-03-06` - `2021-05-05`	2 years	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
*.postaffiliatepro.com RapidSSL RSA CA 2018	`2019-09-16` - `2021-09-26`	2 years	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
ancient-origins.net Cloudflare Inc ECC CA-3	`2020-08-27` - `2021-08-27`	a year	crt.sh
nowtheendbegins.com Go Daddy Secure Certificate Authority - G2	`2021-01-24` - `2022-02-23`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
www.defense.gov GeoTrust RSA CA 2018	`2020-06-22` - `2021-09-15`	a year	crt.sh
coronavirusoutbreakmap.com Go Daddy Secure Certificate Authority - G2	`2020-04-21` - `2021-04-21`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: EEBA32289F8FE6E81104C4A2D82A900A
Requests: 159 HTTP requests in this frame

Frame: https://player.vimeo.com/video/507656511
Frame ID: 871C5209D306514C6B141999DE54F483
Requests: 1 HTTP requests in this frame

Frame: https://rumble.com/embed/vavuvf/?pub=ap9pb
Frame ID: 2F8AF559A1A65F4C1504B9DD48A7F433
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/O269cn5aS0A
Frame ID: C3894D88DCD93898897A7668E48F8358
Requests: 1 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: 33DD7D814F4F9664A0FA8A6111B0BB25
Requests: 1 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2021131
Frame ID: 1273831F6B69454FD4AC2115C2AA44DF
Requests: 2 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2021131
Frame ID: 8839FA08A89888F943F75AA909D57514
Requests: 5 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 58B301721D17DD3BB5E7CA9AEBBD0BE2
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1612316549494674976587
Frame ID: 9A565FB77F2CE2878FDB4AEC8F35D4C5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: CC88D7C8443F95297BD47BC34911BD24
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 071CF58CE7747C8B88867F552508A7A1
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: A8B25836F4D439F4B239C649F7D19CA1
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 66F77DBE386059D19E70A800BDDD8385
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 012138A1E9077E111C7A21EDAEFFE669
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

174
Requests

100 %
HTTPS

51 %
IPv6

53
Domains

70
Subdomains

57
IPs

9
Countries

22432 kB
Transfer

23504 kB
Size

11
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomic.com/productdirectory
Title: Shopping

Search URL Search Domain Scan URL

URL: https://401c9z7sokw8o71org6pr43wcw.hop.clickbank.net/?tid=BINRTL11129
Title: NEW Breakthrough Product Helps You To Look and Feel Better GUARANTEED! Must-See Video

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: Tiny Self Defense Tool Drops a 270 Thug In 2 Seconds Flat - Get Yours While Supplies Last

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/hnex-hydronano-extracellular-water/

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/humic-fulvic-liquid-trace-mineral-complex

Search URL Search Domain Scan URL

URL: https://69b3d4-ogey4faauklimid7y6d.hop.clickbank.net/?tid=WATERFS_BIN_EMAIL
Title: ALERT - Try This New Tech and You'll Never Run Out of Clean Drinking Water Again! (VIDEO)

Search URL Search Domain Scan URL

URL: https://6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net/?tid=BINRTL1&s=suggesteda
Title: The Secret To Manifesting Anything You Desire In Life

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net/?tid=BINPTL
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720412

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/6-interesting-bitcoin-facts-you-should-know/

Search URL Search Domain Scan URL

URL: https://225e505pjo7-s6cf1g5jdswy81.hop.clickbank.net/?tid=BINRTL2121220
Title: Discover How To Survive in North America in Case of an Emergency

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxwvh36c

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/
Title:

Search URL Search Domain Scan URL

URL: https://polaraidhealth.com/buy/
Title:

Search URL Search Domain Scan URL

URL: https://1f441szgnc6zk9ecuo7vmiv-70.hop.clickbank.net/?tid=BINRTL1121220
Title: Discover All the Edible and Medicinal Plants in North America in Case of an Emergency

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/10-historical-movies-you-must-watch/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/10-pretty-awesome-shows-that-just-got-cancelled/

Search URL Search Domain Scan URL

URL: https://brainberries.co/people/the-top-10-highest-paid-football-players-in-the-world/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/9-simple-reasons-not-to-vote-for-trump-in-2020/

Search URL Search Domain Scan URL

URL: https://50793w5dgd62df1ilj6fw-3zc1.hop.clickbank.net/?tid=BINRTL21129
Title: Have You Been Struggling With Obesity But Can’t Figure Out Why? You MUST Watch This Now!

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://hop.clickbank.net/?affiliate=5startech&vendor=totalpat&p=clt&tid=BINRTL11221
Title: FREE Invisible Night Vision Cap Light - Just Pay Shipping - Click Here For Details

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 109

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=iuF95lel4RXcgc91BbqgWQNG&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=3ffcc5a7-5ef7-4509-8c28-d8713b4a11c4&gdpr=&gdpr_consent=&us_privacy=

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDEydFRiN0pnM0do&muidn=l12tTb7Jg3Gh HTTP 302
https://cm.mgid.com/google?muidn=l12tTb7Jg3Gh&google_ula={guid},5&google_gid=CAESEBspELXYxjut2NoFtXrhgBc&google_cver=1

Request Chain 112

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=6b66610e-7602-4c1d-8e65-696229d01750&ttl=1614908550

Request Chain 114

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=NNafzwEmyoY1ULSgxM3T&pi=mgid&tc=1

Request Chain 115

https://x.bidswitch.net/sync?dsp_id=303&user_id=l12tTb7Jg3Gh HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l12tTb7Jg3Gh HTTP 302
https://jadserve.postrelease.com/suid/1011?vk=3ffcc5a7-5ef7-4509-8c28-d8713b4a11c4

174 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
beforeitsnews.com/ 117 KB
24 KB 593ms
572ms Document
text/html 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2302fbd28028ed9872fa433b5791ae27ad55a706d41dc45d9621b95f670f3b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: beforeitsnews.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da63eb549667f5ea0e40ab5f6072cb8c71612316548; expires=Fri, 05-Mar-21 01:42:28 GMT; path=/; domain=.beforeitsnews.com; HttpOnly; SameSite=Lax; Secure SERVERID=s3; path=/ __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ43jNXd5gPMh1; SameSite=Lax; path=/; expires=Wed, 03-Feb-21 04:00:28 GMT; HttpOnly
cf-ray: 61b87498fd432bc6-FRA
access-control-allow-origin: *
cache-control: private
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-max-age: 3628800
cf-request-id: 080727339e00002bc6130f4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 17ms
15ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 2637535
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DW2R7TEKEY2K8GBT
x-amz-id-2: sE/VEXxbhMuTCuCQsmC2BptgO/V1s2PsNZ5yq95p3IzbnVwO15xXAM+hmbc4SCny4GEWo4j01Uw=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"165501590067c5189e81c831f77f81ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tjjN.jFT95DY_pkhk6.cTP9tpZK602Ny
cf-request-id: 08072735e400002bc674921000000001
cf-ray: 61b8749c98c32bc6-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
712 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44d7c5c6c074e87f9c72f3d1bb51c534a8fc8171d2ea19aa29075f39e1177635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 01:42:28 GMT
server: ESF
date: Wed, 03 Feb 2021 01:42:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Feb 2021 01:42:28 GMT

GET
H2 200 global-bin-rev-20210122.css
beforeitsnews.com/static/css-v3/ 15 KB
3 KB 34ms
32ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

015e60058339f7e4d8c417f6d11149d2ec03f7a43a902b281be46b9dd806b123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1012859
cf-polished: origSize=15665
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08072735e300002bc637b73000000001
last-modified: Fri, 22 Jan 2021 08:20:09 GMT
server: cloudflare
etag: W/"600a8ab9-3d31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61b8749c98bc2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:29 GMT

GET
H2 200 fancybox-bin-rev-20210122.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 21ms
19ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20210122.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1012859
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08072735e400002bc605af4000000001
last-modified: Fri, 22 Jan 2021 08:20:09 GMT
server: cloudflare
etag: W/"600a8ab9-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61b8749c98c02bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:29 GMT

GET
H2 200 home-bin-rev-20210122.css
beforeitsnews.com/static/css-v3/ 28 KB
6 KB 23ms
21ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20210122.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e5a638fb07ba8200e62d0abebcc5d24fe3c6702d1591b25496a6e3699b1f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1012818
cf-polished: origSize=29022
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08072735e400002bc634065000000001
last-modified: Fri, 22 Jan 2021 08:20:09 GMT
server: cloudflare
etag: W/"600a8ab9-715e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61b8749c98c12bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:22:10 GMT

GET
H2 200 responsive-bin-rev-20210122.css
beforeitsnews.com/static/css-v3/ 20 KB
3 KB 29ms
27ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20210122.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a200701c53c115d1426b0e499872f764a6562e985a39a0796b152b9c31a72ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1012859
cf-polished: origSize=20176
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08072735e400002bc6013fe000000001
last-modified: Fri, 22 Jan 2021 08:20:09 GMT
server: cloudflare
etag: W/"600a8ab9-4ed0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61b8749c98c22bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:29 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
54 KB 38ms
37ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2637511
cf-polished: origSize=149701
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08072735e400002bc616288000000001
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 61b8749c98c42bc6-FRA
expires: Sun, 10 Jan 2021 13:03:57 GMT

GET
H2 200 global-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 19 KB
5 KB 21ms
20ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0e59b33f190619c0a72f134b8a63462def9238acbed251ef993fc84c6e0c54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1012836
cf-polished: origSize=19786
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08072735e500002bc67288f000000001
last-modified: Fri, 22 Jan 2021 08:19:29 GMT
server: cloudflare
etag: W/"600a8a91-4d4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61b8749c98c62bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:52 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 25ms
24ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 715047
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
cf-request-id: 080727361600002bc6031f3000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 25 Jan 2022 19:05:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749ce91e2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 80ms
25ms Script
text/javascript 143.204.93.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6d3b0537a9c46317d65f7511415cca88bc7ba44f64511d13c80302c37926b08

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 11:35:28 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 11:35:21 GMT
server: AmazonS3
age: 50821
etag: "434a3d44a3079aedd890448838582f6c"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 11415
x-amz-cf-id: MIeLlcbfg2ZGGtDcy-N7PHeT1rfvHsG0t2Ro7OrBQ6o73YAWc6OGMw==

GET
H2 200 5Yxr1eTDCqJKoeKbVnClNXmZ_640x360.jpg
static-3.bitchute.com/live/cover_images/rzUd1ovwJXug/ 37 KB
38 KB 92ms
33ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/rzUd1ovwJXug/5Yxr1eTDCqJKoeKbVnClNXmZ_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-198.datapacket.com

Software

BunnyCDN-DE1-723 /

Resource Hash

1560925b7d4f6a008e0c975ae68e14b58311a7ab03f2c09da2487cf8e8d27aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx000000000000007db5efe-0060143b2c-46b98f5-nyc3a
cdn-cachedat: 2021-01-29 17:43:24
cdn-pullzone: 89010
content-length: 38380
last-modified: Fri, 29 Jan 2021 15:31:41 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 098ca01ee0c6982bb9f4f9203bca2f7c
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 maxresdefault%20(3).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 28 KB
28 KB 27ms
18ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/maxresdefault%20(3).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b49807c7a2b975537a8ef4a7a5790369c7ba710e65056187143b6414830c4d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 28541
cf-polished: origSize=29930, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28721
cf-request-id: 080727362a00002bc634069000000001
last-modified: Tue, 02 Feb 2021 17:36:35 GMT
server: cloudflare
etag: "60198da3-74ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 17:46:47 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749d09452bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 4wcpxi.jpg
i.imgflip.com/ 42 KB
42 KB 70ms
25ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/4wcpxi.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856d10b22b78d8dca542577503906fdda7c04a04a8e5f6fbfe677c02ab92810b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cf-cache-status: HIT
age: 42916
cf-polished: origSize=43015
cf-ray: 61b8749d5e0f0bf5-AMS
content-length: 42564
x-amz-id-2: cHMW2gZFN0sFYDhE3QMs4cx+R91SPKHYUlTdeO4oU5u/I+GaiojaqvFu+OrrxVDKJDPpJG/Hjj4=
last-modified: Tue, 02 Feb 2021 13:36:32 GMT
server: cloudflare
etag: "57cae7424b3dd63e8a6c1401b8f3f7ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: A9C53D062F67A1BB
access-control-allow-origin: *
expires: Sat, 01 Feb 2031 01:42:28 GMT
cache-control: public, max-age=315360000
cf-request-id: 080727365500000bf586967000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 A_Capitol_Bldg.jpg
img.beforeitsnews.com/contributor/upload/461640/images/ 43 KB
44 KB 31ms
22ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/461640/images/A_Capitol_Bldg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b276b12bb10237fd6ac51425e7b513d7e294345c367a58093d4b0c9ea7fba30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 363196
cf-polished: origSize=47160, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44528
cf-request-id: 080727362d00002bc63406a000000001
last-modified: Fri, 29 Jan 2021 20:41:26 GMT
server: cloudflare
etag: "601472f6-b838"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 29 Jan 2022 20:49:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749d09472bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 rxKDvPKomHZCesaDf6LeW1jC_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 42 KB
43 KB 109ms
51ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/rxKDvPKomHZCesaDf6LeW1jC_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-198.datapacket.com

Software

BunnyCDN-DE1-723 /

Resource Hash

88a4df55742ae4f4d4b565dd8bc4f975fd75018ea015e38d55abd7961a1f0b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-01-26 13:45:38
cdn-pullzone: 89010
content-length: 43209
x-amz-request-id: tx00000000000001c3068ef-0060100ef2-43b5652-nyc3a
last-modified: Tue, 26 Jan 2021 11:28:15 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 9b7d1c58805a75e163f81f8cfecee293
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 Happy-Sunday.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 45 KB
45 KB 27ms
18ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Happy-Sunday.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce9dac4d65255594816786dd6a3b810bfe4795a5e1780e9f74fb5637d0bf8e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 106669
cf-polished: origSize=46170, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45636
cf-request-id: 080727362a00002bc674925000000001
last-modified: Thu, 21 Jan 2021 16:49:28 GMT
server: cloudflare
etag: "6009b098-b45a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 20:04:39 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749d09482bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/9zQB_WN6LwM/ 25 KB
26 KB 40ms
6ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/9zQB_WN6LwM/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e4c14b015bcbb4940d8cc3fdb99e42b6121e4142f7f9384e3e048cd8395e56e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:05 GMT
x-content-type-options: nosniff
server: sffe
age: 23
etag: "1612300584"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26096
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:47:05 GMT

GET
H2 200 KIDS4SALE.jpg
jamesredpillsamerica.com/images/ 1 MB
1 MB 68ms
18ms Image
image/jpeg 2606:4700:3036::6815:eb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/KIDS4SALE.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:eb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e55f74fbd62d2e12800750904cba9f5b4da47182cc2704dc640652280262d537

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 90403
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 1166639
cf-request-id: 080727365300004a73988d0000000001
last-modified: Mon, 01 Feb 2021 22:42:51 GMT
server: cloudflare
etag: "601883eb-11cd2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4w%2FNn0r6HnoS84hvFALMXhuQypfrRUt0KV5FGHdBhuWNeYujYytIk3MYfEuODdwMUd5VGK8VVh%2F2v110m8ytsCP6EzHiQnOvBz97hC8tCFvMt5BeQnNejq%2BAqcqGTi7fwegiYxQ%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749d593d4a73-FRA
expires: Wed, 02 Feb 2022 00:35:45 GMT

GET
H2 200 FkirHiAoAP2C_640x360.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 33 KB
34 KB 122ms
77ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/FkirHiAoAP2C_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-198.datapacket.com

Software

BunnyCDN-DE1-723 /

Resource Hash

7d7393bc58991db7145271fb67b839bb22ef2b2beb1df7b16a26b7c9738ed693

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx00000000000000a279c49-006019633e-46b98f5-nyc3a
cdn-cachedat: 2021-02-02 15:35:42
cdn-pullzone: 89010
content-length: 34193
last-modified: Tue, 02 Feb 2021 14:15:33 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 242eb69d95cf6b132198ef6445466811
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 A_Target.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 50 KB
50 KB 48ms
42ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/A_Target.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

362926319935a032972f367a62efd55cdbc551ef1f582b24ce9d36650fb4bf2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 24007
cf-polished: origSize=56766, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51087
cf-request-id: 080727364300002bc63180f000000001
last-modified: Tue, 02 Feb 2021 19:00:05 GMT
server: cloudflare
etag: "6019a135-ddbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 19:02:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749d39742bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 116121284_10219196752253256_5453845499370351027_n.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 33 KB
33 KB 29ms
26ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/116121284_10219196752253256_5453845499370351027_n.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71b3acd12be12efc5c40002e994f5c9670fcaf0af0a3a7f189f590d0443f7e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 20997
cf-polished: origSize=33827, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33650
cf-request-id: 080727364400002bc6fdaaa000000001
last-modified: Tue, 02 Feb 2021 19:39:17 GMT
server: cloudflare
etag: "6019aa65-8423"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 19:52:31 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749d39752bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/qLfmTKfqJfk/ 19 KB
19 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/qLfmTKfqJfk/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7c75f49a26f7c06241b4d889071792777c90b927424e6caf778c4b3b76faf6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:38:03 GMT
x-content-type-options: nosniff
server: sffe
age: 265
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18960
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:43:03 GMT

GET
H2 200 BOMB-AWAY.gif
jamesredpillsamerica.com/images/ 14 MB
14 MB 28ms
12ms Image
image/gif 2606:4700:3036::6815:eb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/BOMB-AWAY.gif
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:eb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6efadce41ae376140acf28c0c20ad12dc8f1aedbb605e458bcb59ed9cf2db21e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 118359
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 14290982
cf-request-id: 080727365400004a73b73aa000000001
last-modified: Mon, 01 Feb 2021 04:36:40 GMT
server: cloudflare
etag: "60178558-da1026"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vs0LeVZ4Ft%2BpAcT81b0IDGZiTMoqj5dpN1QvXEObGP%2FHQfns6t685zfttGlMB2q%2B74qHwVLvLoVLhPAcxUrySW8Yz63ek0ZQxAMy60XrlRFFMck%2BkHrTLrwHwE9R0RXKMbrhbKU%3D"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749d593e4a73-FRA
expires: Tue, 01 Feb 2022 16:49:49 GMT

GET
H2 200 trump-executive-order.jpg
cms.qz.com/wp-content/uploads/2017/01/ 61 KB
61 KB 92ms
48ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.qz.com/wp-content/uploads/2017/01/trump-executive-order.jpg?quality=75&strip=all&w=1600&h=900&crop=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: bda4f48aa086eae3051a505a9959cf1ae9fab829a934069bdc146547cf79cc6e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
x-rq: ams5 109 142 443
last-modified: Sun, 31 Jan 2021 17:51:53 GMT
server: nginx
etag: "c58a47d4e0aa7213"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 61954
expires: Mon, 31 Jan 2022 17:51:53 GMT

GET
H2 200 Devils-Chateau-35.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 48 KB
48 KB 22ms
21ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Devils-Chateau-35.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5047ca1d9a3264e4262dc2c89f057cc5bb77e61e9e0e7bccf691db41aed527c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 25024
cf-polished: origSize=51518, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48676
cf-request-id: 080727365e00002bc6569e8000000001
last-modified: Tue, 02 Feb 2021 18:44:49 GMT
server: cloudflare
etag: "60199da1-c93e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 18:45:24 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749d699c2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 leOLEjNji_w_640x360.jpg
static-3.bitchute.com/live/cover_images/pqlCrTAephy6/ 62 KB
62 KB 75ms
74ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/pqlCrTAephy6/leOLEjNji_w_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-198.datapacket.com

Software

BunnyCDN-DE1-723 /

Resource Hash

9b0b2cd5757d6b64053bb76659daed8efcd25c0fa31fa61aac8771e74ff84488

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 2021-02-02 20:38:23
cdn-pullzone: 89010
content-length: 63243
x-amz-request-id: tx000000000000020795b69-006019aa2f-43ba6e0-nyc3a
last-modified: Tue, 02 Feb 2021 19:36:28 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: ebc207add20fca2d8547ad78e9556cb2
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 White_House_Night.jpg
img.beforeitsnews.com/contributor/upload/461640/images/ 58 KB
58 KB 21ms
21ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/461640/images/White_House_Night.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2c25f05092d541c3344cb084648179134e94e3aa3f2b1a3b12c1a3863b776c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 540714
cf-polished: origSize=62169, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59224
cf-request-id: 080727366c00002bc62f3d3000000001
last-modified: Wed, 27 Jan 2021 19:16:36 GMT
server: cloudflare
etag: "6011bc14-f2d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 27 Jan 2022 19:30:34 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749d79b32bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 OIP%20(17).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 7 KB
7 KB 21ms
20ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(17).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21b64d0aa879b4a73d8e6092c861775816475b9ba29c46a77246cfd15697eb23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3393
cf-polished: origSize=7830, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6963
cf-request-id: 080727366c00002bc637295000000001
last-modified: Wed, 03 Feb 2021 00:28:09 GMT
server: cloudflare
etag: "6019ee19-1e96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 00:45:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749d79b12bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 images7.jpg
www.prepperfortress.com/wp-content/uploads/2015/08/ 60 KB
61 KB 50ms
17ms Image
image/jpeg 2606:4700:3030::6815:4d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prepperfortress.com/wp-content/uploads/2015/08/images7.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6485519b3d743cea9e6cad1d62468799b0eb5beb253e4ff8b947e2d626c1f900

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3300
content-length: 61571
cf-request-id: 080727368d00000631c80da000000001
last-modified: Thu, 27 Aug 2015 14:58:28 GMT
server: cloudflare
etag: "f083-51e4c33258d00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bCbOZ5mMNIxC9iExgCxrUPhhj4FMnd2WJOZNR9mH332UrwBqCtCFQIz%2FWBKI6%2F15phN7VKRWlCXFbif%2BhJlMZGajIIeAORP1CUw%2FmPlOZ1Oe6Ndkn1pF3fRaTcvx%2BJSClEXBwg%3D%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61b8749daced0631-FRA

GET
H2 200 PHOjb_OvCc_1.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 31 KB
31 KB 23ms
22ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/PHOjb_OvCc_1.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee50df0c8c092133de69d4a70205f09a9b7e5f6b2d6342dd926dc41535e959

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 117973
cf-polished: origSize=32249, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31817
cf-request-id: 080727366d00002bc648af8000000001
last-modified: Mon, 01 Feb 2021 16:39:38 GMT
server: cloudflare
etag: "60182eca-7df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 16:56:15 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749d79b52bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 zIte2c2GEr8wQeElSUeH9TnG_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 60 KB
60 KB 81ms
80ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/zIte2c2GEr8wQeElSUeH9TnG_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-198.datapacket.com

Software

BunnyCDN-DE1-723 /

Resource Hash

ada575bbeea74f31166efec688e8f9c31a1e4301aef318346d3681f700f72250

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx00000000000001de09938-0060138f60-43b5652-nyc3a
cdn-cachedat: 2021-01-29 05:30:25
cdn-pullzone: 89010
content-length: 61038
last-modified: Fri, 29 Jan 2021 04:22:00 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: ad70b0819f0379b15a414a47c8178e76
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 ending-plague.jpg
media.mercola.com/ImageServer/public/2021/January/ 34 KB
35 KB 418ms
75ms Image
image/jpeg 104.18.12.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.mercola.com/ImageServer/public/2021/January/ending-plague.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.238 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / N/A

Resource Hash

be9f2a565ab87f8116aae70b759f704f1a258e8da5e46825f175fa91a130fc7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:29 GMT
cf-cache-status: HIT
x-aspnet-version: N/A
age: 247258
x-powered-by: N/A
last-modified: Thu, 28 Jan 2021 03:23:59 GMT
strict-transport-security: max-age=31536000
content-length: 35000
cf-request-id: 08072737d000000079dc259000000001
x-aspnetmvc-version: N/A
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "4e4df8425f5d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
cf-polished: origSize=36976, status=webp_bigger
accept-ranges: bytes
cf-ray: 61b8749fbe0a0079-LHR
expires: Wed, 10 Feb 2021 01:42:29 GMT

GET
H2 200 VEEaF980CIEa_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 63 KB
63 KB 100ms
88ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/VEEaF980CIEa_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-198.datapacket.com

Software

BunnyCDN-DE1-723 /

Resource Hash

0cf458494d4a2a7b6f66ce5e51d75403f6b82eec3a1df59df635decb9c2e86dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx00000000000001fe6c499-006018628b-43ba6e0-nyc3a
cdn-cachedat: 2021-02-01 21:20:27
cdn-pullzone: 89010
content-length: 64491
last-modified: Mon, 01 Feb 2021 20:15:12 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 956c35a8e75f4a7a07410f561ab41e26
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 Screen-Shot-2021-02-02-at-8.30.02-AM.png
lisahaven.news/wp-content/uploads/2021/02/ 278 KB
279 KB 61ms
23ms Image
image/png 2606:4700:3031::6815:123e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lisahaven.news/wp-content/uploads/2021/02/Screen-Shot-2021-02-02-at-8.30.02-AM.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3031::6815:123e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebe2d94c93778217d1f322b2d83320daafc8a1e17251686e05dcae3abbfe982

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7069
content-length: 284870
cf-request-id: 080727369800002bc63c8dd000000001
last-modified: Tue, 02 Feb 2021 15:30:32 GMT
server: cloudflare
etag: "458c6-5ba5c26adf3ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1oof3ZfprOkro9RawmavrnfHFZgtPIPBH0raufbTbVIwvKdf2BaN%2BKiVphM7BRiI3AZmW7SLZdFQUdDzlB6uV%2FnHnpYoOahkL3RqRaQn%2BDQqdOayog4Shrw8og%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 61b8749dba032bc6-FRA

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/Rxdxf-zHfU8/ 37 KB
37 KB 47ms
27ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Rxdxf-zHfU8/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95618d0ac377efaa3f06e4584315a42de11d69a86e1eaa00cd0ee23b642bad40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:26:54 GMT
x-content-type-options: nosniff
server: sffe
age: 4534
etag: "1611445449"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37485
x-xss-protection: 0
expires: Wed, 03 Feb 2021 02:26:54 GMT

GET
H2 200 anH2bbvr6AHz_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 44 KB
45 KB 115ms
104ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/anH2bbvr6AHz_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-198.datapacket.com

Software

BunnyCDN-DE1-723 /

Resource Hash

06ad3400043c53b8ae27f28d253c62d635a603a967a810f5c6718fb5b7b2c1f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 2021-02-02 00:54:08
cdn-pullzone: 89010
content-length: 45215
x-amz-request-id: tx000000000000009d0f9f5-00601894a0-46b98f5-nyc3a
last-modified: Mon, 01 Feb 2021 23:46:45 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 21a91f18a6115483e5798ec52827cee3
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 34ms
23ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 713183
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
cf-request-id: 080727367d00002bc6fe9d1000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 25 Jan 2022 19:36:04 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749d99c92bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 4vodgs.jpg
i.imgflip.com/ 104 KB
104 KB 42ms
31ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/4vodgs.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b371fbc2acb6c5c4af29c79140b400e279e48c55c284d30c6757dcd80e797680

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cf-cache-status: HIT
age: 468571
cf-polished: origSize=107072
cf-ray: 61b8749d9e530bf5-AMS
content-length: 106492
x-amz-id-2: QsMjOYRSshwhqJTJBBafdhZVZPC5pUTPp5AsJLJDQVGYzV+La33fQ22hDVYEWAAkTUuWrrZHl7M=
last-modified: Thu, 28 Jan 2021 15:29:54 GMT
server: cloudflare
etag: "2cfd9860b997441217c48681fcf096b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 3B94B6EB4030A119
access-control-allow-origin: *
expires: Sat, 01 Feb 2031 01:42:28 GMT
cache-control: public, max-age=315360000
cf-request-id: 080727368400000bf5b2114000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 A_Eye4.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 48 KB
48 KB 49ms
38ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/A_Eye4.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33612e751c6934579b9ee28cd491269252c1f36544092a23ea3e122e51bd0041

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 76641
cf-polished: origSize=53582, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49028
cf-request-id: 080727367d00002bc631812000000001
last-modified: Tue, 02 Feb 2021 04:03:15 GMT
server: cloudflare
etag: "6018cf03-d14e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 04:25:06 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749d99cb2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/Q-TaODMHBc4/ 43 KB
43 KB 50ms
30ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Q-TaODMHBc4/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15548c0524d17fb40eaf43bad7d941363f058bb411422c1115e8854e9de95a42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:39:22 GMT
x-content-type-options: nosniff
server: sffe
age: 186
etag: "1612231383"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43731
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:44:22 GMT

GET
H/1.1 200
OK 784506bc-90ad-436c-91df-c34ac7068a60
s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/ 23 KB
23 KB 448ms
113ms Image
image/jpeg 52.217.49.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/784506bc-90ad-436c-91df-c34ac7068a60
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.49.238 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdcbbb547e1a129198596d3cdcf178fc7892afc8d3f77093ebf1bfe90a84cbce

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:42:30 GMT
Last-Modified: Mon, 01 Feb 2021 10:21:44 GMT
Server: AmazonS3
x-amz-request-id: FD84202A2AE3243B
ETag: "6897882c9fb68e50b2a59fc1e428770c"
x-amz-meta-optimized: true
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 23195
x-amz-id-2: 4l6eKandE+WauTVmxPkZO9tZVYplh3oE7yFYbxvS5ffCgJD7kP6TtPuOc61OUKKANd9hAV/wJhg=

GET
H2 200 ENtlimRXkAAAKv9-800x445-1.jpg
prepareforchange.net/wp-content/uploads/2020/07/ 74 KB
74 KB 89ms
26ms Image
image/jpeg 104.26.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prepareforchange.net/wp-content/uploads/2020/07/ENtlimRXkAAAKv9-800x445-1.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.103 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

505ea0787e5fe2cf8f8b3286c7a61448bc151ef12283fcb1b5855a3e796d0494

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 85181
cf-polished: origSize=75624, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 75325
cf-request-id: 08072736c90000c76d8c2e8000000001
last-modified: Sun, 12 Jul 2020 03:56:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mYjEkdnMS8M0ADS7HZ1%2FkfZUMYq%2BMPBpaj81HzgVmgBgA7GPmUxzuTT8%2B%2FODCna%2Fo7JhdwMtfytZks3PP9kqovd5M6hxwTBbs9NWKyjyhBrqp5Muig%3D%3D"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 61b8749e0d50c76d-AMS
expires: Thu, 04 Mar 2021 02:02:47 GMT

GET
H2 200 robert-david-steele(1)(3).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 43 KB
43 KB 30ms
29ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/robert-david-steele(1)(3).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45d852414d84ba0e64f59d55287d44d956fbde7e03859559ad80c85daa2408bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 33291
cf-polished: origSize=45566, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43785
cf-request-id: 080727369500002bc601004000000001
last-modified: Wed, 11 Nov 2020 23:53:14 GMT
server: cloudflare
etag: "5fac796a-b1fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 16:27:37 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749db9ff2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 1f6a8.png
s.w.org/images/core/emoji/13.0.1/72x72/ 940 B
1 KB 55ms
17ms Image
image/png 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.1/72x72/1f6a8.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

6e07380db23f60b5c28611eb12f99476fb037300142ebbbdf38e2254a4dedbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Wed, 03 Feb 2021 01:42:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 16:13:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 940
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ACz1SiuxlILp_640x360.jpg
static-3.bitchute.com/live/cover_images/sJFDQtjzuuwx/ 33 KB
33 KB 57ms
53ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/sJFDQtjzuuwx/ACz1SiuxlILp_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-198.datapacket.com

Software

BunnyCDN-DE1-723 /

Resource Hash

d2e9fa436600eeae4783f245b7a7cc00ff6f50aed37fa1780cf828a3f07b0e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx000000000000020a358cb-006019c462-43b55da-nyc3a
cdn-cachedat: 2021-02-02 22:30:10
cdn-pullzone: 89010
content-length: 33768
last-modified: Tue, 02 Feb 2021 21:28:00 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 4ea87a48d28481dbfe79bb6e1fe4c7f2
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 Kq3I1amXbS3fuz7rwfiEKSvC_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 35 KB
35 KB 58ms
54ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/Kq3I1amXbS3fuz7rwfiEKSvC_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-198.datapacket.com

Software

BunnyCDN-DE1-723 /

Resource Hash

86bcb054100098a36e015a8417af04857ac0b41f4328e14964879da533116b1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx00000000000001ed18bbd-006015f258-43ba6e0-nyc3a
cdn-cachedat: 2021-01-31 00:57:12
cdn-pullzone: 89010
content-length: 35467
last-modified: Sat, 30 Jan 2021 23:34:07 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: d17f63913c0c1236301cf1d56613f2ad
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 David_Icke.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 22 KB
23 KB 17ms
16ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/David_Icke.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

768f13786a164c07fcdaa08330ca77736f6ab047df53109a013408521adff987

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 605333
cf-polished: origSize=24549, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22859
cf-request-id: 08072736ba00002bc644025000000001
last-modified: Sun, 01 Apr 2018 01:21:09 GMT
server: cloudflare
etag: "5ac03405-5fe5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 27 Jan 2022 01:33:35 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749dfa352bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 no-img.png
img.beforeitsnews.com/img/v3/ 1 KB
1 KB 23ms
22ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/no-img.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 537837
cf-polished: origFmt=png, origSize=1604
content-disposition: inline; filename="no-img.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1298
cf-request-id: 08072736bf00002bc66f0be000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-644"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 27 Jan 2022 20:18:31 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749dfa3a2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 9BaPeuZvTzr0_640x360.jpg
static-3.bitchute.com/live/cover_images/LOYMztbzr221/ 14 KB
14 KB 47ms
46ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/LOYMztbzr221/9BaPeuZvTzr0_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-198.datapacket.com

Software

BunnyCDN-DE1-723 /

Resource Hash

fef7f94394869e0d65ca5bf9d7199420d195c8ce1010038502dd072359ade759

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx00000000000001518e7f6-0060010495-43b55da-nyc3a
cdn-cachedat: 2021-01-15 03:57:25
cdn-pullzone: 89010
content-length: 13838
last-modified: Tue, 12 Jan 2021 00:47:05 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 6cd3478ba7029ceaa5d89e0182d4d473
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 entrance-internment-facility-Camp-Delta-Cuba-Guantanamo.jpg
cdn.britannica.com/s:700x500/49/115949-050-F7350357/ 42 KB
43 KB 129ms
63ms Image
image/jpeg 13.224.194.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.britannica.com/s:700x500/49/115949-050-F7350357/entrance-internment-facility-Camp-Delta-Cuba-Guantanamo.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-104.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ff694d2c859f7b0bdeefd72e29dc903a8ebfa6b2092927c5e04cdda12fdb337

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 08:52:18 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
last-modified: Tue, 10 Dec 2019 23:05:10 GMT
server: AmazonS3
age: 6108611
etag: "65eaa4f531482592da92d9bfe0e0941c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
content-length: 43324
x-amz-cf-id: 2D4HunFN11XwMAOUJ7eXtjOhIPmtH4ybvgVcb4TqHybU4hxdcNhFlg==

GET
H2 200 hqdefault(287).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 14 KB
15 KB 16ms
16ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/hqdefault(287).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc978d7cff4041a0b65fec9630e7ae4ac16a140c47930c46406dfba20d32f690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 189618
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14766
cf-request-id: 08072736cc00002bc67193a000000001
last-modified: Fri, 14 Aug 2020 20:18:17 GMT
server: cloudflare
etag: "5f36f189-39ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 31 Jan 2022 21:02:10 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749e1a492bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 trump-crosshairs.png
secureservercdn.net/50.62.88.172/ogs.08d.myftpupload.com/wp-content/uploads/2021/01/ 105 KB
105 KB 45ms
8ms Image
image/png 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.88.172/ogs.08d.myftpupload.com/wp-content/uploads/2021/01/trump-crosshairs.png?time=1612041939

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

244d38a9b5430fad05284ad97daf5ef5c25e38c6ca89d89a994dc5c0fc9166e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 21612
x-cache: cached
x-sucuri-cache: HIT
content-length: 107101
x-xss-protection: 1; mode=block
last-modified: Sat, 30 Jan 2021 21:25:15 GMT
server: nginx
date: Wed, 03 Feb 2021 01:42:28 GMT
strict-transport-security: max-age=300
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "1a25d-5ba24c1bac7e2"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7S6M0DX5hGFV_640x360.jpg
static-3.bitchute.com/live/cover_images/1uDxpDogKMs9/ 23 KB
23 KB 35ms
33ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/1uDxpDogKMs9/7S6M0DX5hGFV_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-198.datapacket.com

Software

BunnyCDN-DE1-723 /

Resource Hash

33635398eefcc793cd01e22b2bc4cbc81e2ffb11040e5d0adcd8cf3e73aa2c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-02-01 16:40:48
cdn-pullzone: 89010
content-length: 23316
x-amz-request-id: tx00000000000001fe2cc75-0060182100-43b55da-nyc3a
last-modified: Mon, 01 Feb 2021 15:13:11 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 7835bed6b27e78cf64dd46a94e1dde7e
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/vx4y5ssyS4g/ 15 KB
15 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/vx4y5ssyS4g/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb5e040d7ee074da5efbf036df02664d305d8ad860d72d2fcc436ecb332ff907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:25:04 GMT
x-content-type-options: nosniff
server: sffe
age: 1044
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15343
x-xss-protection: 0
expires: Wed, 03 Feb 2021 03:25:04 GMT

GET
H2 200 4w49fg.jpg
i.imgflip.com/ 95 KB
95 KB 30ms
29ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/4w49fg.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98173d17112b2cc3b483ebf3e9fb49d77c65160644eb3f24504e442b21d4223f

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cf-cache-status: HIT
age: 194534
cf-polished: origSize=98203
cf-ray: 61b8749e2ef20bf5-AMS
content-length: 97162
x-amz-id-2: 1f12UZhzS7vz9gY2+zTTVpMUH+/3bGxPPi2qBH4OQCDWwywVwLz5ZEK15mo3Xl5IN1y/9JydwNE=
last-modified: Sun, 31 Jan 2021 19:35:21 GMT
server: cloudflare
etag: "42d0492909e8732b04fe4e3aa90c15fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 45898C8D9AE12F59
access-control-allow-origin: *
expires: Sat, 01 Feb 2031 01:42:28 GMT
cache-control: public, max-age=315360000
cf-request-id: 08072736d700000bf5b31a6000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 4w03zm.jpg
i.imgflip.com/ 100 KB
100 KB 43ms
41ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/4w03zm.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38cd50eeb399768e0cb1b8faa017ac441b6f895429eb20f843d868c10f680a39

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cf-cache-status: HIT
age: 284032
cf-polished: origSize=103233
cf-ray: 61b8749e2ef40bf5-AMS
content-length: 102419
x-amz-id-2: OjjwplFFvPeLu8nKu7EjGIoXEUL3f3zOE0Y+0MUl5yiGfGjfZJs+Hqav3riD/xvYNGxJvh/cuT4=
last-modified: Sat, 30 Jan 2021 18:43:27 GMT
server: cloudflare
etag: "00a91d9004402050ab62b4f5a249b664"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 7F5E3F5CFED88D96
access-control-allow-origin: *
expires: Sat, 01 Feb 2031 01:42:28 GMT
cache-control: public, max-age=315360000
cf-request-id: 08072736d600000bf57abc0000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/r4LlGwTcLnU/ 46 KB
46 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/r4LlGwTcLnU/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d615b21ab0411601331c4fafce146759ad99178d33f5a5d9c40f121c3aaf8999

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:26:06 GMT
x-content-type-options: nosniff
server: sffe
age: 982
etag: "1611888598"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46882
x-xss-protection: 0
expires: Wed, 03 Feb 2021 03:26:06 GMT

GET
H2 200 Rf7cb47cead5ca6c718a1b472d5edf07f.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 28 KB
28 KB 18ms
18ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Rf7cb47cead5ca6c718a1b472d5edf07f.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127b29685dc9d533568dd34d5d58f1fd322a850c1d8e71d9ab32a35c78d12161

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 121581
cf-polished: origSize=30209, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28737
cf-request-id: 08072736d600002bc6521aa000000001
last-modified: Mon, 01 Feb 2021 15:36:19 GMT
server: cloudflare
etag: "60181ff3-7601"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 15:56:07 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749e2a582bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 A_JailCell.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 59 KB
59 KB 30ms
22ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/A_JailCell.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1022019395c8ba5831ef367bec12d9c0c837362a95b32cab0e2db67dc3c9a5ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 892038
cf-polished: origSize=64137, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60571
cf-request-id: 08072736f300002bc6291eb000000001
last-modified: Wed, 02 Dec 2020 05:16:43 GMT
server: cloudflare
etag: "5fc7233b-fa89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 23 Jan 2022 17:55:10 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749e4a772bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Screen%20Shot%202021-01-31%20at%2012_02_01%20AM.jpg
img.beforeitsnews.com/contributor/upload/724569/images/ 25 KB
26 KB 25ms
19ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202021-01-31%20at%2012_02_01%20AM.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0f2a47c0d7b69a2c6cec08295022cd0302884d2e527a6ef3daa0c19c7b8ddec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 270830
cf-polished: origSize=33186, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25971
cf-request-id: 08072736f100002bc6360bc000000001
last-modified: Sat, 30 Jan 2021 22:18:00 GMT
server: cloudflare
etag: "6015db18-81a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 30 Jan 2022 22:28:38 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749e4a792bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
262 B 40ms
39ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 716463
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
cf-request-id: 080727368a00002bc60a35c000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 25 Jan 2022 18:41:25 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749da9e92bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/uV1cMSlrcfE/ 17 KB
18 KB 52ms
21ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/uV1cMSlrcfE/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0efd9616a4b3008bd4f9d259a71fc533a70cf30c64e02d8e90e127a2d2e29231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17589
x-xss-protection: 0
expires: Wed, 03 Feb 2021 03:42:28 GMT

GET
H2 200 scientist_reveals_real.jpg
img.beforeitsnews.com/img/banner2020/ 45 KB
46 KB 40ms
39ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/scientist_reveals_real.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 532642
cf-polished: origFmt=jpeg, origSize=55516
content-disposition: inline; filename="scientist_reveals_real.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46020
cf-request-id: 080727368a00002bc618a96000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-d8dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 27 Jan 2022 21:45:06 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749da9e62bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 emigrate2.jpeg
img.beforeitsnews.com/img/banner2020/ 55 KB
55 KB 22ms
18ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/emigrate2.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1995531
cf-polished: origSize=56198, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55905
cf-request-id: 08072736f200002bc605b02000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-db86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749e4a7a2bc6-FRA
expires: Mon, 10 Jan 2022 23:23:37 GMT

GET
H2 200 polaraidhealth.jpeg
img.beforeitsnews.com/img/banner2020/ 45 KB
45 KB 16ms
15ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/polaraidhealth.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1995531
cf-polished: origSize=46655, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46365
cf-request-id: 080727370000002bc62f3da000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-b63f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749e6a8f2bc6-FRA
expires: Mon, 10 Jan 2022 23:23:37 GMT

GET
H2 200 BCX_Rife350x290.jpg
img.beforeitsnews.com/img/banner2020/ 36 KB
36 KB 22ms
17ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/BCX_Rife350x290.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1995528
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36512
cf-request-id: 080727370b00002bc60798f000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61b8749e7a9b2bc6-FRA
expires: Mon, 10 Jan 2022 23:23:40 GMT

GET
H2 200 tabs-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 148 B
615 B 23ms
23ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1012835
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 080727360600002bc6360af000000001
last-modified: Fri, 22 Jan 2021 08:19:32 GMT
server: cloudflare
etag: W/"600a8a94-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61b8749cd90c2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 65ms
43ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ddb279c37828ac17aafcd02acdf38d9ee46acfa09c5712c2fbaab6584705fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38886
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 00:06:10 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Feb 2021 01:42:28 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 65ms
44ms Script
text/javascript 2600:9000:2156:b400:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b400:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f83ff9514472cede101a00834940703c776c30b7d93cf91beda8d11e0fdbafa3

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:39:47 GMT
content-encoding: gzip
age: 161
etag: W/"19378-o3uxcSmChkWwXb85dUFdIvoyRFw"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9vB_tbip3ThGfxV_BhLWvd7F9fYcWRgwZRwdlqb-GVNxANJoDoOiUQ==

GET
H2 200 Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 24ms
21ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 2637535
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BS7S1H3H1K4GBQ7P
x-amz-id-2: QjApP71jKYVGRAdkz9Q9P6OqBxHUujj3Ssfx891KJE0sEVGRFVTs3J5cx2ZDaBvfdzUqDnivfaM=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"93a3e7d84b15a0c8a8a9e4e6c8779aaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 3R09nKFA1fkBWMCXCpPvkqre3wT0snqV
cf-request-id: 080727362a00002bc6031f4000000001
cf-ray: 61b8749d09492bc6-FRA

GET
H2 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
307 B 23ms
21ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 536743
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
cf-request-id: 080727362a00002bc624bff000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 27 Jan 2022 20:36:45 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61b8749d094a2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 search.png
beforeitsnews.com/img/b4in/ 686 B
957 B 25ms
24ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 535895
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
cf-request-id: 080727362b00002bc63180d000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 27 Jan 2022 20:50:53 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61b8749d194b2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v36/ 13 KB
13 KB 7ms
6ms Font
font/woff 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 01:10:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:33:06 GMT
server: sffe
age: 347508
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13064
x-xss-protection: 0
expires: Sun, 30 Jan 2022 01:10:40 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2
fonts.gstatic.com/s/scada/v9/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 09:42:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:15:51 GMT
server: sffe
age: 489609
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9028
x-xss-protection: 0
expires: Fri, 28 Jan 2022 09:42:19 GMT

GET
H/1.1 200
OK 507656511
player.vimeo.com/video/ Frame 871C 0
0 270ms
214ms Document
text/html 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/507656511

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

Connection: keep-alive
Content-Length: 11961
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Wed, 03 Feb 2021 01:43:13 GMT
Via: 1.1 varnish, 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-a-5
X-Vimeo-DC: ge
Accept-Ranges: bytes
Date: Wed, 03 Feb 2021 01:42:28 GMT
Age: 0
X-Served-By: cache-fra19149-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1612316549.738180,VS0,VE191
Vary: Accept-Encoding
X-Player-Backend: p

GET
H2 200 /
rumble.com/embed/vavuvf/ Frame 2F8A 0
0 400ms
122ms Document
text/html 169.59.64.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/vavuvf/?pub=ap9pb

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.40.3ba9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

:method: GET
:authority: rumble.com
:scheme: https
:path: /embed/vavuvf/?pub=ap9pb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

server: nginx
date: Wed, 03 Feb 2021 01:42:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://rumble.com/vdi11t-more-attacks-on-the-second-amendment...-the-market...-your-liberty-when-wil.html>; rel="canonical"
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 O269cn5aS0A
www.youtube.com/embed/ Frame C389 0
0 106ms
103ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/O269cn5aS0A

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/O269cn5aS0A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: br
content-length: 21758
cache-control: no-cache
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 GMT
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Wed, 03 Feb 2021 01:42:28 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=gumMhXmy0co; path=/; domain=.youtube.com; secure; expires=Mon, 02-Aug-2021 01:42:28 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=gumMhXmy0co; path=/; domain=.youtube.com; secure; expires=Mon, 02-Aug-2021 01:42:28 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Wed, 03-Feb-2021 02:12:28 GMT YSC=SjZO5X6bWfA; path=/; domain=.youtube.com; secure; httponly; samesite=None CONSENT=PENDING+599; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 53ms
50ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2637513
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
cf-request-id: 080727367d00002bc6122b6000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61b8749d99cd2bc6-FRA
expires: Mon, 03 Jan 2022 13:03:55 GMT

GET
H2 200 /
s.tradingview.com/embed-widget/ticker-tape/ Frame 33DD 0
0 84ms
23ms Document
text/html 143.204.93.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.86 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-86.fra50.r.cloudfront.net

Software

tv /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: s.tradingview.com
:scheme: https
:path: /embed-widget/ticker-tape/?locale=en
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
date: Wed, 03 Feb 2021 01:40:08 GMT
expires: Wed, 03 Feb 2021 02:40:08 GMT
cache-control: max-age=3600
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Cookie
x-cache: Hit from cloudfront
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: IQ5BxDKtfzF6uK1Sw7i1TNGBwtGGXOiUAgEG4ro67EoKd_d5x0knWg==
age: 140

GET
H/1.1 200
OK incr_views.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/ 8 B
635 B 479ms
160ms XHR
text/html 64.62.227.18
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/incr_views.php?id=62&_=1612316548757

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.18 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

beforeitsnews.com

Software

nginx/1.12.2 /

Resource Hash

b233d768686d7fa50983a593a0970fcb5dbcb01e026357e0a853b61341797007

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:42:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame 1273 239 KB
66 KB 106ms
32ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2021131
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62d2b8d827407d16f0c4ea40b02e663f97552c466527c69c17ae9fcc17c91f6e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 7121
cf-polished: origSize=244941
last-modified: Wed, 20 Jan 2021 08:28:03 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 39FA48C8606075BF
x-amz-id-2: Kf1sLFOeDBN+Ab8GqjBz1+bJaccj/D7U5RcgKDMyXlK4Z46cfbZ49h+tnKkX7KFuwu62gEaqrFg=
cf-bgj: minify
server: cloudflare
etag: W/"9e16758cd856f9923398b7d6f884bcab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 080727375f00004c3e16059000000001
cf-ray: 61b8749ef8f54c3e-AMS
expires: Wed, 03 Feb 2021 04:42:28 GMT

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame 8839 238 KB
65 KB 173ms
103ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2021131
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06f926e3af6282927cbd9206122c2860cc2c7ca80f53bd52db02202dcb174ecd

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 3790
cf-polished: origSize=243558
last-modified: Wed, 20 Jan 2021 08:36:21 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B1862DFF68B6309E
x-amz-id-2: sB9ww6GKuzNeoZZxrzx0824spUU7rdoxu3yLwvg3tLQ5bSm60o5fpCyv7U4maWOp8f43e1UgKuI=
cf-bgj: minify
server: cloudflare
etag: W/"860dfbd0f8cdf79c71d833d0dfdb82d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 080727375f00004c3e569e6000000001
cf-ray: 61b8749ef8f64c3e-AMS
expires: Wed, 03 Feb 2021 04:42:28 GMT

GET
H2 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
42 KB 23ms
22ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2637513
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
cf-request-id: 08072736a200002bc6599a7000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61b8749dda142bc6-FRA
expires: Mon, 03 Jan 2022 13:03:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 146ms
84ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bc69d10fb34b45d5325071130fa0fb2b1a7062160a8f5a34753e5bb90459218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47617
x-xss-protection: 0
server: cafe
etag: 7166616678842563878
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Feb 2021 01:42:28 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
628 B 91ms
60ms Script
application/javascript 2606:4700:3035::ac43:8a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3354
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YdBj4hWJ4XwXPz5AKJ5N5qKbQx0ebFdcSdVuSNEpUvDHZbinoGHEH2VqjczdGOupaY6rPWwSbGEktFbugfGatmU0pXZ7Mp1bkPqKGu0zLahQ2jSBbblm"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 61b8749f1d654a79-FRA
content-length: 9
cf-request-id: 080727377100004a797b017000000001

GET
H2 200 adcode.png
rddywd.com/ 43 B
685 B 92ms
62ms Image
image/gif 2606:4700:3035::ac43:8a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 55567
content-length: 43
cf-request-id: 08072737710000d6b9c2904000000001
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bMOax5icRgfxUIORddCeBzX3fmVmCAVlH%2BAA8yzUjxOBC%2Bm37QaGBfp6TDCeUS%2FFCf5HH7sNO%2FyTfqkV1B5DdU31zNr7KGMEE2M5TlszU7t7MDV6B7GW"}],"max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 61b8749f1b1bd6b9-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
182 B 25ms
6ms Image
text/plain 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
2 KB 22ms
22ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 540310
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
cf-request-id: 08072736c300002bc65c151000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 27 Jan 2022 19:37:18 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61b8749e0a3f2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

POST
H/1.1 200
OK count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
619 B 495ms
189ms XHR
text/html 64.62.227.18
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.18 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

beforeitsnews.com

Software

nginx/1.12.2 /

Resource Hash

2c7da73517c44c3561d66212f526c139277fdb881ea93bf6eaebb1ba0fee4f57

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 03 Feb 2021 01:42:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 5f2c559be7229f0012f31c92.js Show response
buttons-config.sharethis.com/js/ 1 KB
869 B 82ms
8ms Script
text/javascript 2600:9000:20eb:2a00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5f2c559be7229f0012f31c92.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2a00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:22 GMT
content-encoding: gzip
etag: W/"321dc6041bb0ea183e662f402b588149"
last-modified: Thu, 06 Aug 2020 20:50:47 GMT
server: AmazonS3
age: 8
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
cache-control: public, max-age=60
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: soeihGvpQJ5szZZzjA6EVRiBobx_74cTauuk3olr3KFkSBbS0j023w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1706
date: Wed, 03 Feb 2021 01:14:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 03 Feb 2021 03:14:03 GMT

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 58B3 0
0 24ms
6ms Document
text/html 2600:9000:2156:6400:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Wed, 03 Feb 2021 00:43:54 GMT
cache-control: max-age=3600, public
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 2kalCIk5tszzEwcSEt3BuXkNFqr_js3SFpSkv-e2iYqxD8WjlyaSNA==
age: 3515

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 79ms
24ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 3024
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DCB403D7254D6E85
x-amz-id-2: Cnwert1GiENoysUfBDXPF2oxBVB7KvQCrQPePrf/gjyjLKV6G2s01OhrGpZe00vVtwDUBpnt1yc=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 080727388100004c3e308ca000000001
cf-ray: 61b874a0cba44c3e-AMS

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 100ms
86ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 17:21:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 116467
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Tue, 01 Feb 2022 17:21:22 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
339 B 147ms
24ms XHR
text/plain 3.124.48.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=beforeitsnews.com&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fbeforeitsnews.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Before%20It%27s%20News%20%7C%20People%20Powered%20News&cms=unknown&publisher=5f2c559be7229f0012f31c92&embeds_csv=https%3A%2F%2Fplayer.vimeo.com%2Fvideo%2F507656511%2Chttps%3A%2F%2Fwww.youtube.com%2Fembed%2FO269cn5aS0A&sop=true&bsamesite=true&consent_cookie_duration=321&consent_duration=321&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Before%20It%27s%20News%C2%AE%20is%20a%20community%20of%20individuals%20who%20report%20on%20what%27s%20going%20on%20around%20them%2C%20from%20all%20around%20the%20world.%20You%20can%20join%20to%20Contribute%20News%20and%20Comments.
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.48.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-48-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:42:29 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://beforeitsnews.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 1 Show response
servicer.mgid.com/720412/ 1 KB
1 KB 74ms
73ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?w=370&h=332&cols=1&pv=5&cbuster=1612316549361121854429&uniqId=03bc3&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=1&pvid=177658e20f18ba202eb&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2021131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5eead752d460fcd93ef3ab17e9dbf2b0dc0ff32536640d64012077ed9834cce

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b874a19cf94c3e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08072738fc00004c3e83244000000001

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
104 B 63ms
63ms XHR
text/plain 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1623074233&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1730017376&gjid=1068790384&cid=167087196.1612316549&tid=UA-16055024-1&_gid=899354887.1612316549&_r=1&gtm=2ou1k0&z=1027733825

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 81ms
15ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-16055024-1&cid=167087196.1612316549&jid=1730017376&gjid=1068790384&_gid=899354887.1612316549&_u=IEBAAUAAAAAAAC~&z=1668695927

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Feb 2021 01:42:29 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
672 B 384ms
376ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1612316549490389707006
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2021131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 996277c095c599bd4f3be801fc1fcc9a12d1662bfdec10ef23f06b89a2770810

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 43e05fe9-05fe-4dfc-b30b-dd884895f8c3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b874a26e354c3e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 080727398500004c3e1f1ad000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 9A56 19 B
396 B 77ms
73ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1612316549494674976587
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2021131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 63434775-10a4-4e01-8b43-ee7cddc446c7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b874a26e334c3e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 080727398500004c3e6abdd000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp
s-img.mgid.com/g/3859212/492x328/0x0x1001x667/ 33 KB
33 KB 41ms
40ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3859212/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp?v=1612316549-VI7GU5P75Wfdw7ANCPtozm6xiixf5KSgHIEJ_NJWIiY
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c1fe535f45c0f4851a9df546d55e3d7f2186147a61983ed0fd3f7899479b95

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: fd9bbf1e-aa40-49fe-b879-8488b2b188d3
age: 7597717
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33544
cf-request-id: 080727398500004c3e859e5000000001
last-modified: Mon, 05 Oct 2020 11:15:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b874a26e364c3e-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp
s-img.mgid.com/g/3859212/492x328/0x0x1001x667/ Frame 1273 33 KB
33 KB 26ms
25ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3859212/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp?v=1612316549-VI7GU5P75Wfdw7ANCPtozm6xiixf5KSgHIEJ_NJWIiY
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c1fe535f45c0f4851a9df546d55e3d7f2186147a61983ed0fd3f7899479b95

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: fd9bbf1e-aa40-49fe-b879-8488b2b188d3
age: 7597717
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33544
cf-request-id: 080727398500004c3e1896a000000001
last-modified: Mon, 05 Oct 2020 11:15:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b874a26e374c3e-AMS

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 3 KB
1 KB 334ms
332ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=370&h=1094&cols=1&pv=5&cbuster=1612316549539284795641&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=0&pvid=177658e21a38bce4cb0&implVersion=10&dpr=1&muid=l12tTb7Jg3Gh
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2021131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 526ec720e1fa15906b7d15832e6276d51a521a3170c245fab7bb9f894133c6e1

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b874a2be8b4c3e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08072739b000004c3e1896c000000001

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 63ms
34ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-16055024-1&cid=167087196.1612316549&jid=1730017376&_u=IEBAAUAAAAAAAC~&z=1913340253

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 68ms
17ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-16055024-1&cid=167087196.1612316549&jid=1730017376&_u=IEBAAUAAAAAAAC~&z=1913340253

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame CC88
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

67ms
22ms

Document
text/html

184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1612316549490389707006
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Wed, 03 Feb 2021 01:42:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Wed, 03 Feb 2021 01:42:29 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=iuF95lel4RXcgc91BbqgWQNG&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=3ffcc5a7-5ef7-4509-8c28-d8713b4a11c4&gdpr=&gdpr_consent=&us_privacy=

43 B
307 B

69ms
69ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=3ffcc5a7-5ef7-4509-8c28-d8713b4a11c4&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:30 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4ed35aac-3859-4368-9a45-a4c677dcee6a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b874a61b3b4c3e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0807273bd400004c3e1b93d000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=3ffcc5a7-5ef7-4509-8c28-d8713b4a11c4&gdpr=&gdpr_consent=&us_privacy=
date: Wed, 03 Feb 2021 01:42:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDEydFRiN0pnM0do&muidn=l12tTb7Jg3Gh
https://cm.mgid.com/google?muidn=l12tTb7Jg3Gh&google_ula={guid},5&google_gid=CAESEBspELXYxjut2NoFtXrhgBc&google_cver=1

0
111 B

66ms
66ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l12tTb7Jg3Gh&google_ula={guid},5&google_gid=CAESEBspELXYxjut2NoFtXrhgBc&google_cver=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b874a55a274c3e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0807273b5200004c3e43a66000000001

Redirect headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l12tTb7Jg3Gh&google_ula={guid},5&google_gid=CAESEBspELXYxjut2NoFtXrhgBc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
623 B 106ms
66ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l12tTb7Jg3Gh
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 61b874a50fe04c26-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0807273b2700004c268d027000000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=6b66610e-7602-4c1d-8e65-696229d01750&ttl=1614908550

43 B
410 B

70ms
70ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=6b66610e-7602-4c1d-8e65-696229d01750&ttl=1614908550
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:30 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: e193763c-2c6a-432a-b797-7afd77d7f124
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b874a60b1a4c3e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0807273bc500004c3e1609a000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:30 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=6b66610e-7602-4c1d-8e65-696229d01750&ttl=1614908550
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
555 B 106ms
63ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l12tTb7Jg3Gh
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 61b874a50a86d8f9-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 0807273b2a0000d8f974015000000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=NNafzwEmyoY1ULSgxM3T&pi=mgid&tc=1

43 B
547 B

70ms
69ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=NNafzwEmyoY1ULSgxM3T&pi=mgid&tc=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:30 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 1b22c467-53bf-4eea-a408-b7a91c3128a1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b874a53a064c3e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0807273b4500004c3e2ea7f000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=NNafzwEmyoY1ULSgxM3T&pi=mgid&tc=1
pragma: no-cache
date: Wed, 03 Feb 2021 01:42:29 GMT, Wed, 03 Feb 2021 01:42:29 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

1011
jadserve.postrelease.com/suid/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l12tTb7Jg3Gh
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l12tTb7Jg3Gh
https://jadserve.postrelease.com/suid/1011?vk=3ffcc5a7-5ef7-4509-8c28-d8713b4a11c4

43 B
427 B

301ms
100ms

Image
image/gif

18.208.113.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1011?vk=3ffcc5a7-5ef7-4509-8c28-d8713b4a11c4
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.113.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-113-131.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:30 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

location: //jadserve.postrelease.com/suid/1011?vk=3ffcc5a7-5ef7-4509-8c28-d8713b4a11c4
date: Wed, 03 Feb 2021 01:42:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q4Njc0NWM4NWRmYzQ5NWY0YmViMTk0YmVjNzExOTNmLmpwZWc.webp
s-img.mgid.com/g/3835479/492x277/0x30x1338x892/ 18 KB
18 KB 21ms
20ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3835479/492x277/0x30x1338x892/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q4Njc0NWM4NWRmYzQ5NWY0YmViMTk0YmVjNzExOTNmLmpwZWc.webp?v=1612316549-1PSqwnxGH_BFF4WlMSGn7lrUY6AvRwpSJrAXnR1IAkU
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5a20f38b2648821b4b3752f387ec7d32f49cfc46efdc92a4d603781d6f876a7

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: f48814d8-adf6-4d71-9c45-0ee5a66710c0
age: 7853519
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18002
cf-request-id: 0807273b0c00004c3e1b930000000001
last-modified: Mon, 05 Oct 2020 12:08:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b874a4e95a4c3e-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0Lzc3YjhmMzZiOGM2YWIwMjRhNzk0YzFmMzE3Y2JkMWY0LmpwZz90PTE0OTc5ODUwMDEyMDQ.webp
s-img.mgid.com/g/3805490/492x277/0x0x783x522/ 8 KB
9 KB 22ms
21ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805490/492x277/0x0x783x522/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0Lzc3YjhmMzZiOGM2YWIwMjRhNzk0YzFmMzE3Y2JkMWY0LmpwZz90PTE0OTc5ODUwMDEyMDQ.webp?v=1612316549-K7LKVN0mKNF531wjB3zsydIGgqVZoClBQhC_jdpANEk
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52990ffe56ffde7523f99ec1d8b9f751bce3c861fd1062cb4788f6cd18f969c1

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: 65aa0edb-aae5-48b3-a843-b6d450cc9ce7
age: 1978650
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8528
cf-request-id: 0807273b0c00004c3e152a0000000001
last-modified: Mon, 05 Oct 2020 11:44:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b874a4e95b4c3e-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2MyNDc3MTBkOGI5MjA2ZDQxMzNkNjUxMmE1ZTM0YjY2LmpwZz90PTE0OTc5ODQzNTM0MTg.webp
s-img.mgid.com/g/3805483/492x277/56x0x595x396/ 18 KB
18 KB 24ms
22ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805483/492x277/56x0x595x396/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2MyNDc3MTBkOGI5MjA2ZDQxMzNkNjUxMmE1ZTM0YjY2LmpwZz90PTE0OTc5ODQzNTM0MTg.webp?v=1612316549-BR9SATJvH8hwssKJGCVc_VVeylrWP_zJ7GCUps-1FIo
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c85261a3d0f88a2561feaf5047a2f439c7ba73a0650566b7de7c853934e221

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: 3d371ad1-8819-4ddd-aa2e-7605d99d9592
age: 7350803
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18264
cf-request-id: 0807273b0c00004c3e3c2f3000000001
last-modified: Mon, 05 Oct 2020 11:29:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b874a4e95c4c3e-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2VmNjc3ZmFjNTNjYTk5MzAwMTI2NTM4OTIyYzkwN2ZlLmpwZWc.webp
s-img.mgid.com/g/8052382/492x277/0x31x564x376/ 8 KB
9 KB 22ms
20ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8052382/492x277/0x31x564x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2VmNjc3ZmFjNTNjYTk5MzAwMTI2NTM4OTIyYzkwN2ZlLmpwZWc.webp?v=1612316549-T4P6LvmMwOEQ9C3vzeIF62Yk0Yj4Gxz51IrQyPUToOk
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2be19fae137ad28213988386e7fc91d3eb703417f934d49d7fae999a724beca8

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: dc662256-66d4-4cc0-b3fc-ec69b8ab30ee
age: 557106
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8684
cf-request-id: 0807273b2300004c3e64137000000001
last-modified: Wed, 27 Jan 2021 14:55:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b874a509984c3e-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q4Njc0NWM4NWRmYzQ5NWY0YmViMTk0YmVjNzExOTNmLmpwZWc.webp
s-img.mgid.com/g/3835479/492x277/0x30x1338x892/ Frame 8839 18 KB
18 KB 23ms
21ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3835479/492x277/0x30x1338x892/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q4Njc0NWM4NWRmYzQ5NWY0YmViMTk0YmVjNzExOTNmLmpwZWc.webp?v=1612316549-1PSqwnxGH_BFF4WlMSGn7lrUY6AvRwpSJrAXnR1IAkU
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5a20f38b2648821b4b3752f387ec7d32f49cfc46efdc92a4d603781d6f876a7

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: f48814d8-adf6-4d71-9c45-0ee5a66710c0
age: 7853519
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18002
cf-request-id: 0807273b2300004c3e18041000000001
last-modified: Mon, 05 Oct 2020 12:08:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b874a5099b4c3e-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0Lzc3YjhmMzZiOGM2YWIwMjRhNzk0YzFmMzE3Y2JkMWY0LmpwZz90PTE0OTc5ODUwMDEyMDQ.webp
s-img.mgid.com/g/3805490/492x277/0x0x783x522/ Frame 8839 8 KB
8 KB 22ms
21ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805490/492x277/0x0x783x522/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0Lzc3YjhmMzZiOGM2YWIwMjRhNzk0YzFmMzE3Y2JkMWY0LmpwZz90PTE0OTc5ODUwMDEyMDQ.webp?v=1612316549-K7LKVN0mKNF531wjB3zsydIGgqVZoClBQhC_jdpANEk
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52990ffe56ffde7523f99ec1d8b9f751bce3c861fd1062cb4788f6cd18f969c1

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: 65aa0edb-aae5-48b3-a843-b6d450cc9ce7
age: 1978650
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8528
cf-request-id: 0807273b2400004c3e7fbd2000000001
last-modified: Mon, 05 Oct 2020 11:44:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b874a5099f4c3e-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2MyNDc3MTBkOGI5MjA2ZDQxMzNkNjUxMmE1ZTM0YjY2LmpwZz90PTE0OTc5ODQzNTM0MTg.webp
s-img.mgid.com/g/3805483/492x277/56x0x595x396/ Frame 8839 18 KB
18 KB 21ms
21ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805483/492x277/56x0x595x396/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2MyNDc3MTBkOGI5MjA2ZDQxMzNkNjUxMmE1ZTM0YjY2LmpwZz90PTE0OTc5ODQzNTM0MTg.webp?v=1612316549-BR9SATJvH8hwssKJGCVc_VVeylrWP_zJ7GCUps-1FIo
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c85261a3d0f88a2561feaf5047a2f439c7ba73a0650566b7de7c853934e221

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: 3d371ad1-8819-4ddd-aa2e-7605d99d9592
age: 7350803
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18264
cf-request-id: 0807273b3900004c3e308f3000000001
last-modified: Mon, 05 Oct 2020 11:29:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b874a529ea4c3e-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2VmNjc3ZmFjNTNjYTk5MzAwMTI2NTM4OTIyYzkwN2ZlLmpwZWc.webp
s-img.mgid.com/g/8052382/492x277/0x31x564x376/ Frame 8839 8 KB
9 KB 21ms
20ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8052382/492x277/0x31x564x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2VmNjc3ZmFjNTNjYTk5MzAwMTI2NTM4OTIyYzkwN2ZlLmpwZWc.webp?v=1612316549-T4P6LvmMwOEQ9C3vzeIF62Yk0Yj4Gxz51IrQyPUToOk
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2be19fae137ad28213988386e7fc91d3eb703417f934d49d7fae999a724beca8

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: dc662256-66d4-4cc0-b3fc-ec69b8ab30ee
age: 557106
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8684
cf-request-id: 0807273b3a00004c3e7fbd4000000001
last-modified: Wed, 27 Jan 2021 14:55:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b874a529f04c3e-AMS

GET
H2 200 jsDynamic-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 18ms
16ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33935025719f5668bfab105458c9ce15c77fc676813cf0bb7ddc29a2c59c3df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1012836
cf-polished: origSize=6552
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0807273c8600002bc6079cc000000001
last-modified: Fri, 22 Jan 2021 08:19:31 GMT
server: cloudflare
etag: W/"600a8a93-1998"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61b874a73b8b2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:54 GMT

GET
H2 200 responsive-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
827 B 19ms
17ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1012836
cf-polished: origSize=1728
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0807273c8700002bc64a143000000001
last-modified: Fri, 22 Jan 2021 08:19:32 GMT
server: cloudflare
etag: W/"600a8a94-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61b874a73b8c2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:54 GMT

GET
H2 200 validate-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 20ms
19ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1012836
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0807273c8700002bc62eb07000000001
last-modified: Fri, 22 Jan 2021 08:19:33 GMT
server: cloudflare
etag: W/"600a8a95-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61b874a73b8d2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:54 GMT

GET
H2 200 loadmore-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
2 KB 19ms
18ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1012836
cf-polished: origSize=14745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0807273c8700002bc66915e000000001
last-modified: Fri, 22 Jan 2021 08:19:31 GMT
server: cloudflare
etag: W/"600a8a93-3999"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61b874a73b8e2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:54 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

4a47a1c684c7fb4963f5d13d9150efa68b10ae3b149c5600197572c4079fea67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1875
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 66ms
16ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20210122.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 19:30:06 GMT
server: nginx
etag: W/"5364-1612294206560"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com

GET
H/1.1 200
OK get_banners_direct.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_banners/ 2 KB
1 KB 153ms
152ms XHR
text/html 64.62.227.18
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_banners/get_banners_direct.php?type=on_regular_page&_=1612316550311

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.18 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

beforeitsnews.com

Software

nginx/1.12.2 /

Resource Hash

39f4bfdc3078b2b40939f2f6b65d2dfad47eac224ec676b75b7815e6a1762589

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:42:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 64ms
46ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1534
etag: W/"f35a2111ffcc2dc2fded1fe3c98a7bee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 61b874a79809beb5-FRA
cf-request-id: 0807273cbc0000beb59b2c5000000001
expires: Wed, 03 Feb 2021 13:42:30 GMT

GET
H/1.1 200
OK get_items_to_show.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/ 59 KB
6 KB 364ms
364ms XHR
text/html 64.62.227.18
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/get_items_to_show.php?_=1612316550312

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.18 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

beforeitsnews.com

Software

nginx/1.12.2 /

Resource Hash

67431083aca09706fe1051aee8b2da9fb98401c956dcbf60e356ae54f17842f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:42:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 get-most-recent-stories-list.php Show response
beforeitsnews.com/v3/recent/ 17 KB
4 KB 548ms
547ms XHR
text/html 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/v3/recent/get-most-recent-stories-list.php?_=1612316550313

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe6170c0f58373c5a4a0f4b82bac4b887163d57a4a50d2d74db5d69a357fc0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0807273cab00002bc62f018000000001
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 61b874a77bc82bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 27ms
7ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1748
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 03 Feb 2021 02:13:22 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 737
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2029
x-xss-protection: 0
last-modified: Thu, 03 Dec 2020 22:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 03 Feb 2021 02:30:13 GMT

GET
H3-Q050 200 element_main.js Show response
translate.googleapis.com/element/TE_20201130_00/e/js/element/ 243 KB
87 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 19:13:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23333
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88693
x-xss-protection: 0
last-modified: Mon, 30 Nov 2020 10:52:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 19:13:37 GMT

GET
H/1.1 200
OK 10864438442185062
lockerdome.com/lad/ Frame 071C 0
0 465ms
118ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Wed, 03 Feb 2021 01:42:30 GMT

GET
H/1.1 200
OK 10864440455450982
lockerdome.com/lad/ Frame A8B2 0
0 464ms
120ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Wed, 03 Feb 2021 01:42:30 GMT

GET
H3-Q050 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 34ms
21ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 19:29:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 22384
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Wed, 02 Feb 2022 19:29:26 GMT

GET
H3-Q050 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 66F7 18 KB
4 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1748
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 03 Feb 2021 02:13:22 GMT

GET
H3-Q050 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
1 KB 31ms
20ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 14:03:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 41940
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Wed, 02 Feb 2022 14:03:30 GMT

GET
H3-Q050 200 cleardot.gif
www.google.com/images/ 43 B
124 B 14ms
13ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:42:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 l Show response
translate.googleapis.com/translate_a/ Frame 0121 3 KB
1 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ErhFWATzvLXvohUodR3/9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-ErhFWATzvLXvohUodR3/9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Wed, 03 Feb 2021 01:42:30 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 39d06cdb7aae54703e7f5324f8b35cba63665f4f.jpg
beforeitsnews.com/img/i2021/02/ 35 KB
35 KB 30ms
28ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/39d06cdb7aae54703e7f5324f8b35cba63665f4f.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85c96975ada9e742e0c39ae4514eca0002dd691af8bc9985b520075448eb3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 160922
cf-polished: origSize=68837, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35768
cf-request-id: 0807273d5c00002bc618ae0000000001
last-modified: Fri, 22 Jan 2021 17:44:15 GMT
server: cloudflare
etag: "600b0eef-10ce5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 05:00:28 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61b874a88cd12bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 454bd7e1.jpg
herbanomics.postaffiliatepro.com/accounts/default1/g75hwob/ 1 MB
1 MB 535ms
250ms Image
image/jpeg 45.33.3.7
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://herbanomics.postaffiliatepro.com/accounts/default1/g75hwob/454bd7e1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.33.3.7 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: a855d275afd3638c7d7d62e6b27285a2534fc64d07529fc20e4ff4ca15fba21b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
via: 1.1 varnish (2.lb-app.pap.linode-us-tx)
x-srv: 3
age: 14
vary: Accept-Encoding
x-varnish: 407586525 408129560
cache-control: max-age=15, public
accept-ranges: bytes
content-type: image/jpeg
content-length: 1141682
server: nginx
expires: Wed, 03 Feb 2021 01:42:31 GMT

GET
H2 200 cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg
beforeitsnews.com/img/i2021/02/ 15 KB
15 KB 29ms
28ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9878dd957f48d334a326be363d7eefe2eb9a79f2d7d34763e44598e42e18cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 160815
cf-polished: origSize=16737, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15536
cf-request-id: 0807273d5a00002bc671987000000001
last-modified: Fri, 16 Aug 2019 22:57:14 GMT
server: cloudflare
etag: "5d5734ca-4161"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 05:02:15 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61b874a88cd52bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 7ms
6ms Image
image/gif 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 09:21:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 490871
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
expires: Fri, 28 Jan 2022 09:21:19 GMT

GET
H2 200 ACz1SiuxlILp_640x360.jpg
static-3.bitchute.com/live/cover_images/sJFDQtjzuuwx/ 33 KB
33 KB 22ms
15ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/sJFDQtjzuuwx/ACz1SiuxlILp_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-198.datapacket.com

Software

BunnyCDN-DE1-723 /

Resource Hash

d2e9fa436600eeae4783f245b7a7cc00ff6f50aed37fa1780cf828a3f07b0e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx000000000000020a358cb-006019c462-43b55da-nyc3a
cdn-cachedat: 2021-02-02 22:30:10
cdn-pullzone: 89010
content-length: 33768
last-modified: Tue, 02 Feb 2021 21:28:00 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 66df1a1cd44ca34e297048203ec85d8e
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/9zQB_WN6LwM/ 25 KB
26 KB 13ms
6ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/9zQB_WN6LwM/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e4c14b015bcbb4940d8cc3fdb99e42b6121e4142f7f9384e3e048cd8395e56e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:05 GMT
x-content-type-options: nosniff
server: sffe
age: 25
etag: "1612300584"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26096
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:47:05 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/qLfmTKfqJfk/ 19 KB
19 KB 14ms
6ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/qLfmTKfqJfk/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7c75f49a26f7c06241b4d889071792777c90b927424e6caf778c4b3b76faf6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:38:03 GMT
x-content-type-options: nosniff
server: sffe
age: 267
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18960
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:43:03 GMT

GET
H2 200 bar1.png
1.bp.blogspot.com/-8RYPp_mWAkA/YBiG5ZUtzEI/AAAAAAAAGKw/0iddsChIRKAno3sgATFjNxJQZHzXn3y_QCLcBGAsYHQ/w348-h192/ 89 KB
89 KB 15ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-8RYPp_mWAkA/YBiG5ZUtzEI/AAAAAAAAGKw/0iddsChIRKAno3sgATFjNxJQZHzXn3y_QCLcBGAsYHQ/w348-h192/bar1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3127824125cb1531ae608bc9fd38ac15503cfb57acf0feffa9842778c23df215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:30:13 GMT
x-content-type-options: nosniff
age: 737
content-disposition: inline;filename="bar1.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91089
x-xss-protection: 0
server: fife
etag: "v18ad"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 04 Feb 2021 01:30:13 GMT

GET
H2 200 The%20Goyim%20Know.jpg
beforeitsnews.com/contributor/upload/724569/images/ 42 KB
43 KB 27ms
19ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/The%20Goyim%20Know.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cb4029771ffe1464f3fb6e54728d1638e829ec2d8fa56a739f5fb5f7021697e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 459
cf-polished: origSize=44736, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42867
cf-request-id: 0807273eda00002bc6162e8000000001
last-modified: Fri, 12 Jun 2020 18:45:30 GMT
server: cloudflare
etag: "5ee3cd4a-aec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 01:34:51 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61b874aaff0f2bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Samantha_Power_vasilis_asvestas_Shutterstock.jpg
www.catholicnewsagency.com/images/ 19 KB
20 KB 46ms
13ms Image
image/jpg 2606:4700:3036::6815:3aa9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.catholicnewsagency.com/images/Samantha_Power_vasilis_asvestas_Shutterstock.jpg?w=600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3aa9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.14
Resource Hash: a4b9574fef14454860c3c8a8014056f06be97652a80222c03ad8e7b85e7ac0a5

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 452
x-powered-by: PHP/7.4.14
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wBPaaAQnwI91ZSTNrcAn6BqSokQQ2chdkR7KqpKX736QhiJAvUiX%2Bvsbgy8yefrkjUe5ETP4JHvUFMyEp59N6joadC7SDfylgpKzy1YgbDL%2FBK54t6eWAaoZTdx7gXtfijqvIGwzDg%3D%3D"}],"group":"cf-nel"}
content-type: image/jpg
cache-control: max-age=16070400
cf-ray: 61b874ab1a944a8c-FRA
cf-request-id: 0807273ef300004a8ceeb97000000001
expires: Fri, 05 Mar 2021 01:34:58 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/26hVaUWV1Dg/ 35 KB
35 KB 14ms
7ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/26hVaUWV1Dg/hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7adef6f215fe120a18bfd5fde6a18059050ef29d3276e9fc799cda9323bc1a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:24 GMT
x-content-type-options: nosniff
server: sffe
age: 6
etag: "1612300453"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35399
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:47:24 GMT

GET
H2 200 earth-homes-tt-1024x712.jpg
www.naturalblaze.com/wp-content/uploads/2021/02/ 182 KB
183 KB 44ms
12ms Image
image/jpeg 2606:4700:3035::ac43:b12e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.naturalblaze.com/wp-content/uploads/2021/02/earth-homes-tt-1024x712.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b12e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d71be5827a35193b364c8edb88286627a2abd74e5cb5753d99326f503b46f35

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 926
content-length: 186867
cf-request-id: 0807273ef3000006056c039000000001
last-modified: Wed, 03 Feb 2021 00:44:38 GMT
server: cloudflare
etag: "6019f1f6-2d9f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MC7oKGUFrgMAbTy4VYf%2B6WTvn%2Fs64yW71PvJMtjKyu5yHr8BDEAsJfIgZvL%2FmAOZXI9%2Bj8i%2Bt4VJc5MxKx2biYkRxnRrnQ%2BtgtNf%2BhW0TD0qhzzme3kjKsiclninfeskHQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 61b874ab19160605-FRA

GET
H2 200 Mollie-Hemmingway.jpg
welovetrump.com/wp-content/uploads/2021/02/ 27 KB
28 KB 50ms
27ms Image
image/jpeg 2606:4700:20::681a:493
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://welovetrump.com/wp-content/uploads/2021/02/Mollie-Hemmingway.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:493 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 528ce03a2bef841d2680e31a534b35f8599a515247a5d5139fc16a09cd522f42

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 25439
cf-polished: degrade=85, origSize=32606
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27657
cf-request-id: 0807273eed0000bee2ba132000000001
last-modified: Tue, 02 Feb 2021 18:23:26 GMT
server: cloudflare
etag: "6019989e-7f5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FntAUSAlw3JLIGVNLiyg9hz4P1R5UreqH9rwZeSCchGxk%2BscdCXXJfVs5NS8%2B3v1jPPbdXc8jvt9l6KeqT7VOfahV1ijknFXUl3v1KQwo%2BGZ5HPH7m2GUVJa9rs%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 61b874ab1c5ebee2-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 vDpzGzLIPsUJ_640x360.jpg
static-3.bitchute.com/live/cover_images/ZofFQQoDoqYT/ 38 KB
39 KB 28ms
22ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/ZofFQQoDoqYT/vDpzGzLIPsUJ_640x360.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-198.datapacket.com

Software

BunnyCDN-DE1-723 /

Resource Hash

d4440bf21471c818418323f0ce28be9f0bb5684814631683d948f2d5c69676f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx00000000000002090c8e2-006019e885-43ba6e0-nyc3a
cdn-cachedat: 2021-02-03 01:04:21
cdn-pullzone: 89010
content-length: 39286
last-modified: Wed, 03 Feb 2021 00:03:02 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 91a6b6f5ff223193f98079ce148a1dd8
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 Harsha.jpg
www.ancient-origins.net/sites/default/files/styles/large/public/field/image/ 20 KB
21 KB 36ms
12ms Image
image/jpeg 2606:4700:20::ac43:4a9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ancient-origins.net/sites/default/files/styles/large/public/field/image/Harsha.jpg?itok=mjZjDqcD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea83be286683fb13d1423f5902085c452e204031dc90c9f379e2098145a48cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2714
cf-polished: origSize=21191
cf-bgj: imgq:85,h2pri
content-length: 20244
cf-request-id: 0807273eeb0000dfeff6230000000001
last-modified: Wed, 03 Feb 2021 00:54:09 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qNHiJJ1x4rO9DSeZbch8%2B9HjnXEeCk3HkMHgGy8MnS2d8tWiNN9bD3j%2B89uB4t0oQzMJ90RQB7oSjaEB7EDSSusT1v7vwjakC03DBDVkfK1jgXq4jQJweqvk1M1PO8CRxisgXA%3D%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 61b874ab19c4dfef-FRA
expires: Fri, 05 Mar 2021 00:57:15 GMT

GET
H2 200 now-the-end-begins-street-preaching-gospel-grace-god-tracts-nteb.jpg
www.nowtheendbegins.com/wp-content/uploads/2019/07/ 154 KB
154 KB 63ms
15ms Image
image/jpeg 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nowtheendbegins.com/wp-content/uploads/2019/07/now-the-end-begins-street-preaching-gospel-grace-god-tracts-nteb.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

ec8277ba77569e2aa9e92d30fd436bfb4502a45e737aa075e78ed75d99d8aa41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 157592
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jul 2019 19:03:30 GMT
server: nginx
etag: "5d38ab82-26798"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19006
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: STATIC/PATH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/TgS4xNW_jhI/ 33 KB
33 KB 12ms
7ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/TgS4xNW_jhI/hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6f9451f6092aa2a6fded041b12c005c6a6adc746a616d0464a38c55ea160ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:24 GMT
x-content-type-options: nosniff
server: sffe
age: 6
etag: "1612300659"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33712
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:47:24 GMT

GET
H2 200 Phobos-1024x1001.jpg
www.universetoday.com/wp-content/uploads/2010/07/ 102 KB
103 KB 47ms
16ms Image
image/jpeg 2606:4700:3036::6815:611
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.universetoday.com/wp-content/uploads/2010/07/Phobos-1024x1001.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 076d767c363c32d5678582ddb20fd22d7da947ba0a0a652e604c085977712a4c

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3095
content-length: 104499
cf-request-id: 0807273ef3000097d2cc987000000001
last-modified: Fri, 14 Apr 2017 11:51:24 GMT
server: cloudflare
etag: "58f0b7bc-19833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0yg3w1yTR%2BxdTd2%2Fh0hwfiKt4KPJS5SNYh9W7NAUhKxNJcq9VEI45as%2F%2Fs3YAuLVtAIDOzfJQR3RSXLrco0WbAQ8G9HoC7%2FYlZnSQ4GWn93BN6vVZOunjXdAEThG2Fr%2BqVc%3D"}]}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 61b874ab1bb097d2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wJ2l_Shp4731PNDAnLprBlx5_xyOAFIKKqocvglS9cJp-E_giV-KzI2-9SK8Jw4DdFqV_OoJSNO9D1xh4HgE6TqyvMh24riABKbsJfzpKATmyiq8swh4wgyEmlbj2E2WAsWjDt1w
lh3.googleusercontent.com/ 127 KB
127 KB 13ms
7ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/wJ2l_Shp4731PNDAnLprBlx5_xyOAFIKKqocvglS9cJp-E_giV-KzI2-9SK8Jw4DdFqV_OoJSNO9D1xh4HgE6TqyvMh24riABKbsJfzpKATmyiq8swh4wgyEmlbj2E2WAsWjDt1w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f76a62cb0e74cbf2e4d43fee0af95d84f39b29f36807ac317c2040f6d0c4ef4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:20:59 GMT
x-content-type-options: nosniff
age: 1291
content-disposition: inline;filename="uBliqEPj2WeG2AGJuSJS6boINJDEJbPH_u0xCeP_hUyJAPYs565xqgd4qNDXBT1oedLTi83uB2aoBuBhkODeIt9ANkbR16rbU0bKlfYs7lSD-tRMZFk4-Y2kNTyv7tHmU8qyOjlt.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129769
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 04 Feb 2021 01:20:59 GMT

GET
H2 200 OIP%20(17).jpg
beforeitsnews.com/contributor/upload/106013/images/ 7 KB
7 KB 26ms
21ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/OIP%20(17).jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21b64d0aa879b4a73d8e6092c861775816475b9ba29c46a77246cfd15697eb23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4242
cf-polished: origSize=7830, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6963
cf-request-id: 0807273eda00002bc66dbc9000000001
last-modified: Wed, 03 Feb 2021 00:28:09 GMT
server: cloudflare
etag: "6019ee19-1e96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 00:31:48 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61b874aaff102bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 BLM%202.jpg
beforeitsnews.com/contributor/upload/724569/images/ 57 KB
57 KB 22ms
18ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/BLM%202.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d5838fff9e048295d00caf08af00ed15060c8a849cbf6a73ba7db54f5513f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4242
cf-polished: origSize=64848, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57976
cf-request-id: 0807273eda00002bc656a43000000001
last-modified: Tue, 09 Jun 2020 14:07:09 GMT
server: cloudflare
etag: "5edf978d-fd50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 00:31:48 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61b874aaff122bc6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 EobjJCGXYAMXrxM.jpeg
i0.wp.com/www.occidentaldissent.com/wp-content/uploads/2020/12/ 138 KB
139 KB 63ms
26ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.occidentaldissent.com/wp-content/uploads/2020/12/EobjJCGXYAMXrxM.jpeg?resize=1024%2C638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

865a74b2093e110d007112c9ce0f18a30bd110238cb7fb4fe628e83d1511fbc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
x-content-type-options: nosniff
x-bytes-saved: 12528
content-length: 141603
x-nc: HIT ams 2
last-modified: Wed, 03 Feb 2021 00:10:20 GMT
server: nginx
etag: "71a7613e0071f293"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.occidentaldissent.com/wp-content/uploads/2020/12/EobjJCGXYAMXrxM.jpeg>; rel="canonical"
expires: Fri, 03 Feb 2023 12:10:20 GMT

GET
H2 200 181028-M-YQ395-0060Y.JPG
media.defense.gov/2019/Aug/05/2002166656/825/780/0/ 219 KB
220 KB 131ms
86ms Image
image/webp 2a02:26f0:6c00:297::221c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.defense.gov/2019/Aug/05/2002166656/825/780/0/181028-M-YQ395-0060Y.JPG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:297::221c , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2849ae374e830fe666bfe6167057ccff25ea28ac739229414651da268ebf83e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:31 GMT
last-modified: Wed, 20 Jan 2021 15:39:19 GMT
server: Akamai Image Manager
etag: 0x8D82BAF4F3E0E83
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, GET
content-type: image/webp
access-control-allow-origin: *, *
cache-control: private, no-transform, max-age=43200
content-length: 224234
expires: Wed, 03 Feb 2021 13:42:31 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/rcvpYXWDfIw/ 18 KB
18 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/rcvpYXWDfIw/hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86f3ff00cb2850df243c781145b7f9dc3b733e20c3654e021a3a82cee91e51d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:38:05 GMT
x-content-type-options: nosniff
server: sffe
age: 265
etag: "1612298560"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18806
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:43:05 GMT

GET
H2 200 MAINARCHBISHOP_NEW_5_1.jpg
www.catholicnewsagency.com/images/ 32 KB
32 KB 15ms
14ms Image
image/jpg 2606:4700:3036::6815:3aa9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.catholicnewsagency.com/images/MAINARCHBISHOP_NEW_5_1.jpg?w=600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3aa9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.14
Resource Hash: 671c44d5e809beb89913588934b9673cfc6fe2d08b164e44211e81e5929d75a9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:30 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 5570
x-powered-by: PHP/7.4.14
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KiqQ0pj3bxhenxDYmJfycTmowpF0zB1Q1gXFkKCc6z3l4eTqKZMqsBZ0%2FheZwV8pPu05fEpjaqljBJ7U4Z5cy7f6RbyFV6T0FCeTpGq5SOSt4kaubDzyTrBEV6mskoHTw9xKahG4IQ%3D%3D"}],"group":"cf-nel"}
content-type: image/jpg
cache-control: max-age=16070400
cf-ray: 61b874ab1a954a8c-FRA
cf-request-id: 0807273ef300004a8ccc119000000001
expires: Fri, 05 Mar 2021 00:09:40 GMT

GET
H2 200 Opera-Snapshot_2020-06-13_214432_www.usajobs.gov_.png
www.coronavirusoutbreakmap.com/wp-content/uploads/2020/06/ 61 KB
62 KB 527ms
141ms Image
image/png 192.169.172.158
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coronavirusoutbreakmap.com/wp-content/uploads/2020/06/Opera-Snapshot_2020-06-13_214432_www.usajobs.gov_.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.172.158 Scottsdale, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 816d2b6c7f70f54b8b9080df009521911a091f850b4af34a371dad1e8d450323

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:31 GMT
last-modified: Sun, 14 Jun 2020 02:45:40 GMT
server: Apache
accept-ranges: bytes
etag: "166689-f422-5a8024e437d00"
content-length: 62498
content-type: image/png

GET
H3-Q050 200 DSC01137.JPG
1.bp.blogspot.com/-eQurh9Ju_aU/YAWjCi_GynI/AAAAAAAAhfY/9waeKjOVDWw8cJ-6OfCr5oKhhZAqauVVACLcBGAsYHQ/w426-h640/ 73 KB
73 KB 35ms
20ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-eQurh9Ju_aU/YAWjCi_GynI/AAAAAAAAhfY/9waeKjOVDWw8cJ-6OfCr5oKhhZAqauVVACLcBGAsYHQ/w426-h640/DSC01137.JPG

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad2e5a145375ed3f12156d03ab4e54428c4b5475acf4b0bbd5e014c9d0f9a729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:05:05 GMT
x-content-type-options: nosniff
age: 5845
content-disposition: inline;filename="DSC01137.JPG"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74588
x-xss-protection: 0
server: fife
etag: "v85f8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 04 Feb 2021 00:05:05 GMT

GET
H2 200 210130-N-GW139-1009C.JPG
media.defense.gov/2021/Feb/02/2002574788/1088/820/0/ 98 KB
98 KB 101ms
76ms Image
image/webp 2a02:26f0:6c00:297::221c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.defense.gov/2021/Feb/02/2002574788/1088/820/0/210130-N-GW139-1009C.JPG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:297::221c , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

7d917c5300e047bcdc734b1252ca5343dbb0c89cc98c981e45ecd2d96df85cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:31 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 0x8D8C7C8E12C4FC4
x-serial: 650
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, GET
content-type: image/webp
access-control-allow-origin: *, *
cache-control: private, no-transform, max-age=43200
last-modified: Tue, 02 Feb 2021 22:27:54 GMT
content-length: 100038
expires: Wed, 03 Feb 2021 13:42:31 GMT

GET
H2 200 210120-M-ET529-1025C.JPG
media.defense.gov/2021/Feb/02/2002574790/1088/820/0/ 278 KB
279 KB 112ms
87ms Image
image/webp 2a02:26f0:6c00:297::221c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.defense.gov/2021/Feb/02/2002574790/1088/820/0/210120-M-ET529-1025C.JPG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:297::221c , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4b2207cac6e8c5a60e774bbbb77acecc765541dde7b03b370a589ee6398012a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:31 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 0x8D8C7C8BD4A52EE
x-serial: 1148
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, GET
content-type: image/webp
access-control-allow-origin: *, *
cache-control: private, no-transform, max-age=43200
last-modified: Tue, 02 Feb 2021 22:28:02 GMT
content-length: 285116
expires: Wed, 03 Feb 2021 13:42:31 GMT

GET
H2 200 Opera-Snapshot_2020-05-29_104440_www.worldwidevets.com_.png
www.coronavirusoutbreakmap.com/wp-content/uploads/2020/05/ 592 KB
596 KB 513ms
141ms Image
image/png 192.169.172.158
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coronavirusoutbreakmap.com/wp-content/uploads/2020/05/Opera-Snapshot_2020-05-29_104440_www.worldwidevets.com_.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.172.158 Scottsdale, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: f188f35858c45e257d9ce2de884de62bee0d892295626e176442798af5bf4a51

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:31 GMT
last-modified: Fri, 29 May 2020 15:47:15 GMT
server: Apache
accept-ranges: bytes
etag: "1a4c79-9408d-5a6cb5bf666c0"
content-length: 606349
content-type: image/png

GET
H2 200 210129-M-JQ384-1129Y.JPG
media.defense.gov/2021/Feb/02/2002574714/1088/820/0/ 151 KB
152 KB 105ms
87ms Image
image/webp 2a02:26f0:6c00:297::221c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.defense.gov/2021/Feb/02/2002574714/1088/820/0/210129-M-JQ384-1129Y.JPG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:297::221c , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6e4f8fcd8581c4410c5d1c2c7ffb24901e7dccb2a4745e270f62e5c5a2c6cd59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:31 GMT
last-modified: Tue, 02 Feb 2021 22:47:09 GMT
server: Akamai Image Manager
etag: 0x8D8C7CAA1C87E3D
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, GET
content-type: image/webp
access-control-allow-origin: *, *
cache-control: private, no-transform, max-age=43200
content-length: 154750
expires: Wed, 03 Feb 2021 13:42:31 GMT

GET
H2 200 210202-A-OA805-003C.JPG
media.defense.gov/2021/Feb/02/2002574791/1088/820/0/ 209 KB
210 KB 105ms
88ms Image
image/webp 2a02:26f0:6c00:297::221c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.defense.gov/2021/Feb/02/2002574791/1088/820/0/210202-A-OA805-003C.JPG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:297::221c , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

12bf7f294ee1aec4c8bc3239359d38666943f34f27618a0102dd3bbb56289bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:42:31 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 0x8D8C7C8950EBF88
x-serial: 1126
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, GET
content-type: image/webp
access-control-allow-origin: *, *
cache-control: private, no-transform, max-age=43200
last-modified: Tue, 02 Feb 2021 22:28:13 GMT
content-length: 214514
expires: Wed, 03 Feb 2021 13:42:31 GMT

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: SjZO5X6bWfA
beforeitsnews.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22TgdnY8qhl%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1612316549483%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1612316549882%7D%7D
.beforeitsnews.com/	1970-01-19 15:51:56	Name: _gat_gtag_UA_16055024_1 Value: 1
.beforeitsnews.com/	1970-01-19 15:53:22	Name: _gid Value: GA1.2.899354887.1612316549
beforeitsnews.com/	1970-01-20 15:51:56	Name: b4in-uuid Value: a02c1b4e-e506-4b34-9f19-c53add64021f
.vimeo.com/	1970-01-20 09:23:08	Name: vuid Value: pl334928661.2057951386
beforeitsnews.com/	1970-01-19 15:52:04	Name: __cflb Value: 04dToerZmTfQcfwEHt8ULGdndf17BZ43jNXd5gPMh1
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s3
.youtube.com/	1970-01-19 20:11:08	Name: VISITOR_INFO1_LIVE Value: gumMhXmy0co
.beforeitsnews.com/	1970-01-20 09:23:08	Name: _ga Value: GA1.2.167087196.1612316549
.beforeitsnews.com/	1970-01-19 16:35:08	Name: __cfduid Value: da63eb549667f5ea0e40ab5f6072cb8c71612316548

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://beforeitsnews.com/(Line 490) Message: [Web Cached] Loaded time: 0.00261s
console-api	log	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js(Line 33) Message: Save the new UUID to a cookie what will expire after 1000 days
console-api	info	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js(Line 39) Message: adsVideosRotating: id62 views: 7,467.9k
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2021131(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2021131(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ajax.beforeitsnews.com
ams.creativecdn.com
beforeitsnews.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.britannica.com
cdn.mgid.com
cdn.onesignal.com
cdn2.lockerdomecdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.qz.com
creativecdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
green.erne.co
herbanomics.postaffiliatepro.com
i.imgflip.com
i.ytimg.com
i0.wp.com
img.beforeitsnews.com
img.youtube.com
jadserve.postrelease.com
jamesredpillsamerica.com
jsc.mgid.com
l.sharethis.com
lh3.googleusercontent.com
lisahaven.news
lockerdome.com
match.adsrvr.org
media.defense.gov
media.mercola.com
pagead2.googlesyndication.com
platform-api.sharethis.com
player.vimeo.com
prepareforchange.net
rddywd.com
rumble.com
s-img.mgid.com
s.tradingview.com
s.w.org
s3.amazonaws.com
s3.tradingview.com
secure-assets.rubiconproject.com
secureservercdn.net
servicer.mgid.com
static-3.bitchute.com
stats.g.doubleclick.net
translate.google.com
translate.googleapis.com
welovetrump.com
www.ancient-origins.net
www.catholicnewsagency.com
www.coronavirusoutbreakmap.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.naturalblaze.com
www.nowtheendbegins.com
www.prepperfortress.com
www.universetoday.com
www.youtube.com
x.bidswitch.net
104.154.142.214
104.16.199.73
104.18.12.238
104.18.64.15
104.19.133.78
104.19.217.61
104.26.3.103
13.224.194.104
142.250.185.130
143.204.93.113
143.204.93.86
151.101.12.217
151.139.242.29
169.59.64.184
18.200.32.159
18.208.113.131
184.30.212.16
185.184.8.30
185.59.220.198
192.0.66.2
192.0.77.2
192.0.77.48
192.124.249.6
192.169.172.158
2600:9000:20eb:2a00:c:abe:f440:93a1
2600:9000:2156:6400:c:a9b7:ddc0:93a1
2600:9000:2156:b400:1c:8a07:5e80:93a1
2606:4700:10::6816:4b8a
2606:4700:20::681a:493
2606:4700:20::ac43:4a9e
2606:4700:3030::6815:4d0
2606:4700:3031::6815:123e
2606:4700:3035::ac43:8a23
2606:4700:3035::ac43:b12e
2606:4700:3036::6815:3aa9
2606:4700:3036::6815:611
2606:4700:3036::6815:eb9
2606:4700::6812:e234
2a00:1450:4001:801::2001
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2016
2a00:1450:4001:821::2008
2a00:1450:4001:821::200a
2a00:1450:4001:825::200e
2a00:1450:4001:827::2003
2a00:1450:400c:c00::9c
2a02:26f0:6c00:297::221c
2a02:fe80:1010::16
3.124.48.224
35.157.221.90
45.33.3.7
52.217.49.238
64.62.227.18
94.23.171.206
015e60058339f7e4d8c417f6d11149d2ec03f7a43a902b281be46b9dd806b123
03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126
0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
06ad3400043c53b8ae27f28d253c62d635a603a967a810f5c6718fb5b7b2c1f5
06f926e3af6282927cbd9206122c2860cc2c7ca80f53bd52db02202dcb174ecd
076d767c363c32d5678582ddb20fd22d7da947ba0a0a652e604c085977712a4c
0cf458494d4a2a7b6f66ce5e51d75403f6b82eec3a1df59df635decb9c2e86dd
0efd9616a4b3008bd4f9d259a71fc533a70cf30c64e02d8e90e127a2d2e29231
1022019395c8ba5831ef367bec12d9c0c837362a95b32cab0e2db67dc3c9a5ce
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc
127b29685dc9d533568dd34d5d58f1fd322a850c1d8e71d9ab32a35c78d12161
12bf7f294ee1aec4c8bc3239359d38666943f34f27618a0102dd3bbb56289bc5
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
15548c0524d17fb40eaf43bad7d941363f058bb411422c1115e8854e9de95a42
1560925b7d4f6a008e0c975ae68e14b58311a7ab03f2c09da2487cf8e8d27aca
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
21b64d0aa879b4a73d8e6092c861775816475b9ba29c46a77246cfd15697eb23
2302fbd28028ed9872fa433b5791ae27ad55a706d41dc45d9621b95f670f3b31
244d38a9b5430fad05284ad97daf5ef5c25e38c6ca89d89a994dc5c0fc9166e3
2849ae374e830fe666bfe6167057ccff25ea28ac739229414651da268ebf83e9
2bc69d10fb34b45d5325071130fa0fb2b1a7062160a8f5a34753e5bb90459218
2be19fae137ad28213988386e7fc91d3eb703417f934d49d7fae999a724beca8
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2c7da73517c44c3561d66212f526c139277fdb881ea93bf6eaebb1ba0fee4f57
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
3127824125cb1531ae608bc9fd38ac15503cfb57acf0feffa9842778c23df215
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
33612e751c6934579b9ee28cd491269252c1f36544092a23ea3e122e51bd0041
33635398eefcc793cd01e22b2bc4cbc81e2ffb11040e5d0adcd8cf3e73aa2c6d
33935025719f5668bfab105458c9ce15c77fc676813cf0bb7ddc29a2c59c3df3
33c85261a3d0f88a2561feaf5047a2f439c7ba73a0650566b7de7c853934e221
362926319935a032972f367a62efd55cdbc551ef1f582b24ce9d36650fb4bf2a
38cd50eeb399768e0cb1b8faa017ac441b6f895429eb20f843d868c10f680a39
39f4bfdc3078b2b40939f2f6b65d2dfad47eac224ec676b75b7815e6a1762589
4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
44d7c5c6c074e87f9c72f3d1bb51c534a8fc8171d2ea19aa29075f39e1177635
45d852414d84ba0e64f59d55287d44d956fbde7e03859559ad80c85daa2408bb
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
4a47a1c684c7fb4963f5d13d9150efa68b10ae3b149c5600197572c4079fea67
4b2207cac6e8c5a60e774bbbb77acecc765541dde7b03b370a589ee6398012a8
505ea0787e5fe2cf8f8b3286c7a61448bc151ef12283fcb1b5855a3e796d0494
526ec720e1fa15906b7d15832e6276d51a521a3170c245fab7bb9f894133c6e1
528ce03a2bef841d2680e31a534b35f8599a515247a5d5139fc16a09cd522f42
52990ffe56ffde7523f99ec1d8b9f751bce3c861fd1062cb4788f6cd18f969c1
5d71be5827a35193b364c8edb88286627a2abd74e5cb5753d99326f503b46f35
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
5ff694d2c859f7b0bdeefd72e29dc903a8ebfa6b2092927c5e04cdda12fdb337
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
62d2b8d827407d16f0c4ea40b02e663f97552c466527c69c17ae9fcc17c91f6e
6485519b3d743cea9e6cad1d62468799b0eb5beb253e4ff8b947e2d626c1f900
671c44d5e809beb89913588934b9673cfc6fe2d08b164e44211e81e5929d75a9
67431083aca09706fe1051aee8b2da9fb98401c956dcbf60e356ae54f17842f6
6e07380db23f60b5c28611eb12f99476fb037300142ebbbdf38e2254a4dedbea
6e4f8fcd8581c4410c5d1c2c7ffb24901e7dccb2a4745e270f62e5c5a2c6cd59
6ebe2d94c93778217d1f322b2d83320daafc8a1e17251686e05dcae3abbfe982
6efadce41ae376140acf28c0c20ad12dc8f1aedbb605e458bcb59ed9cf2db21e
6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f
70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03
71b3acd12be12efc5c40002e994f5c9670fcaf0af0a3a7f189f590d0443f7e74
768f13786a164c07fcdaa08330ca77736f6ab047df53109a013408521adff987
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7a200701c53c115d1426b0e499872f764a6562e985a39a0796b152b9c31a72ba
7adef6f215fe120a18bfd5fde6a18059050ef29d3276e9fc799cda9323bc1a7a
7d5838fff9e048295d00caf08af00ed15060c8a849cbf6a73ba7db54f5513f20
7d7393bc58991db7145271fb67b839bb22ef2b2beb1df7b16a26b7c9738ed693
7d917c5300e047bcdc734b1252ca5343dbb0c89cc98c981e45ecd2d96df85cdf
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
816d2b6c7f70f54b8b9080df009521911a091f850b4af34a371dad1e8d450323
81c1fe535f45c0f4851a9df546d55e3d7f2186147a61983ed0fd3f7899479b95
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856d10b22b78d8dca542577503906fdda7c04a04a8e5f6fbfe677c02ab92810b
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
865a74b2093e110d007112c9ce0f18a30bd110238cb7fb4fe628e83d1511fbc2
86bcb054100098a36e015a8417af04857ac0b41f4328e14964879da533116b1e
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
86f3ff00cb2850df243c781145b7f9dc3b733e20c3654e021a3a82cee91e51d2
88a4df55742ae4f4d4b565dd8bc4f975fd75018ea015e38d55abd7961a1f0b42
8cb4029771ffe1464f3fb6e54728d1638e829ec2d8fa56a739f5fb5f7021697e
8ddb279c37828ac17aafcd02acdf38d9ee46acfa09c5712c2fbaab6584705fd3
8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119
95618d0ac377efaa3f06e4584315a42de11d69a86e1eaa00cd0ee23b642bad40
98173d17112b2cc3b483ebf3e9fb49d77c65160644eb3f24504e442b21d4223f
996277c095c599bd4f3be801fc1fcc9a12d1662bfdec10ef23f06b89a2770810
9b0b2cd5757d6b64053bb76659daed8efcd25c0fa31fa61aac8771e74ff84488
9e4c14b015bcbb4940d8cc3fdb99e42b6121e4142f7f9384e3e048cd8395e56e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4b9574fef14454860c3c8a8014056f06be97652a80222c03ad8e7b85e7ac0a5
a5047ca1d9a3264e4262dc2c89f057cc5bb77e61e9e0e7bccf691db41aed527c
a5a20f38b2648821b4b3752f387ec7d32f49cfc46efdc92a4d603781d6f876a7
a855d275afd3638c7d7d62e6b27285a2534fc64d07529fc20e4ff4ca15fba21b
a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ad2e5a145375ed3f12156d03ab4e54428c4b5475acf4b0bbd5e014c9d0f9a729
ada575bbeea74f31166efec688e8f9c31a1e4301aef318346d3681f700f72250
b233d768686d7fa50983a593a0970fcb5dbcb01e026357e0a853b61341797007
b276b12bb10237fd6ac51425e7b513d7e294345c367a58093d4b0c9ea7fba30d
b2e5a638fb07ba8200e62d0abebcc5d24fe3c6702d1591b25496a6e3699b1f25
b371fbc2acb6c5c4af29c79140b400e279e48c55c284d30c6757dcd80e797680
b49807c7a2b975537a8ef4a7a5790369c7ba710e65056187143b6414830c4d52
b6d3b0537a9c46317d65f7511415cca88bc7ba44f64511d13c80302c37926b08
b6f9451f6092aa2a6fded041b12c005c6a6adc746a616d0464a38c55ea160ef9
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
bda4f48aa086eae3051a505a9959cf1ae9fab829a934069bdc146547cf79cc6e
be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c
be9f2a565ab87f8116aae70b759f704f1a258e8da5e46825f175fa91a130fc7e
c2c25f05092d541c3344cb084648179134e94e3aa3f2b1a3b12c1a3863b776c8
c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1
c7c75f49a26f7c06241b4d889071792777c90b927424e6caf778c4b3b76faf6b
c9878dd957f48d334a326be363d7eefe2eb9a79f2d7d34763e44598e42e18cf8
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb5e040d7ee074da5efbf036df02664d305d8ad860d72d2fcc436ecb332ff907
cc978d7cff4041a0b65fec9630e7ae4ac16a140c47930c46406dfba20d32f690
cdcbbb547e1a129198596d3cdcf178fc7892afc8d3f77093ebf1bfe90a84cbce
ce9dac4d65255594816786dd6a3b810bfe4795a5e1780e9f74fb5637d0bf8e54
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d0f2a47c0d7b69a2c6cec08295022cd0302884d2e527a6ef3daa0c19c7b8ddec
d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d2e9fa436600eeae4783f245b7a7cc00ff6f50aed37fa1780cf828a3f07b0e52
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
d4440bf21471c818418323f0ce28be9f0bb5684814631683d948f2d5c69676f5
d615b21ab0411601331c4fafce146759ad99178d33f5a5d9c40f121c3aaf8999
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0e59b33f190619c0a72f134b8a63462def9238acbed251ef993fc84c6e0c54e
e0ee50df0c8c092133de69d4a70205f09a9b7e5f6b2d6342dd926dc41535e959
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e55f74fbd62d2e12800750904cba9f5b4da47182cc2704dc640652280262d537
e5eead752d460fcd93ef3ab17e9dbf2b0dc0ff32536640d64012077ed9834cce
e85c96975ada9e742e0c39ae4514eca0002dd691af8bc9985b520075448eb3de
ea83be286683fb13d1423f5902085c452e204031dc90c9f379e2098145a48cb8
ec8277ba77569e2aa9e92d30fd436bfb4502a45e737aa075e78ed75d99d8aa41
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f188f35858c45e257d9ce2de884de62bee0d892295626e176442798af5bf4a51
f76a62cb0e74cbf2e4d43fee0af95d84f39b29f36807ac317c2040f6d0c4ef4a
f83ff9514472cede101a00834940703c776c30b7d93cf91beda8d11e0fdbafa3
fe6170c0f58373c5a4a0f4b82bac4b887163d57a4a50d2d74db5d69a357fc0fb
fef7f94394869e0d65ca5bf9d7199420d195c8ce1010038502dd072359ade759

beforeitsnews.com Open in urlscan Pro 2606:4700:10::6816:4b8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

174 Requests

100 %HTTPS

51 %IPv6

53 Domains

70 Subdomains

57 IPs

9 Countries

22432 kBTransfer

23504 kBSize

11 Cookies

27 Outgoing links

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

100 %
HTTPS

51 %
IPv6

53
Domains

70
Subdomains

57
IPs

9
Countries

22432 kB
Transfer

23504 kB
Size

11
Cookies

174 HTTP transactions
3 data transactions